Comment by upboundspiral
19 hours ago
What about XFinity, which by default shares the wifi you pay for with strangers to create access points around the city?
19 hours ago
What about XFinity, which by default shares the wifi you pay for with strangers to create access points around the city?
It sounds like this attack would work in that scenario provided the attacker is able to connect to the guest access point.
I haven’t paid attention to one in a while but I seem to remember the need to authenticate with the guest network using Xfinity credentials. This at least makes it so attribution might be possible.
It looks like both clients must be on the same VLAN for the attack to work. They could be connected on different BSSIDs or even different SSIDs, but they still must be on the same VLAN.
If the vulnerability is between layers 1 and 2, wouldn’t that imply that VLAN tagging at layer 2 might not be effective in segregating the traffic?
1 reply →
As of a few years ago, you could simply spoof your MAC to that of a Comcast subscriber with these and you'd get unrestricted access on the hotspot.
This is probably the biggest issue.
I turn WiFi mine off and use my own WiFi ap.
Yeah, along these lines I've always been biased strongly against using ISP hardware beyond the minimum required to connect to the outside world.
See also: Amazon's Sidewalk (which shares your network via Ring camerae, e.g.).
[dead]