[newZWhoDis]

> Just VPN back to your home network if you're not confident in their security.

I’m sorry but wtf?

You’re saying that, in my own home, I should just accept that my devices connect to an external wifi against my will and VPN back into my own home… while in my home?

Seriously?

[310260]

(Gonna assume you have a cable MVNO still)

Yes. You signed up for a cable provider mobile service. A huge part of their whole value proposition for their service is "get access to millions of cable WiFi hotspots!" That's their product. They plaster it everywhere in all their ads.

Your situation with Pi-hole and firewalls etc. is a niche use case. Their service is made to appeal to people who are 1) cable company customers and 2) want cheaper service. The majority of people who fall into those categories have an Xfinity router at home that broadcasts the Passpoint SSID. The phones connect to that SSID and have service. Passpoint is going to be more secure than any WPA2/3 network anyway.

If you don't want that to happen, then get a different mobile provider. This one is not for you.

[thedougd]

WiFi isn’t just for accessing the Internet. It’s also for accessing other devices on your home network such as printers. This is a broken implementation with no room for argument.

[michaelmrose]

Xfinity hardware provides a separate SSID that uses WPA2/3 to secure your connection and a SSID for "Xfinity WIFI". On Android one can and should in fact select which nodes to connect to not merely whether to connect to all nodes but whether to connect to individual nodes. This is essential because in real world non test environments real customers using real networking hardware and phones do not handle adjacent networks well because signal strength varies wildly throughout their space resulting in devices roaming back and forth for no fucking good reason. This is especially true in dense environments like apartment buildings.

Xfinity customers using xfinity wifi on their android device NEVER experience conflict from dancing between AP with xfinitywifi in their home or from their neighbors unless they explicitly connect to adjacent networks and if they do so they can correct the issue by long pressing on the undesired AP name and selecting "forget".

Nobody cares what a company thinks they signed up for. They give essentially two shits. They pay tech companies to solve their problems and expect solutions that work. The situation as described doesn't work for normal network conditions and equipment. The fact that it also breaks niche stuff that techies like is just diarrhea icing on a shit cake.

[newZWhoDis]

I signed up for cellphone service.

Absolutely no where did I consent to have my devices (yes, my owned devices not leased/payment planned) suddenly lock me out of basic networking settings.

This is almost as stupid as buying a Walmart keyboard and finding out plugging it in disables eth0 because you might load Amazon.