Shaw Go WiFi - Needs Secure Option (e.g. Sasktel)

Discussion created by kme0801 on Mar 10, 2016
Latest reply on Mar 24, 2016 by techid1

Shaw Go WiFi is definitely a nice feature to have.  The access points are plentiful and definitely helpful especially for devices without cellular connection, or deep inside buildings where cellular connections are poor.


With that said, Shaw needs to add a secure SSID - e.g. ShawSecure (WPA2 Enterprise would be easy for them, or at a minimum WPA2 Personal).  While I understand that the average user may or may not care, using an open wireless network puts users at risk for information or potentially device compromise.  It even puts them at risk when they aren't using Shaw Go WiFi as a malicious individual could easily broadcast an open "ShawOpen" wireless network where Shaw isn't operating, and would be able to intercept communications from anyone in the immediate area.  There are attacks that work where Shaw Go WiFi is in use already, but that's besides the point.  The issue is that open wireless networks are dangerous, and Shaw needs to encourage users to use more secure options, and protect their customers as well.


Shaw already uses the email address / password combination for signing into some of their applications (e.g. Shaw on Demand or the new FreeRange TV).  It should be possible without a significant amount of effort to broadcast a second SSID - e.g. "ShawSecure" that uses the users email address and password for authentication.  This step could also "register" the device on the account if Shaw desired.  This is the best case scenario.  The Shaw Go WiFi application could walk users through how to connect to the secure network instead (or configure the device on the users behalf).


In Saskatchewan, Shaw's main competitor (SaskTel), does something sort of similar to this with two wireless networks being broadcast wherever they have free WiFi (SaskTel Select WiFi and SaskTel Select WiFi 1).  The latter network in SaskTel's case (SaskTel Select WiFi 1) is WPA2 Enterprise enabled.  That network is configured for SaskTel mobility subscribers only, so it uses their SIM card (with EAP-SIM) as the authentication method, but the idea is the same.  They have one for non mobility subscribers that's open, but they also have a secure option for their users, and for the cell phones at least it is preconfigured to always use the secure.


Shaw Go WiFi is a great feature with a major drawback being no security.  For users that have the knowledge and ability to use a VPN on open networks we can minimize the risk presented to us, however a vast majority of Shaw's user base won't or can't do that.  Shaw should step up and provide a more secure option for Shaw Go WiFi.