
Hotel Wi-Fi blocking: Marriott is bad - brendannee
http://www.economist.com/blogs/gulliver/2015/01/hotel-wi-fi-blocking
======
72deluxe
Cisco sell a Wireless LAN controller, which can send disconnect packets to
"rogue" APs that get set up, rendering them useless. This is particularly
important at events where the airspace is severely cramped, such as big arena
events, racing, horse racing etc. where the myriad of APs to provide coverage
of free wifi to pundits would have to compete with these other APs. In a
severely crammed airspace, this would help to encourage the other AP providers
to turn their boxes off.

And getting a mobile telephone call in such events is even trickier, given
that 50,000 people are in one space and the masts to serve them are
oversubscribed. If they all suddenly want to place bets or browse the web,
that's incredibly difficult to provide on the mast, so providers will set up
additional masts for big events (like the big horse-racing events here in the
UK). That's why they provide free wifi too, and having other APs set up and
attempting to provide wifi over the airspace doesn't really help.

I wonder if Marriott hotels have the same approach in order to provide better
wifi coverage? I have been in numerous hotels where the wifi coverage was
great if you're sat in the bar but abysmal if you're down the other end of the
building (where the hotels here in the UK are large old buildings with thick
walls, very tricky for wifi).

Irritating if you're trying to use your phone to provide wifi to your laptop
in order SSH to your own box at home or to get content via your mobile (which
might be faster than their Internet access in some cases). I suppose you could
just use a Bluetooth PAN instead (and it uses less power!)

~~~
michaelt

      Cisco sell a Wireless LAN controller, which can 
      send disconnect packets to "rogue" APs [...] 
      this would help to encourage the other AP 
      providers to turn their boxes off.
    

Perhaps I should make a product that detects controllers sending fake deauth
packets, and does the same thing in return.

This would help "encourage" people who buy the Cisco product to turn that
feature off :)

~~~
anExcitedBeast
Not defending Marriott, but the primary use case for rogue AP mitigation is
not fueled by corporate greed. I recommend it to clients to keep employees
from standing up insecure AP's on their internal network, which is a serious
security concern. I encourage you to write the tool, though!

------
xerophyte12932
Interestingly enough, my local Marriott has this quote posted on the wall:

"Wifi should be like air: Free and Everywhere"

And they have a totally open wifi network. I live in Karachi, Pakistan.

------
jzwinck
In Asia there are tons of places with free Wi-Fi, even where there the tap
water is not potable. At a bus stop in the middle of nowhere in South Korea.
At a roadside cafe in Malaysia. At a cheaper-than-cheap hotel in Indonesia.
Even some airports!

There are no "portals," no "user agreements," just beautiful open Wi-Fi
scattered all over the place. It's hard to imagine spending even $5 at any
place that wouldn't offer you internet access, much less the $150+ that
Marriott charges its "guests."

Sooner or later all this unnecessary friction (sorry, "added value") is bound
to catch up.

~~~
Mithaldu
This works because the free wifi makes the people want to stay there and spend
money there, so in effect everybody pays for the wifi. In high-end hotels the
relationship is entirely reversed and people stay there because they want to
stay there, and the wifi is used to extract more money because people actually
need it while staying there.

It also needs to be kept in mind that all these asian small places have DIY
wifi, while hotels got into the wifi game way too early and locked themselves
into expensive, underdelivering and long-term contracts with 3rd party
companies that do the wifi for them.

~~~
TeMPOraL
> _while hotels got into the wifi game way too early and locked themselves
> into expensive, underdelivering and long-term contracts with 3rd party
> companies that do the wifi for them._

It's basically one group of scoundrels that got cheated by another group of
scoundrels. I wonder though, how hard would it be for hotels to renegotiate
those contracts - or drop them and eat the fee - if they actually cared?

~~~
saryant
That's what Hyatt just did.

[http://newsroom.hyatt.com/?s=20295&item=123338](http://newsroom.hyatt.com/?s=20295&item=123338)

------
mschuster91
Heh, with the government using stuff like IMSI catchers, I would not be
surprised at all if using a faked AP is a common tool in the box of the
3-letter agencies.

I'm fine with Marriott using deauth jamming against rogue APs with _their
SSID_ (or a similar impersonating one, e.g. "Mariott Wifi" instead of
"Marriott Wifi"), or operating on their specific wifi channel (thus
downgrading the experience of the customers), but they absolutely have to
leave APs alone which have a different channel/ssid.

~~~
cesarb
> I'm fine with Marriott using deauth jamming against [...] or operating on
> their specific wifi channel

While they might have a justification that a "Mariott Wifi" ESSID on a Mariott
hotel is theirs, how can they say a specific wifi channel is "theirs"? Wifi
runs in unlicensed bands, any device which meets certain technical
requirements is allowed on any channel in these bands, no matter who the
device owner is. The 802.11 protocol is designed to share wireless channels
between APs with different owners (while it also assumes that APs with the
same ESSID have the same owner).

And what would be "their" channel? A well-designed wireless network for a
large enough area will use several channels. Unless they have a single AP
(unlikely) or their network is not well designed, they are probably using all
the non-overlapping channels in the 2.4 GHz band and many channels in the 5
GHz band, including all the non-DFS ones.

------
lylebarrere
I wish the FCC could subpoena financial records and to see the price consumers
pay for Wi-Fi and the total revenue Wi-Fi sales made for Marriott. I would be
willing to bet those numbers would make it harder for Marriott to argue this
is anything other than an attempt to gouge captive consumers.

~~~
ubernostrum
Worth pointing out, again, that this is _not_ about charges for in-room wifi,
but rather for wifi in larger conference spaces in the hotel.

Which can easily run into thousands of dollars for a weekend, so if an event
wants to do, say, live streaming, they do their best to make it impossible for
the event to bring its own hotspot and connection.

~~~
lylebarrere
Do you have a source for that? I read the actual FCC announcement from FCC.gov
and it says:

"Marriott employees had used containment features of a Wi-Fi monitoring system
at the Gaylord Opryland to prevent individuals from connecting to the Internet
via their own personal Wi-Fi networks, while at the same time charging
consumers, small businesses and exhibitors as much as $1,000 per device to
access Marriott's Wi-Fi network."

In your room or in the conference center you should be able to use your own
Wi-Fi without interference.

Source: [http://www.fcc.gov/document/marriott-pay-600k-resolve-
wifi-b...](http://www.fcc.gov/document/marriott-pay-600k-resolve-wifi-
blocking-investigation)

------
matthewmacleod
Obviously this is true, and hotels providing wifi services want to charge for
them rather than allowing users to use their own (much cheaper) systems. No
question.

That aside, what is the solution to rogue access points in a public space? We
all know that it's pretty easy to set up camp in a public space, broadcasting
a friendly-looking but dangerous wifi network. Let's says you've got someone
sitting in the Marriott lobby, creating the "Marriott Free Wifi" network. A
bunch of people will connect to it, and some information will leak.

Is there any reasonable way to deal with this issue? Obviously we have to
assume that public wifi is compromised in any case and require transport-layer
security, but I can certainly see there's still a gaping security hole there.

~~~
epochwolf
You call the police and they arrest the person. WiFi is short ranged. Not
every problem needs a technical solution.

~~~
icebraining
_You call the police and they arrest the person. WiFi is short ranged._

Yes, but it doesn't need constant attention. A small router can be dropped
anywhere and route the information to the attacker long after (s)he's gone.

That said, finding the AP and disabling it is better than randomly throwing
deauth packets.

------
ilitirit
A guy know wants to block cell phone signals at his business so that customers
are forced to use his phones, at a premium.

I'm sure there's a law against this though.

~~~
sspiff
What if you just make the walls thick enough to block signals? Or put things
that block radio signals in them?

I can't imagine this would be illegal. Jamming signals may be hard to do
legally, but keeping them out is probably impossible to forbid by law.

~~~
rmc
Keeping signals out is the definition of jamming.

~~~
logfromblammo
Incorrect. Jamming is denial of service by increasing the noise. Blocking is
denial of service by decreasing the signal.

If the hotel puts a grounded Faraday cage around your room, that's blocking.
If it transmits 1000 watts of static on the 2.4 GHz band, that's jamming. The
former is legal, and the latter is not.

~~~
sspiff
Thanks for making my point a 1000% more clear.

------
leephillips
Couldn't the "rougue" operator turn the tables and use the same technique to
shut down the official WiFi?

~~~
blueskin_
Yes, although chances are you'd need quite a lot of hardware depending on the
scale of their network. Doing so would _also_ be illegal, of course.

~~~
leephillips
If the consensus in the comments here is correct, that Marriott's technique is
legal because it doesn't create radio interference, then what law is the rogue
operator breaking when using the same technique?

------
briandear
As a platinum member of Marriot and Hyatt, it's clear where I'll be staying on
my next trip.

------
TorKlingberg
How is Marriott blocking WiFi routers, technically? Is it actual radio jamming
or something else?

~~~
sargun
My guess, and my understanding is that it probably uses the same tech that
most enterprise WiFi networks use. They probably send fake deauth packets in
order to disconnect stations. A lot of enterprise wireless solutions also do
this for the following:

(1) Removing security risks: You really don't want people running their own
WiFi access point plugged into the corporate network.

(2) Removing interference: In order to remove interfering APs / stations from
the network, it deauths them in order to disconnect them.

You can learn more about the mechanisms used here:
[https://en.wikipedia.org/wiki/Wireless_intrusion_prevention_...](https://en.wikipedia.org/wiki/Wireless_intrusion_prevention_system)

~~~
michaelcampbell
For those interested, the "This Week In Enterprise Tech" podcast covers this
whenever it makes the news, and they go into some detail into what's happening
(yes, it's deauth packets).

They also have a pretty good back and forth on the issues about it. One can
probably find it in the show notes if you want to find out which casts have
covered it already.

------
topbanana
I'm not at all comfortable with the Economist using such facile titles

~~~
scrollaway
How is it relevant "how comfortable" you feel with their titles?

~~~
Burritamos
Considering this is a comment thread about that article, I would presume that
makes it relevant.

