Some Hotspot Operators Secretly Intercept, Insert Ads In Web Pages

An anonymous reader writes with this excerpt from the NYT's "Bits" column: "Justin Watt, a Web engineer, was browsing the Web in his room at the Courtyard Marriott in Midtown Manhattan this week when he saw something strange. On his personal blog, a mysterious gap was appearing at the top of the page. After some sleuthing, Mr. Watt, who has a background in developing Web advertising tools, realized that the quirk was not confined to his site. The hotel's Internet service was secretly injecting lines of code into every page he visited, code that could allow it to insert ads into any Web page without the knowledge of the site visitor or the page's creator."

Hasn't this been going on for a while?

[readandburn]

I don't think this is news. (Yes, I must be new here.....)

without the knowledge of the site visitor

[xaosflux]

Of course this is in no way limited to hotels, even ISP's have been shown to do this. Using Client-Server encryption like SSL should easily bypass that.

Re:without the knowledge of the site visitor

[GamerGirlie]

Of course this is in no way limited to hotels, even ISP's have been shown to do this. Using Client-Server encryption like SSL should easily bypass that.

And that is easily bypassed by the ISP. For example when I try to login to slashdot and it changes from http to https, my ISP serves me their self-signed cert instead of Slashdot's real one. This way they are capable to intercept secure communications too.

Re:without the knowledge of the site visitor

[Sir_Sri]

Occasionally ISPs do this legitimately as well. My ISP keeps trying to inject a message into HTTP traffic when we reach 75% of our monthly download limit. This is especially amusing when it injects into steam or the web page previews in opera (and in neither case can you accept it, and move on, so it keeps trying to inject until eventually it hits a web page you're actually viewing).

Re:without the knowledge of the site visitor

[Tsingi]

I can't see this being any better or worse than ISP's hijacking DNS lookups and returning search pages, instead of a fail (Which is what they are supposed to do.)

Re:without the knowledge of the site visitor

[jonwil]

Care to tell me which ISP carries out such a man-in-the-middle attack on a secure web site so I can permanently blacklist them and any entity even remotely connected to them?

Re:without the knowledge of the site visitor

[mwvdlee]

Hmmmm, no... intercepting and changing internet packages is evil.

Yep. So use HTTPS-Everywhere.

[khasim]

Well, if you use Firefox that is.

If the connection between you and the website is encrypted, no one can add code to it.

Re:Yep. So use HTTPS-Everywhere.

[hairyfeet]

Weird question: Do you surf porn? Does that HTTPS trick stop the Firefox porn bug? Because one of the reasons I switched my users away from FF was the FF porn bug. Don't ask me to give an in depth explanation as I'm not an HTML guy but from what i could pick up here is how it basically works: Dude looks at porn, porn page has script that opens a hidden iFrame and uses FF autocomplete to log into their Yahoo mail and then spam the address book. From my tests with a couple of fake yahoo accounts it ONLY seems to work on FF and on the new yahoo layout, no other combo like Chrome and Gmail, IE and Hotmail seems to work. If you want to see how many sites have that bug now put a master password on your password list and see how many times the master password dialog pops up, on several porn sites its pretty much pop up city. Since so many of the guys kept sending me "How come I'm spamming and i don't have a bug?" I switched them to Comodo Dragon as it works with low rights mode and doesn't have the bug.

As for TFA what does anyone expect? TINSTAAFL and with the economy in the shitter hotels are frankly doing lousy business and i'm sure those ads make their "free Wifi" truly free for the hotel, so surprise surprise they add the ads. would you rather have this, or have to pay for the Wifi, or have it like AT&T where every so many minutes you are stopped cold and forced to watch a commercial? Personally I'd choose door #1, but of course I've got ABP in Dragon so it don't affect me either way.

Re:Yep. So use HTTPS-Everywhere.

[Skapare]

More than just porn sites do this. Many others, like LinkedIn, are more benign, just using your contacts list from your web email provider(s) to push you to find more people you know within LinkedIn. They don't spam or auto-add anyone. But it's still a concern. I use separate browsers for every signed-in site I visit, so LinkedIn can't get to my Gmail account, for example. I was prompted by LinkedIn to enter my password for those sites (I'd never do that). I don't know if they would prompt if the same browser instance was already logged in (I'd never do that).

Browsers should, and maybe FF now does, firewall JS code and data by hostname. Of course that would break using alternate servers for things like static images. But that's fixable by using the base name (remove the "www" part if that's on the name), and allowing access to hostnames that have name components added in front. So site slashdot.org could access images.slashdot.org. But tech.slashdot.org cannot access images.slashdot.org but can access images.tech.slashdot.org (so all sites just need to make their auxiliary servers named as child hostnames of the base hostname). The same wall should apply to Java and Flash, too (in addition to walls blocking access to the filesystem except as configured to be allowed into specific areas).

I've not done any tests of such security in FF, Chrome, or any other browser. Have fun.

Re:Insert this:

Obviously posting with the complimentary Hotel wifi.

Captive Portals Do That You Know?

[TemplePilot]

Thats right Captive Portal operators routinely inject advertisements either for their own operations or to suplement the donation button's found on the captive portal login at coffee shops, hotels and so on. Its a fairly common way to monetize what to a consumer might just be a temporary waystation to access the internet for free an hour or so. Often once some kind of payment has been tendered those 'ads' can be made to go away by the captive portal operator if they so choose. Sometimes CPO's even drop people into a walled garden featuring local businesses so you can freely web-shop the neighborhood once your free 2 hours is up. So you either pay or wait 24 hours when the captive portal resets. Usually a captive portal is a combination of server-router-software solutions and they don't exactly come cheaply irregardless what you might've been led to believe. Its an interesting side business if you have the time and witherwhal.

Re:Captive Portals Do That You Know?

[mrmeval]

DD-WRT has had this for a while now.

http://blog.anchorfree.com/news-events/ad-supported-wi-fi-network-launches/

"Consumers on an AnchorFree hotspot are presented with a display ad that remains at the top of the screen with every Web site they visit, and those ads can be contextually matched to the content on each page, according to Mark Smith, EVP strategy and product development for AnchorFree."

Re:Captive Portals Do That You Know?

[eht]

Hint, that is a word. From Merriam Webster

http://www.merriam-webster.com/dictionary/irregardless

"The most frequently repeated remark about it is that âoethere is no such word.â There is such a word, however."

Just because you choose to not recognize it, even though you understand perfectly what he meant by it, shows your ignorance. By the way, ain't is a word too, well a contraction at any rate.

Re:Captive Portals Do That You Know?

[spire3661]

Hint: Usage defines what is a word. People use 'irregardless', even if you think its wrong, it is a word. Dictionaries are not the end all be all of language either. A dictionary isnt all inclusive, it is not a listing of all 'proper' words, thats a fallacy. Its a best effort to put as many well defined words as possible in one place.

Re:Captive Portals Do That You Know?

[Nidi62]

Shit like this leads to "I could care less" or "I literally ..." (meaning figuratively) and other bullshit. No. Use the words correctly, and drop absolute abominations like "irregardless". Sure, you might think it's OK, but I and many like me will judge you to be likely a drooling imbecile if you do.

I literally could care less if you think I'm a drooling imbecile

Re:Captive Portals Do That You Know?

[mikkelm]

So you're asking him to learn how language works because he objects to people who make up contradictory words as a consequence of apparently not understanding how the language that they're using works. I don't generally have a problem with new words to explain new concepts, or even new words to explain existing concepts, but making up a new word consisting of an existing word with the same definition, preceded by a prefix that typically serves to negate the following word, that's just.. well.. dense.

Wouldn't it be easier if people just used the right words?

Re:Captive Portals Do That You Know?

[admdrew]

...that said, I think the person who said "Hint: That's not a word." totally derailed the conversation and took away from what TemplePilot was trying to say. (sorry for the double post)

Re:Captive Portals Do That You Know?

[93+Escort+Wagon]

So you're asking him to learn how language works because he objects to people who make up contradictory words as a consequence of apparently not understanding how the language that they're using works.

Count yourself in that group that apparently doesn't understand how language works.

Languages are dynamic. New words come into being when enough people start hearing and reusing slang or phrases that have developed as part of a dialect. Sometimes a person will simply make up a word, but it'll catch on for whatever reason and become part of the official lexicon.

"Irregardless" has been in use for about a century - it's now a word in the dictionary, just like "regardless" is a (somewhat older) word in the dictionary. They both mean the same thing. You may not like it, but that's the way it goes.

I'm sure he agreed to this in the TOS.

[Vandil+X]

Whether it's free Wi-Fi or paid Wi-Fi, read those Terms of Service. I'm sure this activity was disclosed in theire either explicitly or with ambiguous language. As the saying goes: Don't like it? Don't use it.

Re:I'm sure he agreed to this in the TOS.

[Chrisq]

Whether it's free Wi-Fi or paid Wi-Fi, read those Terms of Service. I'm sure this activity was disclosed in theire either explicitly or with ambiguous language. As the saying goes: Don't like it? Don't use it.

Where would you draw the line?

Adding adverts for their hotel?
Switching adverts for other hotels to theirs?
Removing negative reviews of their hotel, or changing the rating?
Removing news items supporting a political party the owners don't favour?
Adding fictitious negative news stories about a political party the owners don't favour?

In my view as soon as you start delivering content that has been changed from that the original author intended (except under complete control of the user such as adblock) then you are on dodgy ground.

Re:I'm sure he agreed to this in the TOS.

[hobarrera]

It's not really free if I pay USD200 a night at the hotel, is it?

Re:Insert this:

[Amyntas]

Contrary to popular belief, a recent study has found that, 'First,' actually comes before second, and is generally regarded as something that should not be mistaken with second.

Remember, One comes before Two comes before 60 comes after 12 comes before Six Trillion comes after 504.

Copyright infringement?

[Filter]

Wouldn't this be copyright infringement? The web page as you intended is your creative work, they are altering and distributing your work. I don't think you are allowed to do that.

   

Re:Copyright infringement?

[slazzy]

I wouldn't think it would be a clear case of copyright infringement. It could be argued that the ISP putting an advertising bar at the top of a webpage is not that different from a browser toolbar containing advertising. If it turned out to be, then using programs such as adblock would also be copyright infringement or in fact viewing a webpage with images or javascript turned off in your browser? In any case it's an evil practice in which I'm sure a solution can be found, maybe web servers should send some kind of hash which can be verified by the browser to make sure nothing changed in transit.

That should fail.

[khasim]

Unless you have specifically trusted whatever certificate authority server the ISP put up to do that.

Re:That should fail.

[Richard_at_work]

And what if they own one of the large CAs?

Re:That should fail.

[Nikker]

You should take a closer look at the CD media your ISP sends you to "setup" your Internet connection.

Great idea

[ickleberry]

You can make money from running an open wifi AP. I might try this myself and replace all google ads with my own, also deprive the Goog of some money for their driverless car pet project

It's a copyright violation.

[sotweed]

IANAL, and I don't play one on TV, but it seems pretty clearly a violation of a web site's copyright to do this. A web page
is a visual work, and at least for any country that is party to the Bern Convention (this includes the US and most or all of Europe),
a page is copyright even if it doesn't say so. So for the hotel or ISP to modify the page, especially when it is being paid to do so,
seems a clear violation. Some web site should make a big stink (lawsuit!) about this and put an end to the practice. I think it wouldn't
be a difficult case to win, particularly with all the other copyright enforcement actions going on (MPAA, etc.).

I wonder if a similar case can be made for organizations like health clubs that show TV programs at the wrong aspect ratio, making
people look as if they're 20% fatter (wider) than they actually are...

Re:It's a copyright violation.

[sprior]

Actually I think you'd use an MPAA case as a precedent. Wasn't there a case from the MPAA against a company that was creating a side editing track to cut out the bad(good) parts of a movie to reduce it from R to PG-13?

Re:Yay a New Arms Race!

[History's+Coming+To]

There's a simpler solution - if I write a web page and somebody copies all of my text and graphics as part of an advert (without my permission) then it's a fairly clear copyright infringement. So if you find a hotspot doing this just navigate to one of your own web pages and then sue the operator for copying your work and serving it up as an advert.

Re:HTTP Policies

[icebike]

Does anyone know if SSL solves the problem? Can a malicious endpoint act as a proxy so the SSL connection is between the endpoint and the real site and then serve you a different SSL certificate with the adverts included. (Although I doubt they can make a certificate look like the legitimate website.) Alternatively they could just drop everything down to HTTP...

They might be able to pull this off, but the revenue they could earn off of such a scheme would never pay the lawyer bills. One could argue this would be a DMCA violation. (In fact, they seem to be on shaky legal ground altering un-encryption streams. It is after all, a form of scraping and perhaps copyright violation.)

The drop everything to HTTP would certainly be noticed.

VPN

[SuperTechnoNerd]

So set up an encrypted tunnel to your home machine and set it up so you can browse the web through the tunnel as if you were at home. Slower perhaps, but worth it. If they are injecting stuff, then what else are they doing? Looking at your traffic?

Re:VPN

[FudRucker]

goats.cx the front desk if they are snooping on people's browsing habits, after some of that i bet they get disgusted and quit

Re:HTTP Policies

[bbecker23]

Does anyone know if SSL solves the problem? Can a malicious endpoint act as a proxy so the SSL connection is between the endpoint and the real site and then serve you a different SSL certificate with the adverts included. (Although I doubt they can make a certificate look like the legitimate website.) Alternatively they could just drop everything down to HTTP...

I've seen some novel approaches to working around SSL but most will tip off the end-user. I run a throttled honeypot on my home network with some ad-injection. I get a couple dollars a month from it, the neighbors get free internet, and it seriously cut-down on the number of auth-attempts against the secured side of my router. Most of the injectors just catch and sniff packets for webpages (trying to inject into, say, SSH would bork everything) and inserts an ad frame. I'll have to test how my setup handles a secured session but I've seen instances of SSL sessions being wrapped in a framed unsecured page (mostly at hotels and airports). Newer browsers (Firefox and Chrome anyway, no Windows box to test on) will pitch a fit about this but if you're connecting to an unsecured network, I doubt security is much of a priority.

Re:HTTP Policies

[mwvdlee]

It isn't so much scraping as it is simply taking somebody's website content and copying it for their own profit.
Plain and simple copyright violation where the website owner is the victim.

HTML modification going on since 2007 or earlier

[ODBOL]

In November 2007, I bought a wireless box from Meraki (http://www.meraki.com/). I intended to use it to provide a free wireless hotspot for my neighborhood, and to be ready to peer with any neighbor who chose to work on the grassroots network. These were primarily symbolic acts, since neither service is likely to get much use in my neighborhood.

In most respects, the Meraki box appeared to do a good job of exactly what I wanted. But I noticed a little blank stripe at the top of Web pages. I found that Meraki hacked HTTP packets to add that stripe. As owner, I was able to set the contents of the stripe (e.g., to advertise myself as the provider of the free hotspot, or to ask for payment if it's not free). But, I was not able to eliminate the stripe. I called support, and they confirmed that the stripe is not optional, but its contents are owner controlled. I sent the box back for a refund. I understand why Meraki provided the feature (I don't like it, but I understand). I don't understand why they made it impossible to turn it off. They were very good about delivery, support, and refund in all other respects.

I think that Open Mesh (http://www.open-mesh.com/) provides something like the Meraki box, but cheaper and transparent to all Internet traffice. I have not tried their products yet.

For the time being, I just leave my Tomato (http://www.polarcloud.com/tomato) box unprotected, and I think that people occasionally park in front of my house to use the network. But there's no chance of peering to help avoid the last-mile bottleneck.

Never seen before?

[fermion]

He said in an interview that he had never seen an Internet provider modifying Web pages that a person visits.

I guess this speaks to inexperience of the web developer. It was not long ago that ISPs were trying to do this. It was not that long ago that web developers put third content within a frame along with ads that generated personal revenue. AFAIR, this idea of pushing personal ads over third party content is as old as the mass advertising on the web. And I know some ISPs specifically did this.

This is a negative practice. It is one of the primary reason used to justify web blockers. While one might trust the website, there are many ways to inject other ads and content into a web page. As such, it is best, from a security perspective, not to load ads.

Re:Never seen before?

[Thing+1]

And I know some ISPs specifically did this.

So, would this work? (I realize that it might make "page delivery" take twice as long; although, I just made it better, here it is.)

After the page completes, have a JavaScript routine that runs which calculates the page's MD5 sum (or similar) and sends it back to the server. The server can then determine whether what it sent is what the user saw.

This of course might also be a way for the server to violate ad blockers. If it didn't match, then the server could negotiate with the client as to which parts of the page didn't match, and then re-send them through a side channel and show the ads.

(The "twice as long" was the initial implementation, which was to send the page back; then the server would re-send anything missing. But the checksum idea seems to use less bandwidth.)

Let's just be clear about that.

[khasim]

And what if they own one of the large CAs?

Just to be clear about that ...

You're postulating a situation where:
The ISP
is owned by a certificate authority
that is, by default, trusted by your browser vendor
and that certificate authority
is creating certificates for 3rd party websites
without the 3rd party websites' permission
in order to facilitate man-in-the-middle attacks
so that the ISP can inject ads into your session.

I would imagine the backlash would kill both the ISP and that certificate authority.

I think this is a business model in use

[ODBOL]

I can't tell if you are joking or being sarcastic here. I'm pretty sure that you have just described a business model in actual use. It seemed to be promoted by Meraki as a way to make money with their wireless boxes.

I also believe that there was a dispute some years ago regarding television broadcasts inserting advertisements as if they were posted on the fences at baseball stadiums.

I would greatly appreciate reliable pointers that anyone could provide to these behaviors. I will try to find some later. For now, this is what I remember, and I think it's right, but it hasn't been checked.

Since 2007 or earlier

[ODBOL]

I posted a comment below regarding Meraki wireless boxes that did this in 2007. I never experienced an actual deployment, but there must have been some.

Re:HTTP Policies

[SuricouRaven]

Stop thinking like an engineer, and lower yourself to the thoughts of a typical computer user.

"A weird box just popped up! IT says something about certificates and signing, whatever that means. If I click 'accept' I'll get to see the website, so I'll do that."

Re:No.

[overnight_failure]

Assuming this is copyright infringement, your logic is wrong. Just because the consumer of the product agrees to receiving modified content, it does not allow someone to modify a copyrighted work.

Remember free Dial-Up Providers from the 1990s?

[Vandil+X]

In the 1990s, there used to be tons of free dial-up ISP providers that gave you free access so long as you agreed to surf the web through their branded version of Internet Explorer that framed websites in ads. Some providers required you to click the ads so many times within a certain interval of time or get disconnected.

I'm sure these frames and banner ads "violated" the design of websites that were browsed by these users, but since the websites themselves were not hacked or damaged and displayed correctly on the computer screen of those not using ad-managed ISPs/web browsers, there is probably not a tangible copyright issue.

Hotel Wi-Fi is just the modern version of this same model, albeit without using software or requiring ad clicks.

Re:Yay a New Arms Race!

[93+Escort+Wagon]

There's a simpler solution - if I write a web page and somebody copies all of my text and graphics as part of an advert (without my permission) then it's a fairly clear copyright infringement. So if you find a hotspot doing this just navigate to one of your own web pages and then sue the operator for copying your work and serving it up as an advert.

Or, better yet, send an email to each significant site you've visited while at Marriott and tell them what's going on. It's likely they've got deeper pockets than you do. Most probably won't bother to go after the hotel; but it only takes one.

Re:HTTP Policies

[Restil]

While they couldn't insert code into an encrypted session, they COULD perform a man in the middle attack and accomplish the same thing, provided the user decided to override the certificate warning (which I'm guessing most people would). A more secure solution would be to do all the browsing over a ssh tunnel. That too could be intercepted, but it's less likely, and ssh will catch such an attempt provided the tunnel was first initiated over a trusted connection, so at least you'd be able to avoid using the service if you know it's going to be insecure.

What's ironic is the fact that the cheap hotels that are out in the middle of nowhere have great, highspeed, well covered wifi with mostly unrestricted or completely unrestricted hotspots (most of the time, all you have to do is agree to a clickthrough agreement, and you're good to go). But go to a big hotel in the city for a convention or something and they want to charge $15 a day for it. I'd just grown accustomed to tethering my cellphone in those instances since I got higher speeds from that than I did from the hotel wifi.

-Restil

Re:HTTP Policies

[Skapare]

Does anyone know if SSL solves the problem? Can a malicious endpoint act as a proxy so the SSL connection is between the endpoint and the real site and then serve you a different SSL certificate with the adverts included. (Although I doubt they can make a certificate look like the legitimate website.) Alternatively they could just drop everything down to HTTP...

The SSL layer already knows the hostname of where it wants to go. The signed certificate received from the connected server should have a cert for the Certificate Authority, identifying which public CA key to get from the collection the browser or SSL library has. The CA signature of the web site's cert is decrypted by that public CA key. If that works, it is then known the site cert is signed. If the site name also matches (maybe with wildcard enabled), and today's date is in the range valid for the signature, then the site cert is valid. Otherwise not, and you get that annoting security popup.

For the proxy to insert anything, it would have to act as the end point for the SSL stream. But that setup would fail unless the proxy has the web site's certificate signed by a valid CA. If you add a new CA the proxy server used (its own), then it could do that. Otherwise they would have to convince some CA to sign certs for ALL the major sites, for use in this proxy. A bad CA could do this. You can then defeat that by removing the bad CA cert from your browser. But the hotel could defeat you by convincing you to add their local CA cert to your browser (and then the proxy can dynamically generate a fake signed cert for any site you visit if they know the name in advance, which can be done with a name server injection). You can defeat that by not allowing any of their stuff into your computer.

If you have the means, a VPN to your own trusted network can help, though you then have slower responses. Test their network to see if you can access secured services you normally do have access to, like SSH, IMAPS, Submit/TLS. Also check to see if they have IPv6 and complain if not. Tell them "the FREE porn sites are on IPv6 only".

Re:HTTP Policies

[bbecker23]

"A weird box just popped up! IT says something about certificates and signing, whatever that means. If I click 'accept' I'll get to see the website, so I'll do that."

My point exactly. SSL (and a handful of other techniques) will alert the user to something untoward going on, but the lion's share of those users will ignore/not understand the threat.

"Web Engineer?"

[CohibaVancouver]

Justin Watt, a Web engineer, was browsing the Web in his room at the Courtyard Marriott

C'mon editors - "Web Engineer?" What the hell does that mean? It's amazing how engineers allow their title to be attached to every job under the sun these days. You certainly don't hear about 'Web Laywers' or 'Web Dentists.'

Re:"Web Engineer?"

[CohibaVancouver]

I fail to see the problem here

From http://en.wikipedia.org/wiki/Engineer

In the US and Canada, engineering is defined as a regulated profession whose practice and practitioners are licensed and governed by law.

Goose and Gander

[glorybe]

If it is ok for a business to make changes in other peoples' materials then the reverse is also true so if I want to make huge changesd in Marriot's web pages that should not be illegal at all. good for one is good for all.

Re:HTTP Policies

[Alex+Belits]

if you're connecting to an unsecured network, I doubt security is much of a priority.

Congratulations, you are an idiot!

The whole point of encryption is that it allows secure communications over insecure network.

Re:Yay a New Arms Race!

[Xtifr]

Yes, I'd love to see the bastards sued over this! And I think the Grateful Dead might be a great organization to launch such a suit. They have a couple of advantages: 1) for their "free" music, they have a license similar to CC-NC, but it predates CC-NC by many years, and explicitly forbids Internet advertising (some people claim that the CC-NC is a little vague about this), and 2) one of their songwriters is a lawyer and, moreover, not just any lawyer--he's one of the founders of the EFF (John Perry Barlow).

Re:HTTP Policies

[colinrichardday]

You say that big-city hotels have higher costs, and that they charge more for wifi because of those higher costs (maybe not of bandwidth, but other stuff). You then criticize the GP for expecting prices to be higher based on costs? Hmm. . .

Re:HTTP Policies

[jasen666]

Bull. Shit.
Different hotels in the same town, next door to each other, have wildly different policies. Budget hotels offer free WiFi almost universally, along with other freebies in EVERY CITY. The more you pay for your room, the more likely it is you will be nickel and dimed for every little thing you use. It's been this way forever. It makes no damn sense to me either. I get free shit with my $80 room, but with the $200 room they tack on surcharges for wiping my ass with the window open.

Re:HTTP Policies

[edb]

Without exception, in traveling to >30 hotels each year for the past [wayyy too many years], the higher the per-night rate for the hotel, the more the nickel-and-dime charges for what should be included as part of the accomodations.

< $100/night usually includes:
    - FREE wifi, unspecified throughput, non-public IP
    - FREE incoming phone calls
    - FREE incoming faxes
    - FREE outgoing phone calls up to 30 min
    - FREE computer near lobby for guest use
    - FREE document printing for reasonable # pages
    - FREE microwave oven in the room
    - FREE mini-fridge in the room
    - FREE pillows & linens on the bed
    - FREE pull-out drying line for laundry in the bathroom
    - coin-op laundry for hotel guests

> $100/night often imposes charges for:
    - WIFI: $12.95+tax per day
    - public IP: additional $10+tax per day
    - incoming faxes: $.50/page
    - outgoing phone calls: AT&T Operator rates + 200% surcharge
    - document printing: $.50/page
    - fridge in room: $25 per night, special request
    - microwave in room: $25 per night, special request
    - linens: changed every 3 days at no charge, no discount for multi-day stay
    - laundry: 24-48 hr turnaround; $5.00 per shirt, $10.00 per pants, don't even ask about other items!