
Google and Microsoft Oppose Hotels’ Effort to Block Personal Wi-Fi - ademarre
http://www.wsj.com/articles/BL-DGB-39565
======
cge
The arguments being made here are absurd.

There's a huge difference between "causing interference to other signals" or
"managing [a hotel's] network in order to provide a secure and reliable Wi-Fi
service," and _willfully sending malicious packets designed to disable other
wireless networks._ The latter is buried in the text, but is what they are
asking for permission to do. It's somewhat unclear how such behavior is an FCC
interference issue rather than a criminal matter.

It's amazing that this is compared to "a homeowner using her cordless
telephone that interferes with a neighbor's phone" and "a housewife whose use
of a baby monitor device causes interference to a neighbor's garage door
opener."

It does lead to an interesting question: if seeing a wireless network, which
an automated system will _not_ be able to confirm is actually on their
property (consider the plight of nearby homes and businesses!), constitutes a
threat that can be attacked, is it allowable for an adjoining property owner,
or a guest with a wireless network, to see the hotel's network as a threat,
and attack it in the same way?

The "alternatives" that hotels might be forced to implement if hotels aren't
allowed to attack other networks are similarly entertaining:

>For example, a hotel could decide to prohibit guests from bringing Part 15
devices on the hotel's property. Alternatively, a hotel could limit the areas
where Part 15 devices may be used, for example, by restricting their use to
guest rooms or common areas.

I would love to see any hotel attempt this, even for one day.

~~~
boulos
Phone reply, so I can't easily find the links, but those comparisons are to
previously decided FCC judgments about interference. So while outlandish, it's
very much on purpose.

------
seanp2k2
Another option: refuse to stay at Marriott-owned hotels. There are lots of
other awesome hotels out there, and a lot are cheaper and/or nicer than
Marriott brands.

Related: [http://fortune.com/2014/09/16/marriott-tips-worker-
wages/](http://fortune.com/2014/09/16/marriott-tips-worker-wages/)

They're not exactly the best company out there to be supporting.

~~~
cge
Then you'll have to refuse to stay at Hilton hotels too:
[http://apps.fcc.gov/ecfs/comment/view?id=60001005951](http://apps.fcc.gov/ecfs/comment/view?id=60001005951)
.

Cisco, Aruba, Ruckus, Smart City, the Ad Hoc Telecommunications Users
Committee have similarly come out in favor of allowing wireless operators to
attack other wireless operators.

Interestingly, the National Cable and Telecommunications Association filed in
opposition to the petition, with a rather strongly worded filing.

~~~
christoph
In my opinion Hilton is just about the worst hotel brand out there. I actively
refuse to stay there at any opportunity. They wanted to charge me 10 euros to
use the gym when I stayed in one recently (this was a discounted rate as well
because I'm a member of Hilton Honours), regular price for guests was 20
euros. For one use of the gym!! That's not far off what I pay for a month of
24/7 gym access at home.

Wifi was 25eu a day. A small bottle of water from the mini bar was 8 euros, a
small coke 12 euros. A pretty average chicken ceasar salad from the restaurant
was 35 euros. It's just crazy when you/your company are already paying 350
euros a night for a room.

------
jzelinskie
>"We remind and warn consumers that it is a violation of federal law to use a
cell jammer or similar devices that intentionally block, jam, or interfere
with authorized radio communications such as cell phones, police radar, GPS,
and Wi-Fi."[0]

Why should this be any different?

[0]: [https://www.fcc.gov/encyclopedia/jamming-cell-phones-and-
gps...](https://www.fcc.gov/encyclopedia/jamming-cell-phones-and-gps-
equipment-against-law)

~~~
fcclaw
This is a press release, the actual law / regulation is slightly more nuanced.
It is perfectly OK to operate a jammer in your premises, given that it doesn't
interfere with authorized radio communications outside your premises.

For example, every time you operate your microwave oven, you operate a 1kW RF
jammer in 2.4GHz band, but because of the Faraday cage built around it (in
theory: infinite attenuation; in practice: 30dB attenuation), it doesn't
interfere with authorized communications outside your premises.

~~~
alricb
Are you sure about that? The FCC seems to think otherwise:

> 17\. I don’t use my cell jammer in public. Can I use it in my own home,
> business, or vehicle?

> No. Jamming devices may not be used regardless of whether the device is
> operated on public or private property. If you own a jammer, do not continue
> to operate it. You risk substantial fines (of up to $16,000 for each
> violation or each day of a continuing violation, or up to $112,000 for a
> single act); seizure of the device by the government; and criminal
> imprisonment. Signal jammers do not respect property lines, and federal law
> provides no exception that allows for the private or commercial use of a
> jammer. [1]

A Microwave oven isn't a jammer. It's an authorized device that has to comply
with certain regulations, essentially the same as for other devices using the
2.4 GHz ISM band.

[1]:
[http://transition.fcc.gov/eb/jammerenforcement/jamfaq.pdf](http://transition.fcc.gov/eb/jammerenforcement/jamfaq.pdf)

~~~
waps
Exactly property rights explicitly do not apply to radio waves. You must not
interfere with radio signals on your property, except through static
structures (you're perfectly at liberty to build a faraday cage on your
property).

Property rights have big exceptions. Property rights don't include :

radio waves

mineral rights

air space (include "space" space above your property)

Space is even a bigger exception in that it has been agreed that the airspace
above a country > 100km up is no longer considered that nation's territory.
You can't buy it, from anyone.

------
ademarre
> _Marriott has said it had an obligation to protect guests from “rogue
> wireless hotspots” that could lead to hacking._

Oh please. It's too easy these days to hide behind security and user
protection as a motive. FUD mongering.

~~~
glitch003
They could have a legitimate concern for rogue wifi networks that use the same
SSID as their legitimate wifi network. But that's the only legitimate concern,
and it can be stopped by allowing hotels to _only_ block wifi networks that
use the same SSID.

But they want the ability to block any and all wifi networks, which is BS.

~~~
gpvos
They might also want to block wifi networks with similar names, to avoid
confusion.

------
derekp7
There's a pretty simple solution to this problem. So lets say that a hotel
wants to offer clean reliable wireless to its customers, possibly for a price.
This can't be done with unlicensed spectrum, since you can't get exclusive
access to it. The answer is to use licensed spectrum for this purpose.

The way this could be implemented, is for a wireless equipment manufacture (or
consortium) to purchase a chunk of spectrum, that they can control. Make it an
industry standard, so that it gets included in generic client-side wifi chip
sets. Then the manufactures can control the usage of the base stations for
this private spectrum, so that it is only available in a commercial setting
(i.e., places like Marriott would pay a license fee to the consortium to stand
up a base station with the private spectrum). The only trick here would be
getting industry agreement so that the client side would get widely
implemented, so that Marriott's (and other venue's) customers would be likely
to have this spectrum available in their client side devices.

~~~
waps
Have you looked at the price of radio spectrum recently ? This would never
fly. Even a small sliver of spectrum for one country costs more than Marriott
is worth.

Which is of course why they're trying to get it for free.

~~~
ghshephard
This depends entirely on how much spectrum, how much power, and how
geographically diverse you want to deploy. Without going into too many
details, I can say that purchasing 500 milliwatts of EIRP transmit power in a
small urban area (<10 sq km) of 5 MHz of spectrum in one country of population
< 10mm people can be had for ~ $2mm/year.

~~~
ansgri
5MHz's unlikely to bring you any high-quality internet connection for many
tens of guests, we should be looking at 100MHz at least.

------
revelation
That's awkward. Marriott had to settle with the FCC, and as part of that
settlement can't jam peoples WLAN, but suddenly theres a _decision_ to be
made, petitions considered and Google and Microsoft have to beg for the law to
be applied?

How did that happen, exactly?

~~~
traek
It's pretty clear, actually. From the article:

> A lodging industry trade association petitioned the FCC last month for the
> ruling on blocking personal Wi-Fi signals.

> The petition stems from Marriott International’s agreement last month to
> settle an FCC investigation into a complaint that at least one of its hotels
> used communications-jamming technology to disable the personal Wi-Fi
> hotspots that many travelers tote with them.

Firstly, the ban on Wi-Fi jammers is an FCC rule, not a law.

So Marriott settled according to current rules. The hotel lobby then
petitioned FCC to authorize them, and change the rules if necessary, to jam
Wi-Fi. Google and Microsoft filed letters opposing this petition.

~~~
diltonm
Rule? It sounds like a law to me:

"15\. Can I operate a jammer in the U.S.? No. It is a violation of federal law
to operate jammers in the United States, except for authorized, official use
by the U.S. government."

[http://transition.fcc.gov/eb/jammerenforcement/jamfaq.pdf](http://transition.fcc.gov/eb/jammerenforcement/jamfaq.pdf)

~~~
waps
There are over 300 different kinds of "law" in the US. FCC rules are one of
them, and it's broadly classified as an executive ordinance. The same sort of
thing as any local government regulation. Just because it doesn't appear to be
a more or less independant part of the government doesn't make it's rules any
less of a law. There are countless agencies that have varying authorities and
can issue decrees that apply within certain constraints. Everything from the
military, DoJ, CIA, SEC, FBI, FDA, NSA, DoA, DoC (which issues most laws that
apply to the internet), DoD, DoE, Dept. of Education, Dept. of Health, DHS,
Dept. of Housing an Development, DoI, Dept. of Transportation ... all have the
power to issue "laws" (usually referred to as regulations) that are as binding
as any congressional law, but usually have limited scope. Scope is similar to
the more well-known concept of jurisdiction, except it's usually not
territorial but functional in nature. E.g. laws that apply only to airports,
or ports, or trains, or power plants, or banks, or flying things, or boating,
...

One way to get bitten by this is by working for the government. You might
think you have a contract, and that for instance your pension is set in stone
by the paper you signed. That would be a wrong impression, as that paper you
signed is (usually) not in fact a contract, merely an acknowledgement of the
regulation (the text will, of course, state that this is so), and that
regulation, unlike contracts, can be changed without your approval.

It seems to me that the GP is attempting to technically point out that the
most narrow definition of law only applies to what both houses decide and the
president signs. That's not true in any meaningful sense.

------
javajosh
Balls. Big, swinging brass balls. That's what the "hospitality" industry has
to petition the FCC to allow them to block people's personal wifi.

No doubt they'd also like to block cell phone service so that you have to use
the room phone.

------
jessaustin
Marriott are jackasses and I hope they go out of business, but I'm not sure I
want the FCC to be policing this issue. The "jamming" doesn't entail actual
radio jamming; they're just sending a deauth packet. Unless I very much
misunderstand, the problem has been solved if your personal WAP supports
protected management frames.

~~~
Kadin
That is basically asking for an arms race, and I don't think that it would be
a particularly productive use of either engineering effort or users' time to
have to continually upgrade their mobile hotspots and client devices with the
latest in anti-anti-anti-jamming technology.

~~~
hueving
No arms race. The problem has already been solved with protected auth frames.
The only thing that really works agains t that is to violate the protocol and
actually jam the signal.

------
superuser2
Managing rouge APs is a legitimate pursuit in many contexts.

It is _always_ legitimate for the operator of an Ethernet network to attack,
disable, and punish people for attaching unauthorized APs to that network. As
a university or corporate IT department, you likely employ access control and
monitoring techniques (including WPA2-EAP and 802.1x). An employee or
student's Best Buy wireless router that strips you of the ability to
individually identify users _is_ a major liability. The worst case scenario in
this case is a ruling against rouge AP management that does not distinguish
between hotspots attached to the corporate network and hotspots merely
existing on corporate property.

Second, there is a compelling argument against cellular hotspots in contexts
like secure corporate and government environments. Many corporations have a
self-interest, ethical responsibility, and legal/regulatory obligation to
monitor and archive employee communication. A personal WiFi hotspot would
allow employees to exfiltrate private customer data, bypassing logging and
packet inspection schemes.

That could be used for anything from a financial rep engaging in prohibited
sales practices immune from auditor/supervisory eyes and litigator discovery,
to a Facebook employee selling chat logs to the highest better, to old-
fashioned corporate espionage against R&D work products.

Jamming cellular personal hotspot devices in a hotel should be illegal, but
for the right reason - it's anticompetitive. Same thing as a railroad company
selling exclusive carriage to one food company.

------
Zikes
If they're accessing personal wifi devices without the authorization of the
owner of said device, doesn't that qualify as a breach of the CFAA?

~~~
jessaustin
Actually the deauth packet is sent to your laptop, and it _appears_ as though
it came from your personal wifi device, even though it actually came from the
hotel's evil jamming machine.

IANAL, but typically staying at a hotel involves signing forms with fine
print, which could contain that sort of authorization.

------
Friedduck
That the FCC isn't clearly on the side of consumers speaks to how bought-and-
paid-for the Federal government has become.

I write, though, to suggest how fun it would be if guests or neighboring
properties started jamming hotel wifi in a bit of civil disobedience.

I wonder what the FCC would have to say about that (rhetorical, we all know.)

------
orenbarzilai
It will backfire for sure. Because stuff like this I prefer to use airBNB over
hotels with insane WIFI rates and poor reception in the room.

------
perlgeek
Hotels provide light, water, toilets, and often electricity for personal
devices for free. I hope it's just a matter of time until free Internet access
belongs to this group of naturally provided services that you don't even have
to talk about.

~~~
pbz
Usually cheaper hotels have free WiFi. It's the expensive ones that tend to
charge extra.

------
diltonm
Good on Google and Microsoft for standing up for what's right.

~~~
threeseed
Please. Google and Microsoft are standing up for themselves. They both run
search engines and advertising platforms that require internet traffic.

~~~
andrewchambers
Personal access points are features of both android and windows phone.

------
DyslexicAtheist
is this a widespread thing in the US or just in the Marriot? I travel a lot
mainly within Europe & Asia but never encountered it.

------
icantthinkofone
If Marriott, and other hotels, are going to start "to protect guests from
“rogue wireless hotspots” that could lead to hacking", that now makes them
communication companies and they should be put under all the laws,
restrictions, fees, forms, reporting and obligations that any
telecommunication company should be put under.

