back to article Broadband-pushers expand user piggyback rides on private Wi-Fi

The number of public Wi-Fi hotspots piggybacking on private routers in the UK is set to increase "significantly" by next year, according to research. Currently 47 per cent of public Wi-Fi hotspots in the UK are derived from "homespot" routers. That proportion that will increase as broadband providers compete to to offer …

  1. adnim
    Unhappy

    I am not

    a commodity. I have never been a commodity, I will never be a commodity.

    Mr ISP you want a hotspot from my router... provide my access for free and I will consider it. Even though It may provide plausible deniability, I will not view this in a good light

    I dread the day when use of an ISP provided router is mandatory and one faces legal action for messing with it.

    1. Zog_but_not_the_first
      Unhappy

      Re: I am not

      Honourable sentiments, but they remind me of this.

      1. Anonymous Coward
        Linux

        Re: I am not

        Symbolism of 'The Prisoner', didn't Patrick McGoohan admitted he just made it up as he went along?

    2. Gordan

      Re: I am not

      "Even though It may provide plausible deniability,"

      It doesn't. And it doesn't intrude upon privacy of the owner, either. It's pure FUD.

      The public hotspot IPs are not encrypted, they live on a separate VLAN, and the only route is upstream, there is no way to cross over to the owner's encrypted connection or their LAN. It is obvious what data is flowing via each VLAN, so in no case is there any introduction of anonymity or plausible deniability.

      In addition, most people, myself included, find it very handy to be able to hop onto BT WiFi (and/or equivalents) almost anywhere instead of burning through meagre 3G allowances.

      1. adnim

        @Gordon Re: I am not

        Does this mean that the "public" get a different IP address? Or is my static IP address associated by third parties to the actions of others?

        1. Gordan

          Re: @Gordon I am not

          "Does this mean that the "public" get a different IP address?"

          Short answer: Yes

          Long answer:

          IP you get on BT WiFi's public unencrypted connection is completely unrelated to the IP range you have on your private, encrypted connection. Each gets NAT-ed and passed to the exchange separately from different IPs.

          Additionally, BT WiFi is authenticated after connection, so even if 10 people are connected to the same public hotspot, each MAC/IP address is non-anonymous. And public access via your BT router also doesn't use up your data allowance if you are on a metered deal, due to the same non-anonymous, non-plausibly-deniable nature of the service where everything is completely logically separate even if it is multiplexed over the same physical wire.

          So - no anonymity, no plausible deniability.

          The physical bandwidth shortage _can_ be an issue since the connection is generally limited by the sync speed, but in reality it is very unusual to see prolonged heavy impact from this. And if you do see an impact from it, you can always switch it off, and in the process forego your own access to BT WiFi hotspots.

          1. Blitheringeejit
            Holmes

            @Gordon

            >>The physical bandwidth shortage _can_ be an issue

            On BT's ADSL network? <sarcasm>Surely not!</sarcasm>

            1. Gordan

              Re: @Gordon

              >>The physical bandwidth shortage _can_ be an issue

              >

              > On BT's ADSL network? <sarcasm>Surely not!</sarcasm>

              I don't exactly keep an eye on it and hammer it flat out all the time, but when I do stress it (remote backups using zfs send over ssh) I can generally saturate the upstream to whatever the reported sync speed is. Bandwidth generally isn't an issue when you have FTTC.

              But I do recognize that in the edge cases where the maximum achievable sync speeds are meagre it can be an issue. But you don't HAVE to enable it. You just have to live with the fact that if you disable it you won't be able to use BT WiFi elsewhere yourself.

      2. fidodogbreath
        FAIL

        Re: I am not

        "there is no way to cross over to the owner's encrypted connection or their LAN"

        Right, because we all know that networking gear is immune to software vulnerabilities and hacking.

      3. MatthewSt

        Re: I am not

        It's a shame you're getting downvoted for stating the facts (and the ideal use case for the system). It's more convenient than asking friends and family for the WiFi code as well if you can just hop on the public one!

        1. Gordan

          Re: I am not

          "It's a shame you're getting downvoted for stating the facts (and the ideal use case for the system)."

          Speaks volumes about the level of knowledge of the typical commentard, doesn't it. :-)

        2. Intractable Potsherd

          Re: I am not

          "It's more convenient than asking friends and family ..."

          Just a reminder that "more convenient" isn't always synonymous with "better".

        3. John Brown (no body) Silver badge

          Re: I am not

          "if you can just hop on the public one!"

          The problem is they are not public. They are for the paying customers of the relevant ISP.

          Same for "universal service". Another misnomer as universal implies that anytone and everyone can use it and that's not the case.

          I don't know about other countries, but here in the UK there is very rarely any such thing as free WiFi. Either you are a paying customer or you have to hand over your details to register to access a limited and restricted connection. Even the local pub which used to have free WiFi now uses a commercial "partner" and even if you do bother to register, once you connect you only get 30 minutes then get kicked off.

          1. Gordan

            Re: I am not

            "here in the UK there is very rarely any such thing as free WiFi."

            You mean free WiFi as in O2 WiFi, TheCloud and Virgin Media WiFi on the London Underground? It may not be quite up to BT WiFi's coverage but it is reasonably available in built up areas, especially around pubs and suchlike.

  2. wyatt

    Ah yes, BT did this first didn't they? I remember signing up for the extended coverage, however as they hadn't sent me a home hub just a standard modem with a USB/single ethernet socket there wasn't a way they could turn my location into a hot spot. Shame that.

    It was quite useful when you could actually connect to one. Eventually I decided that I wanted 100% of the bandwidth and opted out.

    1. Roland6 Silver badge

      BT did this first didn't they?

      No, but in the UK as a major service provider they could generate sufficient installs to make the service useful.

  3. Gray
    Windows

    Here in the US...

    Comcast Cable (our local monopoly broadband service provider) pulled that crap on us, first by informing us that our aged cable modem needed replacing. They eagerly Fedex'd a replacement, supposedly free to us. What they didn't mention is that the new modem included the guest wi-fi hot-spot, so anyone war-driving or surfing the neighborhood could log in through our modem. The provision that only certified, bonafide Comcast account holders could do so was cold comfort; nowhere did Comcast inform us that we'd be providing a free hosting service.

    I bought our own upgraded cable modem, without the wifi guest "feature"; the Comcast model is still in its shipping box in the closet, in case Comcast ever demands it back.

    I may be old, but I ain't stupid or totally gullible. Damn this American free-enterprise monopoly crap! Comcast makes Bernie Sanders 'democratic socialism' sound better every day.

    1. elbows

      Re: Here in the US...

      Gray,

      I'm also with Comcast, and had to deal with their newly implemented guest wifi network as it was introduced through a firmware upgrade on my existing, rented, comcast cable modem.

      The feature is easily disabled through the administrative webpage login, so it's most definitely an opt-out feature that you don't have to participate in. I disabled mine the day it was announced and went live.

      Then I upgraded to a 3rd party modem.

      They aren't requesting their modem back because you still pay for it every month. Do your pocketbook a favor and return it.

      1. channel extended

        Re: Here in the US...

        The requirement to have a Comcast account to log on means they likely count the data amount against your cap.

      2. Sven Coenye

        Re: Here in the US...

        Note that you don't want to buy a modem with built-in AP as Comcast will take it over and lobotomize it. (At least, if you make the mistake of getting one off their approved devices list.)

  4. inmypjs Silver badge

    So how does this work

    How about some stats on actual usage of these home provided public hotspots?

    With the number of people (me included) that struggle to get a decent wifi connection in places inside the house who is going to get a decent connection to my public hotspot (if I had one). People visiting me? At a push people visiting next door and maybe people who want to stand in the road outside my house.

    I just don't see much of a use case for home public hotspots especially when the limited access is further restricted by having to match service suppliers.

    1. Gordon 10

      Re: So how does this work

      I agree. Not until the range and hand off improves.

      About the only value is at bus stops and the like.

      And how does the liability work out? Someone torrents something over my broadband or defaces www.her-maj.gov.uk who gets it in the neck?

      Not having allowed these over the threshold - can you throttle the parasite connection?

      What about hardware - is there a dedicated second frequency in use or is it all logical/software.

      Call me when they can mesh network direct to a fat pipe at the exchange.

      1. heyrick Silver badge

        Re: So how does this work

        "Someone torrents something over my broadband or defaces www.her-maj.gov.uk who gets it in the neck?"

        The visitor should be assigned a separate IP address on a connection that they have to log in to...

    2. Anonymous Coward
      Anonymous Coward

      Re: So how does this work

      So I'm not exactly an authority on the mechanics of WiFi, but doesn't the offering of two WiFi networks for every single router congest the airwaves?

      1. Mark Allen

        Re: So how does this work

        THIS is the biggest PITA I find with all the BT-FON networks. In some blocks of flats in a city you get major problems finding a clear channel. Nothing more annoying that doing a scan and finding 20 odd networks crossing a property. Then finding a third of these are these BT-FON guest networks. If other ISPs are jumping on this it will become a nightmare!

        So far my record for a single property is 72 different wireless networks crossing it!! Yes SEVENTY TWO. The client couldn't even connect to his own Wifi router when standing right next to it. Only when we moved out to the less used channel 13 did we get any success.

        I also want to know what happens in a countryside area where the ADSL is already slow, and no fibre available. Does that mean that the poor 2Mbps line is now shared out to random passers by? Who gets priority in those cases?

  5. Kraggy

    He said: "Given the current concerns around privacy and data security, the realisation that home routers can be accessed by complete strangers is unlikely to be viewed in a positive light.”

    That's a pretty sizable understatement!

    Given that most domestic routers are riddled with vulnerabilities in their firmware already, must of which is GPLed and open to being looked at, only a fool or someone not technically competent to know would trust the 'firewall' between the two channels.

    I'd never use an ISP's provided router for this reason alone, I certainly wouldn't trust BT not to have back-doored their Infinity router to allow them to turn this 'feature' on even when I've disabled it.

  6. Anonymous Coward
    Anonymous Coward

    hey, just like "social safety nets" and "benefits"!

    We promise more to the "have nots" by riding on the "haves".

    We simply define the "haves" as those who have anything we can take advantage of and harvest.

    Money, bandwidth, doesn't matter, you gotta "share" so others don't have to.

  7. Anonymous Coward
    Anonymous Coward

    Spoofing and malware

    Is it possible to set up a wifi that has the name etc of an ISP shared point and garner connections from the unsuspecting public?

    If it is possible to do that spoof - then you have a major security problem that will be exploited to inject malware into unsuspecting users' PCs. How many ordinary users use a VPN to protect themselves?

    1. Roland6 Silver badge

      Re: Spoofing and malware

      Yes it is trivial to set up a spoof WiFi access point, however, you do need to also spoof the service login - but then just download the right toolset and you've got yourself a fully functional AP with built-in man-in-the-middle relay, eavesdropping and injection functions.

      VPN doesn't give the user much protection, because it is vulnerable during the setup phase to man-in-the-middle attack. Obviously you can use roaming authentication for the VPN session but this also has vulnerabilities (aside: an exploit was reported in recent weeks)... Obviously once you have a VPN up and running you're communications are pretty secure. However, my man-in-the-middle can interrogate your client and finger it, so reputable client security software is required...

    2. Anonymous Coward
      Anonymous Coward

      Re: Spoofing and malware

      Not only possible but trivial.

      They only look for the SSID.

      The real login page may be encrypted but I doubt anyone checks that, so simple unencrypted version that looks similar is probably sufficient.

      Quite what you'd gain from this is debatable though.

      1. Anonymous Coward
        Anonymous Coward

        Re: Spoofing and malware

        "Quite what you'd gain from this is debatable though.2

        MITM attack. Modifying page HTML as it is downloaded in order to inject malware. The expectation would not be to infect everyone - just those who are technically or socially vulnerable would be sufficient payback.

    3. Terry Barnes

      Re: Spoofing and malware

      Most people use an app to connect nowadays and those apps do verify the authenticity of the hotspot.

  8. jaycee331

    Found a workaround

    So I opted in for BT Public Wi-Fi sharing whilst traveling in London.

    Which of course, in return, they sent a remote command to the Home Hub to enable my own router to become another public hotspot on their share and share alike principle.

    Wouldn't have minded so much but without some crappy BT IOS/Android custom apps, when I got back home my devices were now signing into the speed limited BT Openzone SSID in my own bloomin' home. Don't want that at all, nor the RF pollution.

    Checked the Home Hub and it's a greyed out setting, can only be changed by our BT overlords via what has to be a remote control backdoor of some shape or form.

    Thankfully I have a shelf of spare routers. Replaced with Home Hub with <anything>.

    Win Win. BT still think I'm opted-in, and I can still use public WiFi. Up yours BT!

  9. Anonymous Coward
    Anonymous Coward

    I remember logging into my home router in Berlin and seeing that you could link up other routers of the same make - like a rudimentary mesh network. In a city, having a distributed mesh network that subscribers can log into seems like a better and less interrupted experience than logging into the perma-traffic-shaped router of Benicio De Torrent from downstairs.

  10. Anonymous Coward
    Linux

    Public Wi-Fi hotspots derived from domestic routers ..

    I've never understood why BT requires me to pay them to provide Wi-Fi hotspots to their paying customers. Besides isn't the router stealing my bandwidth to provide connectivity to these Wi-Fi hotspots.

    1. Richard 12 Silver badge

      Re: Public Wi-Fi hotspots derived from domestic routers ..

      Unless you live next door to a pub, café or bus stop, nobody is ever going to connect to it anyway.

      If you do, then the bandwidth slurp is going to be so annoying that you turn it off.

      My "normal" wifi barely escapes the house, so BT FON et al is rather pointless.

      1. Anonymous Coward
        Anonymous Coward

        Re: Public Wi-Fi hotspots derived from domestic routers ..

        "My "normal" wifi barely escapes the house, so BT FON et al is rather pointless."

        My lounge wifi finds a WAP whose name suggests it is at least 200 metres away in the high street. Presumably some of my many neighbours' BT-FON points will be visible to people thronging the high street for evening entertainments.

  11. Faszination

    I pay for my broadband, why should I share it?

    If I pay the bill, I expect to use 100% of my service, even if i'm not using it, I don't want any Tom, Dick or Harry using it instead. What is so difficult to comprehend about that?

    I don't give a monkey's if if makes other people's lives more convenient - IT IS MY SERVICE, I PAY FOR IT.

    Simple.

    1. leexgx

      Re: I pay for my broadband, why should I share it?

      then turn it off then (you also lose the ability to use it as well then)

    2. Terry Barnes

      Re: I pay for my broadband, why should I share it?

      No-one's forcing you.

      If you want to use free WiFi away from home you have to turn it on. If you don't want to, turn it off.

  12. Anonymous Coward
    Anonymous Coward

    How many years has this been going on!

    Get with the times it has been happening for years. You need to read the small print when signing up to ISPs. Its a bit like being redirected to cache servers when requesting a website. 20-30% of web traffic comes from not the place you are expecting.

  13. AndrewDu

    "Good evening, Mr. Plod, what can I do for you?"

    "It's about this child pornography you've been downloading, sir"

    "Nonsense, I would never do such a thing!"

    "This is your router, sir, this one here? Yes? I thought so. Don't try to bamboozle me with technicalities, please sir. Just step this way, if you don't mind. Anything you say may be taken down and used in evidence against you. Oh, and your name and picture will be all over The Sun tomorrow morning. Smile please, for the photographer, while I put these handcuffs on you."

    Just. Say. No.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like