[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Comcast storing WiFi passwords in cleartext?

The Stackexchange post does NOT say that they got their own AP. It says
they got their own DOCSIS Modem / Router / Wifi combo device. That's an
important distinction.

When I worked at Adelphia many years ago, the only distinction between
customer owned CPE and company owned CPE was billing. All modems received
the same DOCSIS config file when they booted up. While I have not worked in
that industry for many years now, from what I am aware of the same behavior
still applies. The modem management and configuration is 100% in the hands
of the MSO.

This is why, in my opinion, people should avoid modem/router combo units
whenever possible. Any information/configuration entered into such a device
could be accessible to the MSO (intentionally or otherwise) , as is
happening here. I'm sure they would come back and say this is necessary to
provide support for customers who pay them for WiFi service, but it clearly
shows they don't turn off that functionality for customers who don't.

Treat you cable modems as foreign network elements. Cause that's what they

On Wed, Apr 24, 2019 at 9:28 AM Töma Gavrichenkov <ximaera at gmail.com> wrote:

> On Wed, Apr 24, 2019 at 3:27 PM Matt Hoppes
> <mattlists at rivervalleyinternet.net> wrote:
> > If youâ??re really running something that requires that kind
> > of security you may want to get your own wireless access point.
> Like I said: the OP claims that's what s/he did.
> --
> Töma
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190424/e98d1c5e/attachment.html>