Re: Comcast storing WiFi passwords in cleartext?

["Aaron C. de Bruyn via NANOG" <nanog () nanog org>]

On Wed, Apr 24, 2019 at 9:05 AM Brandon Jackson via NANOG <nanog () nanog org>
wrote:

> I'm not saying they are doing anything nefarious or packet capping the
> local network or anything of that nature that is a little on the tin foil
> hat side for me personally, but you should always consider that any
> information available to a cable modem Gateway or plain cable modem is
> available to the ISP.

I'd wager at least 95% of Comcast's users aren't network engineers,
security bros, or in some technically competent field.
If you were building a system to support hundreds of thousands or millions
of users who couldn't distinguish between a DVD drive and a cup holder, how
would you make it easy for your front-line support staff to help them use
the service they paid for?  Want to walk them through factory resetting an
old WTR54, hardwire a computer/laptop to it (if they have one), sign in
with default creds and then properly configure wireless?

I'd rather say "What do you want your wireless network name to be?"  "Ok,
and what do you want your password to be?"  "Done.  Try connecting now."

In any sort of business environment you should be briding the modem and
putting your own firewall in.

-A