Tell HN: iOS lets carriers add WiFi networks that you can’t stop from joining

I know something about this. I built and ran a service for carriers to help with “WiFi offload”.

It’s intended as a consumer-friendly way to increase capacity in dense areas (like a sports stadium or mall) where the carrier’s cell towers don’t have enough capacity.

Wifi offloading is not new. AT&T helped invent these standards back in ~2009 when their network was getting crushed by massive increases in traffic as iPhone usage took off.

WiFi offload networks are configured as “Managed Networks” which are lower priority than any user-selected networks. You can disable them by turning off “auto-join”. (Also these WiFi offload networks are secure; you can’t spoof them).

However it appears that the original poster’s carrier (presumably Xfinity Mobile or Spectrum Mobile) has done something new - they’ve disabled the user’s ability to turn off “auto-join” on iOS. Some overzealous team is trying to lower their cellular costs. That’s because both Comcast and Spectrum rent capacity on Verizon Wireless towers, but their MVNO cellular service is not profitable unless their customers are using the cable company’s own WiFi fairly often.

However this (disabling “auto-join”) is a dumb move. It’s obviously problematic for users whose neighbors are broadcasting the [Xfinity WiFi or Spectrum Mobile?] SSID.

To my knowledge, no major carrier does this. If you’re on AT&T, T-Mobile, or Verizon, the “managed offload networks” can be easily disabled. And the major carriers are using higher-quality commercial WiFi networks for offload, not random home cable modems.

Apple Configurator (self-hosted local MDM, free macOS app in store) has an option for "supervised" iOS devices so that Wi-Fi connections are limited to SSIDs which are pre-defined in the MDM profile. It's intended for enterprise usage. Worth testing to see how MDM policy interacts with carrier-managed Passpoint networks.

Note: you can't supervise an existing device without wiping it, so this is an experiment to conduct with a spare phone, or one already managed by Configurator/MDM.

Apple Configurator training: https://it-training.apple.com/tutorials/deployment/dm095

Wi-Fi payload: https://developer.apple.com/documentation/devicemanagement/w...

Another option is using Apple's MDM for small business to define a list of approved SSIDs, https://www.apple.com/business/essentials/

Edit: is there an option to "Remove Profile" in Settings?

  General -> VPN & Device Management -> Configuration Profiles

Edit2: workaround by null routing the carrier's Wi-Fi SSID? https://www.reddit.com/r/tmobile/comments/vvt6dd/comment/iyr...

  Change IP address to manual and 127.0.0.1
  Change subnet mask to 255.255.255.0
  Change DNS to manual and 251.252.253.254

T-Mobile's you absolutely can disable, but I would have never ever thought to look there until I read this.

I switched off Auto-join on both "t-mobile" and "TMobileWingman", but I couldn't hit the "Done" text-but-its-really-a-button in the upper right until I made some change to the normal known networks list, so I deleted a couple that I didn't remember or recognize. YMMV.

It's gross either way. No way, no way in hell this is something that should be shadow dropped onto my phone.

I noticed this a couple days back at Home Depot, of all places. Was looking up the locations of stuff I needed to pick up via their website while sitting out in the parking lot and my iPhone kept switching off 5g to hop on some single bar wifi that I couldn’t delete or deselect auto-join.

Eventually just turned off wifi and the problem was “solved” but man this is going to be annoying if it starts happening at the grocery store or something.

This has been around for a while now and is not some new eSIM thing. It's existed with physical SIMs too. It's Passpoint access authorized via your SIM. Your device won't just randomly connect to anything with the same SSID. It has to auth via the SIM and it's on secure networks that your carrier has agreements with. Same as the access you get over the LTE or 5G network.

I was all prepared to be very irritated. Especially if I could not disable them.

But disabling does work for me. And according to the documentation[0] these networks wouldn't get selected in preference to my home network anyway. My blood pressure is dropping a bit.

Assuming these are actually authenticated networks as described, then I don't know if this is any worse than allowing the phone to use the cellular signal. Same provider.

If your phone is hopping onto one of these while at home, I guess check your home wifi signal strength because it's probably dropping out?

[0] https://support.apple.com/en-us/HT202831

I’ve tested this on iPhone 14 Pro Max, 13 Pro Max, and 12 Pro Max. Using iOS 16.4 and 16.5 beta, I’m unable to replicate this.

AT&T 54.0.1

Managed Networks: AT&T Wi-Fi Passpoint, attwifi

Verizon 54.0.1

Managed Networks: PrivateMobileWifi, VerizonWifi, VerizonWifiAccess

T-Mobile 54.1.0

Managed Networks: t-mobile

———

I’ve tested the following scenarios

- confirm auto-join disabled, wait 10min, recheck and still disabled.

— confirm auto-join disabled, reboot, recheck and still disabled.

- confirm auto-join disabled, enable airplane mode, recheck and still disabled.

- confirm auto-join disabled, disable wifi, re-enable wifi, recheck and confirm still not auto-join enabled.

- confirm auto-join disabled, switch cellular data to alternate esim, switch back, confirm still not auto-join enabled.

At this point I feel there must be something different about your setup that’s non-standard in some way.

It’s slimey as hell that they get added automatically, but still very much possible to disable at least it seems.

Edit: “Wingman” and related variations never appear on either of my T-mobile devices.

I noticed this type of thing a LONG time ago (years) when my browser session was hijacked by some starbucks terms of service popup. my phone had auto joined an at&t wireless hotspot at a nearby starbucks.

I could disable auto-join at that time and it didn't happen again.

Also as a general precaution I turned off wifi except at home.

However, if it cannot be disabled, I find it troubling.

It gets more sickening every day. I own every Apple device there is. But there has never been a company more anti-Steve-Jobs-vision than Apple.

The seamless experience has turned into a my fight against Apple's hatred of their customer.

Whenever someone sadly hits their personal "last straw" threshold for iPhone, one option to consider is the privacy&security-focused GrapheneOS variant of Android.

https://grapheneos.org/features

You can run GrapheneOS on recent models of Pixel hardware. (It usually has to be a unit purchased from Google, or that otherwise hasn't had OEM-unlocking disabled by the carrier that sold it.)

https://grapheneos.org/faq#device-support

https://grapheneos.org/install/web#enabling-oem-unlocking

You might also try minimizing the apps that you depend upon, though GrapheneOS has put work into supporting apps in a bit more private&secure way. There's also the option of the F-Droid app store, if you want to try to avoid commercial apps altogether, but still need things like an OpenStreetMap app.

There were a lot of things I liked about iPhone, but I overall feel more respected by GrapheneOS.

If you end up liking GrapheneOS, and have the means, there's an optional Donate page on their Web site.

This is a very US centric way of looking at this. Currently sitting in a packed subway carriage in Busan, South Korea. There are carrier WIFI APs installed in every carriage. Their network is literally built to offload people onto wifi where possible, I presume to reduce congestion on not much or very directional spectrum in the tunnels. In this case, it makes perfect sense to push people onto their wifi. Not connecting to your own networks preferentially is a pita though. Seems like a really neat solution imo

Is this based entirely on the SSID? In other words, could I force other people's phones to connect to my router by just changing the name of my Wifi network?

That seems like an obvious security vulnerability.

> they cannot have “automatically join” disabled

They can on my AT&T iOS 16.4 device. I was able to disable auto-join on the two AT&T ones. I didn't need to delete a network to enable the "done" button from the edit screen - the state I toggled for auto-joining the managed networks persisted even if I hit cancel on the edit screen.

I don't like that they're there and auto-join is on by default, but it does appear that can be turned off.

This is a security non-starter. Why would Apple do this? These are not approved networks for most company usage.

Apple needs to start being a LOT more protective of their product’s privacy features, as it’s a major reason people stick with them and one of their core brand points.

This is not even listed in the change-list pop-up. Whenever I see such news I end up wondering how much power these organisations wield without any or much check that even after such incidents and findings they find it okay to just remain silent about them and maybe fix/revert it or maybe not.

I was incensed when Find My Device meant either I had to turn it OFF for my devices as well, or turn it ON for everything out there including random people's AirTags. What a choice!

It sounds ridiculous, even to me, but I don't think that time is far when phone companies will hand you over to the police on a platter with all the "assumed evidence" if you happen to be near a crime scene with maybe even a "%" attached to you while police will have a version of some AI where they will feed all that data and pick a clear winner. Saving cost, time, and making "justice" productive. Yay!

WiFi was one thing I was extremely careful about where to join and where not. Unless I was absolutely sure I always used mobile data when I am outside or wait until I get back home to a known and safe wifi.

It started with Apple Wifi turning off from Control Centre meaning "it's off, but it's not really off". At this point I am really not sure what happens when I do an action (even a hardware related action) on my iPhone. Does it really shutdown? Or it does not? I think it already doesn't if Find My Device is on or something. Sometimes I switch off my iPhone and go to sleep and see in the morning the phone was waiting eagerly for me to get up and greets me with the PIN screen. It creeps me out every single time.

This goes to show that the real way to succeed in life isn’t to go about wearing a tin foil hat, but rather to enclose your neighbours house in one.

It's "Passpoint" and uses certificate based 802.11x auth, there's really nothing to worry about except calls dropping due to Wifi switchover. Whitepaper from Aruba here: Solving the Indoor Wireless Coverage Problem: Passpoint and Wi-Fi Calling https://www.arubanetworks.com/assets/wp/WP_Passpoint_Wi-Fi.p...

As another data point:

I'm on ios 16.4. I see I have "AT&T Wi-Fi Passpoint" and "attwifi" added to "Managed Networks" - but I am able to disable auto-join for them. I wonder if that can be controlled by the carrier?

Does anyone know if there is a specific term for networks added like this to look for more documentation?

I have a vague memory of this being a story many years ago, where iPhone's were connecting automatically to the Disney resort WiFi and someone realized if you set your hotspot to use the same name all iPhones in the vicinity would auto connect.

Can't find anything online any more though, does anyone remember anything similar?

I was able to disable auto-join and after 10 minutes it's not re-enabled. As a precaution I also set manually IP/Gateway/DNS to 127.0.0.1 for the "AT&T Wifi Passport" and "attwifi" networks and those settings also seem to persist. I'll check it again in 24 hours or so.