

Hotel’s Free Wi-Fi Comes With Hidden Extras - nsns
http://bits.blogs.nytimes.com/2012/04/06/courtyard-marriott-wifi/?ref=technology

======
WA
So, this post basically says that a hotel injects "white boxes" that could
contain ads in a website when you use their free WiFi.

If one uses free WiFi, whether it is the hotel's or a Starbucks' access point,
he/she should be aware that the access point cannot be trusted anyways and not
only that, but also that every other user of the same WiFi might read all
unencrypted traffic (which might be the more serious threat).

I guess in 2012 everyone should have a certain awareness around these things
and the simple solution is to visit only HTTPS-sites from a free WiFi access
point (and don't ignore the browser's SSL-warnings, if they happen to occur)
or use your own (encrypted) VPN.

------
nwmcsween
I planned on doing the same thing but allowing completely free wifi access
across a whole city. The content injection was the simplest hurdle. Offering
free wifi (the plan was to use local businesses and offer them free
advertising) was the problem as every telecom company we talked to literally
revised their TOS to exclude allowing charging customers for internet use.
Also force ssl as content injection will not do a MITM or at least it really
should not..

------
robbywashere
LOL amirite guyz? ssh -D 8080; then uhhhh set up your browser settings to
proxy through local host 8080. amirite? Oh hey while were at it, use wireshark
to sniff for a mac address and then clone yer machine to have someone else's
mac address. this is old news. amirite?

