Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hotel Connectivity Provider SuperClick Tracks You

Posted by kdawson on from the dust-off-the-VPN dept.

saccade.com writes "During my last hotel stay, I thought it was a pretty strange that it took two browser re-directs before the hotel's Wi-Fi would show me the web page I browsed to. Picasa developer Michael Herf noticed the same the thing and dug a little deeper. He discovered: '...their page does some tracking of each new page you visit in your browser, outside what a normal proxy (which would have access to all your cookies and other information it shouldn't have, anyway) would do. This "adlog" hit appears to also track a "hotel ID" and some other data that identifies you more directly. Notably, I've observed these guys tracking HTTPS URLs, and of course you can't track those through a proxy.' Herf notes the Internet service provider, SuperClick, advertises that it 'allows hoteliers and conference center managers to leverage the investment they have made in their IP infrastructure to create advertising revenue, deliver targeted marketing and brand messages to guests and users on their network...'" Herf was on his honeymoon when he did this sleuthing. Now that's dedication.

3 of 175 comments (clear)

  1. Putty w/ dynamic proxy support and an SSH server. by tgd · · Score: 4, Informative

    If you've got the resources to run an SSH server at home, use Putty with a dynamic proxy and point your browser and IM clients to it via SOCKS5.

    I wouldn't trust any network like that... even if the service itself isn't watching what you're doing, do you trust the other people on that network aren't?

    Its easy to surf or do other network apps safely on questionable networks. At least among the Slashdot crowd its easy... but I've educated even my parents on doing that when using public or hotel internet and gave them an SSH account to use at my house.

  2. OpenVPN by Shawn+is+an+Asshole · · Score: 4, Informative

    Or just use OpenVPN. I use this on my laptop. Set it as the default route, use the internal DNS and your good to go. I also use an internal proxy server. So when I'm at a coffee shop or hotel doing some work, the only thing they get to see is encrypted traffic to port 1194 (udp).

    Over that connection I can do anything. Instant messaging, email, SSH, http, ftp, BitTorrent, etc.

    --
    "It ain't a war against drugs.it's a war against personal freedom" --Bill Hicks
  3. OpenVPN uses SSL by SIGBUS · · Score: 4, Informative

    Note that OpenVPN can be set up to use a TCP connection instead of a UDP connection, and it uses SSL. No need for weird things like GRE that might not make it through.

    You could always put OpenVPN on a port other than 1194 if you think you might run into port blocking, too.

    --
    Oh, no! You have walked into the slavering fangs of a lurking grue!