MacInTouch Amazon link...

AirPort issues/alternatives

Channels
Apple, Security, Products
I was a bit surprised that Comcast doesn't explicitly tell customers who rent its cable modems that they're helping Comcast to create an omnipresent WiFi network. I think a case could be made that Comcast customers should be compensated for (or at least not charged for) renting access points that advance Comcast business as well as providing the customers their internet access!
I don't think they're trying to hide this fact, even though they don't advertise it.

They say the service doesn't lower your cable modem bandwidth, which might be true, since the raw cable has far more bandwidth capacity than anything you could subscribe to.

They also say it doesn't threaten your LAN security, because this guest network provides separate IP addresses and only routes packets to the Internet, which is probably true, although it's possible that a bug in the firmware could be exploited to violate this firewall.

I think you could make the argument that the additional SSID clutters up the spectrum, lowering the signal quality for everybody else - probably true in dense urban environments where spectrum is already pretty cluttered. You could also make a (weaker) argument that the additional SSID consumes more power and therefore raises your electric bills. Maybe, but it would really surprise me if this is significant compared to normal router/Wi-Fi usage without the 'xfinitywifi' network being active.

There was a lawsuit over this in 2014. It appears that the judge suspended the suit, compelling arbitration instead. I don't know the outcome, but I assume Comcast won, because the "xfinitywifi" SSID still exists.

Personally, I think that was correct. People claiming that Comcast doesn't have permission to run an extra network on "their" router seem to forget that when you're leasing the router, it isn't yours - it belongs to Comcast. If you want it to be your own router, you can buy one - Comcast doesn't run this network on purchased routers.
 


Call me cynical, but what are the odds that Comcast's reply would be that your discount has already been applied and that you'd be paying more otherwise?
When I signed up with Xfinity (Comcast), I was advised that there was a 'public' hotspot associated with my access point (combo modem/router). The primary reason for it (according to Xfinity) is to allow guests access without having to give out your own access password.

They also mentioned that it could be turned off, should you so desire. I haven't found any reason to so, other than trying it, I have left it on.

They do have a number of public WIFI hotspots in our area, including one right across the street from us. That makes it easy to connect if I am in the yard working. Saves on the cell connection with the phone. And, with the 'public' WIFI hotspots, who knows if they are connecting to my access point or the one on the pole across the street?
 


Call me cynical, but what are the odds that Comcast's reply would be that your discount has already been applied and that you'd be paying more otherwise?
I called Comcast and requested that they turn it off, which they did, and there was no change in my service rate.
 


Call me cynical, but what are the odds that Comcast's reply would be that your discount has already been applied and that you'd be paying more otherwise?
And my reply to that (remember, I don't rent a cable modem from them anymore) would be, show me the discount; i.e., I think the rental fee is the same or higher than it was before they developed their distributed network.
 


I was a bit surprised that Comcast doesn't explicitly tell customers who rent its cable modems that they're helping Comcast to create an omnipresent WiFi network.
If they did, I suspect it would become an uncomfortable conversation for them. The radios necessary to make it happen use additional electricity, and guess who pays for that?

Apart from that, the aspect I especially did not like (when I had such a router) is that I had to contact them to turn the feature off. While I'm pretty sure that change is nowadays possible via their website, the issue remains: if they can turn it off, they can turn it right back on. I'm not sure they wouldn't just because they shouldn't.

The only way to make sure is to buy your own router, which won't include the feature. That alone makes the expense worth every penny.
 


I have Frontier FIOS. Bought the Google mesh WiFi system off Amazon for my 4-bedroom house. So I have 150 Mbps everywhere. Plugged my Time Capsule into it via ethernet, so I can still use that for iMac and MacBook Pro backups. My Fios modem has wifi, too, but I don't use it.
 


Apart from that, the aspect I especially did not like (when I had such a router) is that I had to contact them to turn the feature off. While I'm pretty sure that change is nowadays possible via their website, the issue remains: if they can turn it off, they can turn it right back on. I'm not sure they wouldn't just because they shouldn't.
The process to turn off the 'public' WIFI is easily accessible on the web. And, as I said, they mentioned that there was such a network when they installed the modem and showed how to turn it off. Because they had to lay cable to my house (no cable TV), they also sent out the modem with a person to install and explain. Since there was no additional cost above the cable install itself, I let them make sure the modem was set up properly. And the installer was very comfortable in setting it up the way I wanted.

As far as electricity, I suspect the amount used would be so minuscule as to not be measurable, especially when compared to the usage created by other electronic devices (TVs, printers, computers, etc).
 


... I think you could make the argument that the additional SSID clutters up the spectrum, lowering the signal quality for everybody else - probably true in dense urban environments where spectrum is already pretty cluttered. ...
The Comcast SSIDs are names for access to the same WiFi channel as the customer uses via the same [radio] channel. There is no extra clutter of the spectrum. For example, if 'Customer-WiFi' is on channel 11, than 'xfinity' (from the same Comcast gateway) will also be on channel 11 using the same WiFi modem and RF equipment.

Software magic in the Comcast gateway separates the customer WiFi traffic to the cable from the public traffic. Speed settings are independent, because everything is managed in the gateway.

What can occur is congestion on a particular channel, due to lots of users, whether customer or random public. This is the primary justification for turning off the public access, either administratively or by using your own equipment.
 


A tangental FWIW: I think of my wifi/router like I do my computer chair: too important to skimp on, considering I'm sitting here almost all day, every day. Even though I have a 24-port switch for wired connections (which I prefer to wifi when feasible), having a good modem and wifi/router is essential (in my opinion) to a more pleasant daily experience.

I'm personally very happy with my Comcast 1Gb service, but I use none of their hardware. My modem is a Motorola MB8600 (DOCIS 3.1) and my router is a Linksys EA9500 (AC5400). The router is behind a Bitdefender "Box".*

With this setup, I get up to 960 Mbs download wired, and up to 660 Mbs on wifi.

Further, I can control all the settings exactly as I please, which is important to me, and why I mention it here.

(*Since some will ask: the Box slows down my connection by only 2 or 3%. Since I also have a bunch of IoT units (light switches mainly, plus Alexa), I'm willing to make that very modest tradeoff for security. your milage may vary.)
 


The Comcast SSIDs are names for access to the same WiFi channel as the customer uses via the same [radio] channel. There is no extra clutter of the spectrum. For example, if 'Customer-WiFi' is on channel 11, than 'xfinity' (from the same Comcast gateway) will also be on channel 11 using the same WiFi modem and RF equipment. Software magic in the Comcast gateway separates the customer WiFi traffic to the cable from the public traffic. Speed settings are independent, because everything is managed in the gateway.
What can occur is congestion on a particular channel, due to lots of users, whether customer or random public. This is the primary justification for turning off the public access, either administratively or by using your own equipment.
David is essentially correct - unless Comcast has some sharp engineers who are able to override the laws of physics. Two "radios" on the same frequency (after all, WiFi modems are just radios) will, without a doubt, affect the throughput of any device on that frequency. Even a modem that is not being used, as in no clients, still is broadcasting (that's how you can "find" it).

Years ago I had done tests with this, when Comcast started this mess with their Xfinty WiFi, checking throughput both with and without that radio turned on. This was when I discovered that one is unable to set the user WiFi and the Xfinity WiFi to different channels. I had Comcast tech support and then engineering really perplexed with that issue for quite some time. I can't locate the web page right now but subsequent to our extensive discussions Comcast added a very small type disclaimer to the bottom of a WiFi ad page noting that overall performance would be "slightly" affected. I actually had an engineer tell me, when brought to his attention, "we didn't think of that".

Some laws are really bad, but laws of physics (and radio transmissions) are sort of like gravity; they are good and they are the law.
 


The Comcast SSIDs are names for access to the same WiFi channel as the customer uses via the same [radio] channel. There is no extra clutter of the spectrum. For example, if 'Customer-WiFi' is on channel 11, than 'xfinity' (from the same Comcast gateway) will also be on channel 11 using the same WiFi modem and RF equipment.
Software magic in the Comcast gateway separates the customer WiFi traffic to the cable from the public traffic. Speed settings are independent, because everything is managed in the gateway. What can occur is congestion on a particular channel, due to lots of users, whether customer or random public. This is the primary justification for turning off the public access, either administratively or by using your own equipment.
Then there is rural America (and elsewhere), where someone hopping on a wifi channel would have to drive onto my property.
 


A tangental FWIW: I think of my wifi/router like I do my computer chair: too important to skimp on, considering I'm sitting here almost all day, every day. Even though I have a 24-port switch for wired connections (which I prefer to wifi when feasible), having a good modem and wifi/router is essential (in my opinion) to a more pleasant daily experience.
I'm personally very happy with my Comcast 1GB service, but I use none of their hardware. My modem is a Motorola MB8600 (DOCIS 3.1) and my router is a Linksys EA9500 (AC5400). The router is behind a Bitdefender "Box".*
With this setup, I get up to 960 Mbs download wired, and up to 660 Mbs on wifi.
Further, I can control all the settings exactly as I please, which is important to me, and why I mention it here.
(*Since some will ask: the Box slows down my connection by only 2 or 3%. Since I also have a bunch of IoT units (light switches mainly, plus Alexa), I'm willing to make that very modest tradeoff for security. your milage may vary.)
For an individual, can you really take advantage of a 1 Gig internet service? Do the outside backbone and the servers you visit have the ability to send out their pages at 1 Gbps? I have over 100 mbps at my office and 13 mbps at my house, and I can tell the difference when downloading a 2 gig update, but a lot of the time I can not tell much difference when loading a web page.
 


When I signed up with Xfinity (Comcast), I was advised that there was a 'public' hotspot associated with my access point (combo modem/router). The primary reason for it (according to Xfinity) is to allow guests access without having to give out your own access password. They also mentioned that it could be turned off, should you so desire. I haven't found any reason to so, other than trying it, I have left it on. They do have a number of public WIFI hotspots in our area, including one right across the street from us. That makes it easy to connect if I am in the yard working. Saves on the cell connection with the phone. And, with the 'public' WIFI hotspots, who knows if they are connecting to my access point or the one on the pole across the street?
If you're curious, you could download iStumbler, which can give you information about all SSIDs it discovers in your neighborhood. The Comcast ones will broadcast themselves, and you should be able to tell if you are connecting to theirs or your own.
 


If you're curious, you could download iStumbler, which can give you information about all SSIDs it discovers in your neighborhood. The Comcast ones will broadcast themselves, and you should be able to tell if you are connecting to theirs or your own.
WiFi Explorer from the macOS App Store is also quite useful. The connected channel is highlighted in the display.
 


Further, I can control all the settings exactly as I please, which is important to me, and why I mention it here.
The exception to that is, of course, the modem's firmware, for which the decision of when or, sadly, even if it ever gets updated remains the cable provider's exclusive prerogative. I wish that weren't the case...", but, oh well...

Still, if there is a version with a known problem, I believe it should be the customer's exclusive decision to install it or not, even though I recognize the importance of providers testing firmware for compatibility, etc. I also realize that allowing them to do the updates makes novices and people who simply don't care about taking time to install updates infinitely more secure. I would therefore suggest they continue to be automatic by default – with an off switch made available for everyone else.
(*Since some will ask: the Box slows down my connection by only 2 or 3%. Since I also have a bunch of IoT units (light switches mainly, plus Alexa), I'm willing to make that very modest tradeoff for security. your milage may vary.)
Interesting! I had long forgotten that even existed. Have you found that it has indeed provided additional security rather than a mere placebo effect? Does it require that any client software be installed? I didn't have such a good experience with their 2019 software under Windows, but a hardware solution might be nice.
 


For an individual, can you really take advantage of a 1 Gig internet service?
I take your point, but I I do a lot more than look at webpages and read email. I develop and support a number of websites for commercial clients. The faster service multiplies my upload speed to 48Mbs and since I'm also a programmer, the faster download speed is worth it for gigabyte-size downloads. (It doesn't hurt with Netflix either. ;-)
 


Interesting! I had long forgotten that even existed. Have you found that it has indeed provided additional security rather than a mere placebo effect? Does it require that any client software be installed? I didn't have such a good experience with their 2019 software under Windows, but a hardware solution might be nice.
Well, for that kind of $, it had better be more than wishful thinking! :-)

I did run some modest tests against a few things, when I first got it (it seemed to work), and the online log says it has blocked several things in the past week. That said, yes, it also requires a BitDefender annual license and software. It's $99 per/year for all the bad guys you can eat.

There are some 60+ items in my house connected to the net (not just computers, but media boxes, amps, light switches, DVD player, Tivos, iPhones, iPads and on and on), so it amortizes well.

If you have suggestions as to how to test the Box per se, I'd be happy to hear them.

Tom's has a review here:
 


If you have suggestions as to how to test the Box per se, I'd be happy to hear them.

Tom's has a review here:
That's quite a comprehensive review; thanks for that. It notes that the only metric to experience a noticeable change was latency, which (in their testing) increased by 25 percent. Do you use VOIP? I've been considering trading Comcast landline service for Ooma, and I fear it may be sensitive to such an increase.
 


That's quite a comprehensive review; thanks for that. It notes that the only metric to experience a noticeable change was latency, which (in their testing) increased by 25 percent. Do you use VOIP? I've been considering trading Comcast landline service for Ooma, and I fear it may be sensitive to such an increase.
I had Ooma, and loved it... but then my cell phone is unlimited minutes, and isn't tied to my house, so I gave away my Ooma unit. Sorry I can't be more help.
 


I had Ooma, and loved it... but then my cell phone is unlimited minutes, and isn't tied to my house, so I gave away my Ooma unit. Sorry I can't be more help.
Oh, but you have helped me; it's great to know it worked well enough for you to be able to say that you loved it. Thank you!
 


Oh, but you have helped me; it's great to know it worked well enough for you to be able to say that you loved it. Thank you!
I was not clear... that was before I got my Box. I have no idea how it works with a Box (although you could get a little switch and just put it in parallel with the box...).
 


I was not clear... that was before I got my Box. I have no idea how it works with a Box (although you could get a little switch and just put it in parallel with the box...).
Quite the contrary; it is I who was unclear. I understood you perfectly. I nonetheless very much appreciate hearing yet more evidence that I made the right choice in buying my Ooma hardware (which I have not yet had the time to set up, test, and experience.)

I also appreciate your switch advice!
 


I'm about done with my old AirPort Extreme and am seriously considering going with a Plume mesh network. Anybody out their using Plume who wants to comment on how it compares to other competing solutions?
 


Ric Ford

MacInTouch
I'm about done with my old AirPort Extreme and am seriously considering going with a Plume mesh network. Anybody out their using Plume who wants to comment on how it compares to other competing solutions?
That's an interesting "system" I hadn't heard of, but reading their website raised concerns for me about potentially intrusive/invasive monitoring and tracking, and I didn't find their documentation very transparent on those topics amidst its hand-waving about "artificial intelligence", "engagement", "curation", "monetizing/leveraging", "collecting data", "client steering", etc.

This company's marketing claims seem so vague and ambitious that I question its solidity and products, as well as their effects on security and privacy, but I expect many of the themes and approaches touted here may become more and more widespread (and intrusive) as they're adopted by major Internet, media and phone providers in various guises (and perhaps "leveraged" profitably by smaller companies, such as this one, as well).

A few initial questions:
  • Can you use a VPN to tunnel through this system?
  • What data, exactly, does this system collect? Is that clearly and definitively documented anywhere?
  • What data does the company store in the cloud (apparently Amazon AWS) and how well is that data (e.g. passwords) secured?
  • What's the company's pitch to providers (e.g. Comcast?) vs. to the public, e.g. re: tracking and security?
  • How exactly does the company's business model work? Where does it get its revenue? Is it profitable?
  • Is the company public or private? What's its ownership?
(I also have questions/issues regarding Google mesh systems and others regarding privacy/security, and about how artificial intelligence and control over Internet access will affect us going forward, regardless of Plume's part in the process.)
 


That's an interesting "system" I hadn't heard of, but reading their website raised concerns for me...
Comcast has taken a financial stake in Plume and is repacking their gear under the xFi label. I believe you can use a VPN but would need to put Plume in Bridge mode through another router.

Their cloud-based software is a membership subscription model with a one-time lifetime membership of $200. Here a review on Mashable. Here's another review.

What I'm trying to get a better sense of is how they manage your data.

They don't have huge financial backing but here's the Crunchbase overview. This press release on their new PowerPod deployment option in the UK also caught my eye.
 



For the life of me, I'd like to know what Apple's ultimate home networking strategy is. Seems like another key area they are overlooking. Search for Airport on the Apple web site and you are likely going to be steered to someone else's equipment. Is HomeKit even a thing yet that anyone uses? And I would never want a HomePod or other voice-activated "spy" in my house. AppleTV+? Who uses a TV anymore?

Just give me a fast, secure, easily deployable and configurable wireless networking solution that I control and own all aspects of (including the data).
 


Ric Ford

MacInTouch
What data, exactly, does this system collect? Is that clearly and definitively documented anywhere?
For what it's worth...
Plume said:
Plume Privacy Policy
...
  • Information about your connected devices: This information includes the type of device you use, operating system version, user agent information, a sampling of DNS requests, device hostname, the nickname given to the device and the unique addresses of the device....
  • Safety controls and security features: Safety controls and security features require the monitoring of device network traffic like source and destination traffic headers, IP addresses, ports and DNS requests. We use this information to protect home devices from contacting malicious Internet locations or websites and content that has been identified as inappropriate by Plume in accordance with the content filters set by the Plume App user, prevent them from being hacked, app reporting and analytics, and to identify device behavior that may indicate an anomaly or attack, when the security feature is On. The safety controls and security features can be turned Off for some or all home devices, which will turn off the data collection. If you are using the WiFi of someone while the safety controls and security features are On, note that the user of the Plume App may link the activity on your device to you, and see in the Plume App information about your use of the WiFi, such as whether your device is currently connected to the WiFi, since when it is connected, a blocked domain name that you tried to access, and the time when you tried to access it.
... We collect certain information via cookies, including your browser type, operating system, domains, IP address, the URL of the page that referred you, referring/exit pages, the different actions you performed, such as page views, how you interact with our Services and with third-party links, traffic and usage trends.
...
We may use our own analytics cookies or third party analytics providers to collect and process certain data analytics on our behalf. For example, we use Google Analytics, an analytics service provided by Google....These providers may also collect information about your use of other websites, apps, and online resources.
...
  • We allow third-party advertising partners to use cookies on our website to collect information about your browsing activities over time and across websites. We also work with these third-party advertising partners to market our services to you on other websites, apps and online services. For example, we use advertising services provided by third-party ad partners, such as Google Display Network and Google Analytics Demographics. Through a process called "retargeting," each service places a cookie on your browser when you visit our website so that they can identify you and serve you ads on other websites around the web based on your browsing activity.
  • Third-party content. Our website may contain links to other websites operated by third parties and may include social media features such as Facebook and Twitter buttons (such as "Like," "Tweet" or "Pin"). These third-party websites may collect information about you if you click on a link and the social media websites may automatically record information about your browsing behavior every time you visit a website that has a social media button.
...
  • We may share or transfer Personal Information as part of a business deal such as the financing, sale, merger, bankruptcy, sale of assets or reorganization of our company.
We may also share Personal Information with our business customers...
 


I scanned the Ars Technica review and the Plume privacy policy. The website bothers me; they seem totally uninterested in revealing why their stuff works.

Then I thought about Apple's pricing for a 3TB "Time Capsule" and a single, bridged, last-generation Airport Express (which is the setup in my Comcast-fed home, where my "modem" is a DOCSIS 3.1 customer-owned device not working to extend Comcast's own public or secured (xfinitywifi and XFINITY, respectively) networks.

My "solution" doesn't adequately perform in my 1800-ft2, two-story house. I don't know if it's because my Airport Extreme is flaky or just the topology of the house. If I were staying here, I'd probably jump for the faster Plume config with lifetime service. Considering Tim Cook's claims that Apple keeps your private stuff private, counterpointed by the apparent fact that your Watch might donate your atrial-fib-revealing ECG to Facebook, I'm not seduced by Plume's less self-promotional promises of privacy.

I'm moving some time in the next year. I'll take another look when I'm in my new location.
 


For what it's worth... Plume Privacy Policy...
Thanks for that, Ric. Scary, not that I was a potential customer anyway.

I switched to the 1.1.1.1 DNS provided by CloudFlare; it was easy, except I kept getting bounced on a "404" to a "search" page on my ISP. Not at home now with that Netgear, but it was possible to fix with a setting I don't remember off-hand. A way to test if your ISP is hijacking your DNS settings, or you need to check how your router is configured: either ping a non-real Internet address, or enter an intentional typo, e.g., www.georgx.com

Cloudflare offers 1.1.1.1 apps for both iOS and Android and just announced a new service, "Warp," that's supposed to be a free VPN with freemium pay for more options later. As Facebook offered a free VPN that was mostly a way of more efficiently tracking users, let's hope Cloudflare really is supporting privacy - and that their apps will get tested.

Actually, Facebook went far beyond tracking:
TechCrunch said:
Facebook pays teens to install VPN that spies on them
We asked Guardian Mobile Firewall’s security expert Will Strafach to dig into the Facebook Research app, and he told us that “If Facebook makes full use of the level of access they are given by asking users to install the Certificate, they will have the ability to continuously collect the following types of data: private messages in social media apps, chats from in instant messaging apps – including photos/videos sent to others, emails, web searches, web browsing activity, and even ongoing location information by tapping into the feeds of any location tracking apps you may have installed.” It’s unclear exactly what data Facebook is concerned with, but it gets nearly limitless access to a user’s device once they install the app.
As a VPN service controls a user's encryption keys, a sketchy VPN is in position to be a man-in-the-middle and read what's passing through its service.
 



Software magic in the Comcast gateway separates the customer WiFi traffic to the cable from the public traffic. Speed settings are independent, because everything is managed in the gateway.
I have the Comcast triple-play package (TV/phone/internet), which limits my choices of modems to the Arris TG1682G. It was a "required upgrade" from my old modem. The new one has the 'xfinity' hotspot, plus its own wireless base. One of them was interfering with my Airport Extreme. Their customer service gave me instructions for turning off the private network, but that did not shut off the public hotspot. So another call to them to shut that off.

After all of that, I still don't know if the hotspot is really off. I still see the 'xfinity' hotspot, but I live in an apartment, and that could be a neighbor's. The status lights on the front of the modem show that the wireless is still on, but customer service says that is just a bug; it is really off. Hmmm.

They also say that even though I told them to turn it off, they may turn it on again anyway, contrary to my instructions.

I suspect that the hotspot is still on and there is no way to turn it off. It is no longer interfering with my AirPort though.
 


MacInTouch's Amazon link reveals a refurbished certified Arris Surfboard DOCSIS 3.1 cable modem for about $130 at Amazon. If you own it, you control it and need worry no more about Comcast getting you to do their network hosting for them on your dime. You'll recoup the cost within a year.

My own experience with iStumbler suggests you might not be a able to determine if Comcast's current device in your apartment is the source of the 'xfinitywifi' hotspot (a neighbor's might be too close for iStumbler to discriminate between them).
 


I have the Comcast triple-play package (TV/phone/internet), which limits my choices of modems to the Arris TG1682G. It was a "required upgrade" from my old modem. The new one has the 'xfinity' hotspot, plus its own wireless base. One of them was interfering with my Airport Extreme. Their customer service gave me instructions for turning off the private network, but that did not shut off the public hotspot. So another call to them to shut that off.
After all of that, I still don't know if the hotspot is really off. I still see the 'xfinity' hotspot, but I live in an apartment, and that could be a neighbor's. The status lights on the front of the modem show that the wireless is still on, but customer service says that is just a bug; it is really off. Hmmm. They also say that even though I told them to turn it off, they may turn it on again anyway, contrary to my instructions.
I suspect that the hotspot is still on and there is no way to turn it off. It is no longer interfering with my AirPort though.
Mark, you did hit on two things we have found to be very true regarding the Xfinity public WiFi.

Turning it off (either by your on-line account or by calling tech support) may, or just as likely, may not, turn it off. I have sat with their techs on the phone, and they needed multiple attempts (once, 6) to actually get it off. The only way to be sure is to identify that signal (hint - turn the consumer WiFi on and note the channel; the Xfinity one will be the same - change your user channel and see which of the probable Xfinity readings follows suit) and then assure it is really off using one of the many 3rd-party applications.

Now - with all that said... if you do get it off, it will be reactivated at some point by Comcast. They push settings, updates and the like at random intervals, and doing so will normally turn the Xfinity signal back on. No notice to you either. I have seen it turn back on with nothing but a power cycle; but that most likely varies with the modem type.

In summary, watch it carefully with the proper tools and kill it again when required, which may be often or not. Drives us crazy at many of our Comcast clients, so we try to always specify the Netgear modem de jour, as it has no WiFi at all inside. If we want WiFi, we do our own unit.
 


... My own experience with iStumbler suggests you might not be a able to determine if Comcast's current device in your apartment is the source of the 'xfinitywifi' hotspot (a neighbor's might be too close for iStumbler to discriminate between them).
A simple technique, if you have the Comcast Gateway credentials, is to change the WiFi channel assignments for your SSID. iStumbler and WiFi Explorer can both show changes in channel usage. Those that change identically are most likely related.
 


David is essentially correct - unless Comcast has some sharp engineers who are able to override the laws of physics. Two "radios" on the same frequency (after all, WiFi modems are just radios) will, without a doubt, affect the throughput of any device on that frequency.
The clarification here is that there aren't two radios. There's one radio, which is announcing two different SSID names. This is exactly why, as you say:
one is unable to set the user WiFi and the Xfinity WiFi to different channels.
Now, that said, it's still correct that the overall capacity of that single radio channel is being divided between "your" SSID and the Xfinity SSID. As a general matter, a single wireless client node is rarely able to use up the full capacity of an access point channel anyway - that's why access points can be shared across many clients effectively. But it's definitely true that there could be some impact in exactly the right circumstances.
 


Not sure if this has been suggested, but I recently installed TP-Link's Deco M9 system to replace Cox Cable's dreadful "Panoramic WiFi," which left one room in my not terribly large house dead. Deco fixed it for $200 (refurbished from B&H Photo) and was incredibly easy to set up (you must use a phone app to do so, but it's very straightforward.
 


I have the Comcast triple-play package (TV/phone/internet), which limits my choices of modems to the Arris TG1682G. It was a "required upgrade" from my old modem.
You should Visit Comcast's My Device Info page. Log in with your Comcast credentials and select your service tier to get a list of compatible modems.

When I looked for myself, I found 6 modems with voice capability. See my post from March 26.
After all of that, I still don't know if the hotspot is really off. I still see the 'xfinity' hotspot, but I live in an apartment, and that could be a neighbor's.
If you use a tool like iStumbler, it should show you all the access points advertising XFINITY and xfinitywireless. Look to see if any of them have the same MAC address as your own Wi-Fi network.
 


A simple technique, if you have the Comcast Gateway credentials, is to change the WiFi channel assignments for your SSID. iStumbler and WiFi Explorer can both show changes in channel usage. Those that change identically are most likely related.
My way to discern the difference in xfinitywifi is to note the approximate distance in iStumbler. The one from my Comcast access point is 2.5 meters away. The one from across the street is about 15 meters. I also have a neighbor who has Comcast, and that one is about 11 meters. So anything more than a couple meters is most likely not yours.
 


The clarification here is that there aren't two radios. There's one radio, which is announcing two different SSID names. This is exactly why, as you say:
Now, that said, it's still correct that the overall capacity of that single radio channel is being divided between "your" SSID and the Xfinity SSID. As a general matter, a single wireless client node is rarely able to use up the full capacity of an access point channel anyway - that's why access points can be shared across many clients effectively. But it's definitely true that there could be some impact in exactly the right circumstances.
John, no matter what, the impact will always be there (those pesky laws of physics again), as traffic always exists on both SSID's in normal operation, even when no clients are attached. But, as designed, you really would actually have no way to know if one or more 3rd-party clients are using your modem/router - the very purpose of Xfinity WiFi. You would need 3rd-party monitoring software to keep tabs on usage and traffic.

Additionally, even if you get Xfinity off, you most likely are surrounded by numerous other people's units, which may or may not be in use, but will always also clutter the limited bandwidth available on any channel. We routinely survey client sites for WiFi traffic and channel usage, and frequently must change their channel due to surrounding radios. Again, two radios on the same channel will always affect bandwidth, traffic aside.

On a previous observation - how to determine whose WiFi is whose: If one looks at the Mac's detailed WiFi menu (hold down Option key when selecting), you can see the BSSID, which is the MAC address of the WiFi source you are connected to. If you are using the Comcast box for your personal WiFi, the Xfinity WiFi will have the very same BSSID except for the last "word" (i.e.: last 2 digits/letters of the hex ID). For instance, if your WiFi ends in 'b4', the Xfinity WiFi of the same box will end in 'b5'.
 


Amazon disclaimer:
As an Amazon Associate I earn from qualifying purchases.

Latest posts