Slashdot Mirror
Marriott Fined $600,000 For Jamming Guest Hotspots
schwit1 writes: Marriott will cough up $600,000 in penalties after being caught blocking mobile hotspots so that guests would have to pay for its own Wi-Fi services, the FCC has confirmed today. The fine comes after staff at the Gaylord Opryland Hotel and Convention Center in Nashville, Tennessee were found to be jamming individual hotspots and then charging people up to $1,000 per device to get online. Marriott has been operating the center since 2012, and is believed to have been running its interruption scheme since then. The first complaint to the FCC, however, wasn't until March 2013, when one guest warned the Commission that they suspected their hardware had been jammed.
...convention centers, sports stadiums, and other large public venues that stop working simply due to the sheer number of people congregated, that would be nice.
Do not look into laser with remaining eye.
Who knew?
I just wonder if the fine that Marriott had to pay actually was large enough to take out the profit that they got from the jamming.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Who was paying $1k to use WiFI in a place like Nashville?
Why is it that the most awful dumpy motels always seem to have free, open and strong wi-fi? Many don't even bother with passwords.
Yet it's the expensive name-brand boutique hotels that always charge for wi-fi. And more often not, it's terrible quality, hard to connect and slow?
And, now we see this happening. This never happens at Motel 6.
Has anyone else noticed this- that overall the cheaper and sleazier the motel, the better the wi-fi?
The Opryland Hotel blocks customers wifi at conventions hosted in the hotel since they sell their own service. Here's their statement from Jeff Flaherty, a Marriott spokesman...
"Marriott has a $trong intere$t in en$uring that when our gue$t$ use our Wi-Fi $ervice, they will be protected from rogue wirele$$ hot$pot$ that can cau$e degraded $ervice, insidious cyber-attacks and identity theft."
Dollar signs added for emphasis. That hotel sells dedicated wireless services and custom networks for convention purposes at prices ranging from $250 to $1,000 per access point.
But remember it's all about protecting you! Any time someone says they are doing something for your protection remember it's most likely to further their own interests and not yours.
"GET / HTTP/1.0" 200 51230 "-" "Mozilla/4.0 (compatible; Setec Astronomy)"
To return the jamming favor.
Heh. Just commented on this on the Gizmodo post an hour ago. Please forgive the copypasta for my first post on Slashdot in probably 5 years.
My organization recently had a conference in a hotel owned by Marriott in a large Southern city. Not only did they want $500 per device per day for any Internet access — wired or wireless — the $12.95/day in-room wifi straight up did not work. They'd take your money before you could figure out it didn't work, of course. And if you ponied up the $16.95 for the "high speed" in-room wifi, it...barely worked. Barely.
We request one wired connection now. And once it's connected and the hotel staffers leave, I set up our own router with our own network. I'm pretty sure that if there was will or pressure on various and sundry consumer protection agencies, the prices charged by many hotel chains — with Marriott properties being the worst of them all — would not hold up in court.
I'll also add that our Director of Events is fairly convinced a new Marriott property in Washington, DC is doing this right now.
ACs are modded -6. I don't read you, I don't mod you, I don't see you. Don't like it? Don't be a coward.
$600k seems too small for such a large company. This is very sinister behavior. It would be like Burger King parking unmarked trucks or actors playing drunk bums in front of McDondalds' drive-through lanes to block customers.
Table-ized A.I.
"The first complaint to the FCC, however, wasn't until March 2013, when one guest warned the Commission that they suspected their hardware had been jammed."
How many guests would have the technical knowledge to tell if a device is being "jammed" or simply "isn't working" or that "cell reception is bad"?
Only one man would dare... Lone Star!
Turnabout is fair play, no? Jam the spectrum Marriott uses while staying at their hotels.
This garbage is why, before I stay at any hotel, I ask if there is a charge for their internet access, and what type of access they offer (wired, wireless, both?) If the answer is that there is a charge and I don't feel like getting a SIM for that country, I find another, more reasonable hotel to stay in. I do make an exception if the charge is under $2 a day, however, I haven't found a reason to make an exception yet.
I've certainly noticed that. Midrange value-oriented places frequently include a continental breakfast too, whereas high-end places want you to buy their overpriced breakfast.
Sometimes I enjoy employing certain Priceline biding tactics to get a $200 room for $81, but other than the appearance the less-expensive places are often just as good or better.
I am very sure it is not the top management of Marriot that dreamt up this scheme. The top honchos of most companies are so technologically inept they need tech support to turn on their iPads. It is most likely a local operation. The local manager lamenting not showing any revenue increase despite installing the WiFi access point server. And from the ranks someone down realizing jamming is possible. After that it is simple making bonus and making numbers for the local team that set up the scheme. The top guy has collected his bonus and will find another job. The mid level guys who knew it would be fired and have to look for a new job. The tab is paid by a big faceless corporation. This is likely to happen again.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
is that now that's less money that Mariott can donate to the Mormon church. Anything to deprive that cult of funds is a good thing.
I have, for years, because of Marriott's cozy relationship with the Mormons, refused to stay in one of their properties or any property owned by same.
So they basically got away with it. $600k when they're charging $250-$1K per wireless account? Yeah...that's fair.
Personal experience: ... where are the refunds? Where are the damages being paid back? My conference was fairly small (this hotel is beyond enormous mind you) and there still had to be 100+ vendors. We were one of ... I don't know ... 5-10 conferences that weekend?
I was a vendor at a conference in this exact hotel in 2013. Internet access was ridiculously expensive...per account which they prohibited sharing between devices of course. Handy when you're trying to present and sell technical services...and your hotspot doesn't work. Many vendors complained about how their hotspots weren't working, quite a few sucked it up and paid the extortion fee. Now I guess we know why. What I want to know is
At a bare minimum the FCC should find them equal to all the WiFi access fees they collected while this system was in place. Would some have paid anyhow? Yes. This is meant to punitive after all.
Oh...and don't let me get started on how they *required* you to "rent" carpet for your booth 10'x10' booth (starting at several hundred dollars) and pay for power connections - another several hundred dollars for the lowest ~300w 110v connection. Then there were fees to receive fedex boxes, fees to store them until you got them, fees to deliver them to you, etc. Want to rent a TV for your display? They quoted something like 6 grand for two 42" TVs with speakers. Yah huh. The vendor that got that quote laughed at them, went to costco and bought two TVs for ~$1500, then raffled them off.
You can get rich if you own a politician, but you have to be rich to buy one in the first place.
Are you kidding?
They were jamming for two years in a convention center where thousands of people meet every weekend, and they were charging exorbitant fees, in some cases $1000 per device. If this looks too high to you, imagine you are giving a talk about the last 18 months of your research, and a prearranged setup stops working. Your tenure, your reputation, your tenure may depend on that talk. And that's just for researchers. A company that has gathered a thousand POS managers for a discussion of a new system will have millions on the line.
Captive customer base indeed.
Fines seldom come close to wiping out the profits from the con, when big businesses with lobbyists are involved. I have personally participated in a cleanup effort (mostly through volunteers) which used about $30,000 on top of our donated time and equipment. While we were working, the assholes released more detectable crap, and were fined $2,500. But hey, they are golfing with the local high scum.
No good deed goes unpunished...
Lately, Slashdot seems to be echoing Hacker News, about three hours late. If you're going to be a scraper site, you have to do it faster.
I'm surprised only one complaint got the FCC to act. Usually it takes a few before they will investigate.
instead of using illegal frequency jamming or equipment that disconnects wifi clients, simply insulating the room with steel mesh of some sort would block radio transmissions without violating any laws..
Comment removed based on user account deletion
Are you kidding?
They were jamming for two years in a convention center where thousands of people meet every weekend, and they were charging exorbitant fees, in some cases $1000 per device. If this looks too high to you, imagine you are giving a talk about the last 18 months of your research, and a prearranged setup stops working. Your tenure, your reputation, your tenure may depend on that talk. And that's just for researchers. A company that has gathered a thousand POS managers for a discussion of a new system will have millions on the line.
Captive customer base indeed.
Fines seldom come close to wiping out the profits from the con, when big businesses with lobbyists are involved. I have personally participated in a cleanup effort (mostly through volunteers) which used about $30,000 on top of our donated time and equipment. While we were working, the assholes released more detectable crap, and were fined $2,500. But hey, they are golfing with the local high scum.
Did you host an event there? Sue Marriott in civil court.
So they basically got away with it. $600k when they're charging $250-$1K per wireless account? Yeah...that's fair.
Yeah, and the victims won't see a penny of it either. What should have happened was the Marriot charged with full refunds with interest to those they scammed. I'm quite certain they would have financial records of them.
Thats always the real question. And one that does'nt get asked enough.. I dont wanna know how much money a person has to pay back unless i know exactly how much they took. Otherwise its just business as usual.
If this looks too high to you, imagine you are giving a talk about the last 18 months of your research, and a prearranged setup stops working.
Not that this excuses their illegal behaviour but if you are giving a talk that important and you do not have at least one local copy of the talk without then your reputation deserves to take a battering. I'd be astounded if such a thing seriously affected someone's tenure though - it certainly would not where I work.
Why do I think this doesn't work. Employee generates $100M in revenues to the company, they pay a inconsequential fine, life goes on but nothing changes.
On the other hand, if the person that thought it would be a good idea spent a year in jail, then maybe the next person would not do this in the first place. And, for a year, we know at least 1 employee that _would_ not do this.
Curious enough, they can faraday their site. :-)
This shit is why I strongly prefer AirBnB or other alternative forms of hospitality.
I was at a hotel in London and found out that "Free wifi" meant it was freely available to reach the paid gateway. Sleezery seems to be in all large chains in large cities. You would think the high premium on staying there, and the economy of scale of the size of the hotel would mean that it's easier to provide good service to guests.
By contrast, with AirBnB you'll probably get secure, unrestricted residential wifi, or even an ethernet jack to plug into. Sure you might not, and you might not get a clean place. But there's no guarantee of cleanliness at the Mariott either, and you're certain not to get a free Internet connection.
If the FCC doesn't have the authority under current law, what agency should regulate situations like this (assuming for the sake of argument that Congress intended for such situations to be regulated)? The Federal Trade Commission perhaps?
What you were doing was arguably more ethical since you weren't making money off of people using the service, but if it happened today you would be denying other companies (namely, cell phone carriers who sell wifi hotspots and who charge by the byte) the right to conduct business.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Not that I agree with what they did, however your analogy is way off. It is more like: you went into mcdonalds with some burger king, then the mcdonalds employees saidyou couldn't eat it there and then said you could buy some food from them for $1k
Still despicable, but quite a different situation.
Seems like you're asking for the FCC do go beyond their duties. What you're looking for is a class-action lawsuit.
All spectrum is 'regulated', contrary to your assertion. The devices themselves are not 'licensed' because they transmit with a minimal power level, which generally means that they are 'part 15' devices. This constrains them to a low power level, and disallows using antenna transmit boosters (anything is allowed for reception, but gain sufficient to increase the effective output power is not allowed.
Jamming ANY radio waves is illegal in the USA.
Is the $600,000 going to the government or the people that were affected? Could Marriott be in the crosshairs for a class action also?
Passionately Indifferent
Are you kidding?
They were jamming for two years in a convention center where thousands of people meet every weekend, and they were charging exorbitant fees, in some cases $1000 per device. If this looks too high to you, imagine you are giving a talk about the last 18 months of your research, and a prearranged setup stops working. Your tenure, your reputation, your tenure may depend on that talk. And that's just for researchers. A company that has gathered a thousand POS managers for a discussion of a new system will have millions on the line.
Captive customer base indeed.
Fines seldom come close to wiping out the profits from the con, when big businesses with lobbyists are involved. I have personally participated in a cleanup effort (mostly through volunteers) which used about $30,000 on top of our donated time and equipment. While we were working, the assholes released more detectable crap, and were fined $2,500. But hey, they are golfing with the local high scum.
Did you host an event there? Sue Marriott in civil court.
Civil court?
This is computer fraud: hacked your device by sending de-auth packets to forcefully disconnect you, making you an easy target for a following attempt at blackmail or fraud: selling you severely overpriced access, under effective threat that it's the only access you can get, right now, before your conference start, come on, pay.
So... I'd go for penal court. IANAL, but I'd go for it.
Yeah that's one way.
Another way is to have laws and fines that are sufficient to actually stop abuses, instead of burdening courts with remunerating for abuses after the fact. I prefer this way.
For instance, yeah my family could sue the maker of the tainted drug that kills me, or we could just have the nanny state certify drug manufacturers and then people don't have to die nearly so much in the first place. I think that is a better world so that's the one I support.
Management didn't come up with this idea on their own.
The only Troll here was the guy who moderated the parent post troll.
Wonder what /. should pay for
jamming beta down our throats?
>or we could just have the nanny state certify drug manufacturers and then people don't have to die nearly so much in the first place
You're assuming that people will not die as often due to certified drug manufacturers. Your leap of faith is not shared by all, especially those dying because the drugs they need can't be certified in time.
Well keep in mind that the FCC fine is most probably meant to "punish" the regulatory infraction and not actually cover any civil damages caused by the Marriott's action.
Imagine if everyone that ever used this particular center went to court with the FCC decision in hand demanding damages AND refund of any fee paid. That is what needs to happen for the Marriott to really get their comeuppance.
This...you KNOW at least a dozen lawyers are already wetting themselves thinking of the fees to bring this case forward...
I'm not in academia, but my wife and half of our friends are. To hear them talk, a blown talk or even a bad poster can absolutely affect your tenure chances. A few years ago, they were trembling over their own reputation, now they are gossiping/deciding the newbies' fate. And even if no one hold your equipment problems against you, you will still have missed a great opportunity to enhance your reputation.
As for having a local copy... you'd be surprised how many young people do not share our mindset. Too many people nowadays take connectivity for granted, and do not even know where their stuff is, physically. I'm not even talking about those who put important (or private) stuff 'on the Cloud'. I've seen students in my wife's lab who cannot even comprehend that it matters where the experimental data is stored, when you are dealing with datasets measured in gigabytes. I am not sure my wife would know as much about her lab's infrastructure, were I not sneaking away to drink beer with the IT people every time she tries to take me to her department's 'functions'.
IT professionals think about this - after all, we're paid to. Most other people are used to thing 'working', and if they are being jammed in Florida when their IT guy's kayaking off California, they will pony up a thousand bucks of their lab's fund in a second.
No good deed goes unpunished...
I see "gaylord" and just laugh.
The person who had this idea should be promoted. Charge numerous people $1000/device for 3 years at a cost of $600,000. Profit!!
I am starting a one year boycott of all Marriott properties.
I was a vendor at a conference in this exact hotel in 2013. Internet access was ridiculously expensive...per account which they prohibited sharing between devices of course. Handy when you're trying to present and sell technical services...and your hotspot doesn't work. Many vendors complained about how their hotspots weren't working, quite a few sucked it up and paid the extortion fee. Now I guess we know why.
Three words. Class action lawsuit.
I agree, the fine should be bigger. Regulators should stomp the fuck out of Marriot for this. But class actions are the only remaining tool we have in this country against mega-corp. Since the FCC has already ruled Marriot has broken the law, I've no doubt that there's a bunch of lawyers right now hatching a plan to sue Marriot.
AccountKiller
If they were charging some people $1,000 during that time period then it would only have taken 600 customers to cover the fine. With all the smaller fish who were fried it could easily have been millions. Plus the huge inconvenience for those who went without. This fine should have been ruinous and someone should have gone to jail. Someone really senior, not just some tech dweeb who was scapegoated.
One of the rules that have long thought should be that when a corporation commits a felony there should be mandatory jail time and that it should be at the highest level that may (not certainly) have been aware of the crime. So if a UPS driver runs someone over going too fast that he may or may not go to jail but that if they can show that some executive was told that some policy would push drivers to speed, then boom it would be whatever sentence that would apply had he been speeding himself.
From the article:
A WiFi monitoring system installed at the Gaylord Opryland would target access points with de-authentication packets, disconnecting users so that their browsing was interrupted.
Looks like 802.11w (include in 802.11-2012 maintenance release of the 802.11 standard) might have a way to make you immune to deauthentication attacks.
Here is Cisco's documentation on it back when it was still proprietary to them.
Reportedly Win8 includes it and so do recent linux and bsd kernels. But OSX may not.
It seems that blocking someone's active legal service is vandalism. I could imagine that those with such a service might have important needs for it so that damages for not accessing that service would be substantial. So why wasn't anyone at Marriott arrested, charged with vandalism, and imprisoned until their trial? That's what would have happened if an individual did the same thing.
With a punitive fine of 5x that amount to discourage such behaviour in the future.
'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
Most people at said hotels are there for business and if you are spending $200 a night to house your employee there it would be foolish not to pay for their wifi and inhibit their ability to work there.
It's a rounding error in the accounts of an organisation like that; at least one more zero on it would have been a good start...
But Noooooo. We have to play by communista rules, where companies are not allowed to use the airwaves, which belong to them to intercept, jam or do whatever they want to, as guaranteed in the Constitution, when Jesus wrote it.
Thanks, Obama.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
Marriott's behavior smacks of shadiness and price-gouging, but they ware well within their rights on their own private property. Doing this in a public space might be interfering with common services, but in this context Marriott was simply regulating congestion on their internal network. There's only so many channels of available spectrum, especially at 802.11b/2.4ghz. It's simplex communication; more than a few hosts talking at once will absolutely saturate the pipe. You can throw more access points on different channels at the problem but eventually crosstalk and back-off timers bring things to a halt.
Could the hotel/conference center have 86'd a disruptive patron with their own security and not the police? If so, it's a private space and internal network regulation at ISO Layer 2 and above is a private matter. If they're not interfering with somebody's communication on a Layer 1, laws-of-physics level, I consider it to be outside the FCC's purview. I doubt they were disrupting cell service, so usb-connected MiFis likely worked just fine.
I hate attaching civil rights and civil liberties to corporate persons, but the fact of the matter is that this decision, if upheld, could be misapplied to the use and management of WiFi in many other contexts.
. We've got computers, we're tapping phone lines, you know that ain't allowed - Talking Heads, "Life During Wartime"
or we could just have the nanny state certify drug manufacturers and then people don't have to die nearly so much in the first place. I think that is a better world so that's the one I support.
On the other side of that coin are the people who die because the nanny state hasn't gotten around to, or simply won't, certify drugs that would save their lives, or who decertify other drugs because a few people with good lawyers suffered negative side effects.
Which doesn't normally happen.
Price gouging because of stupid laws about copyright or orphan drugs? Yes. Letting some ill-behaved drugs out occasionally? Yes. But actual withholding of a legitimate drug from the market? Not usually. And, if it does happen, it doesn't happen for long.
So, yeah, even with the distortions in the "Free Market" (capitals used as you should for any theological Supreme Being), I'll take not dying from some bootleg chemical that got into my bottle of ibuprofen by "mistake" over all the relatively minor negative impacts the FDA has (or might have in the future) on my life.
And, if it gets to the point that the impacts are no longer minor, well, then I'll bring out the pitchforks. But not before - I'm not fucking stupid.
That is all.
They were jamming at the Gaylord Opryland Hotel, what could go wrong?
or to have some real fun use the MOFO/DSH summoning spell by using the incantation
HIGH DOLLAR CLASS ACTION LAWSUIT.
GOD help them if IBM was tagged by this.
Any person using FTFY or editing my postings agrees to a US$50.00 charge
The correct course of action would have been to file criminal charges against the director and any other executives who this fiasco.
Sending a few assholes to jail is a much better deterrent than simple fining them for cost of doing business.
How many execs are going to risk their career, their home, car, possible family, just to make a few extra bucks for the company?
Without actually jailing the motherfuckers, there's no risk or penalty associated with breaking the law. Just imagine a director, general manager and a VP being served warrants and escorted out of the hotel in cuffs. Then put on suicide watch in the jail to make sure they didn't make bond.
They should have also cranked things up a few notches by sending in SWAT because of the conspiracy--you know the fuckers didn't act alone.
But shit like that doesn't happen to rich white guys driving BMWs.
How did he do it?
News for nerds, come on!
Did you host an event there? Sue Marriott in civil court.
Each individual lawsuit will recover up to $1000. Let's assume that it takes a consultant one day to check if you have any logs to show that you tried your other device. He probably already costs $1000. He probably has something like a 20% chance of finding logs. In 80% of cases you will lose $1000. In 20% of cases, assuming the US justice system is perfectly fair, you may win $1000. You are very unlikely to get full costs.
Suing simply doesn't make sense. A class action suit would make sense which is the reason why all the US corporate controlled media, from Huffington through CNN to FOX, briefs strongly against the idea.
This Marriot location has crazy prices - $20 parking, $3 vending machine coffee, $20+ meals, etc.
It's time to use another venue. Stay at the Hermitage Hotel if in Nashville and you need a ritzy place.
The Music City Center has much more space, in-building parking, and is located downtown within walking distance of Broadway.
The Omni hotel is the closest to that venue - next door.
For cheap eats - Demo's or The Spaghetti Factory. The latter has a 3-course meal for about $10.
- a Nashvillian
No, that's just enough money to tell Marriott that the regulators think it's a really swell idea, just don't get caught next time.
Chelloveck
I give up on debugging. From now on, SIGSEGV is a feature.
You realize that the fines go to the Federal Government and then, probably, are used to fill EBT cards, right?
The fines do Not go to those who were defrauded/cheated by Marriott.
The only way for a defrauded/cheated customer to recover their loss is to get lawyers involved--this could mean law suits.
This being /. I would have expected the discussion to address the technical aspects of how it is done... does it require special hardware? a hacked wifi-router? How do you jam a mobile hot-spot?
I'm not so much assuming it as going with the evidence, but you're right there are some (many) people who deny that. But for most of those deniers, it wouldn't matter anyway: they want no regulations even if it leads to death and destruction so the death and destruction are irrelevant to them. But not to me.
Yep, it's true. It's a hard balance. I prefer to try to find that balance than to simply deny the legitimacy of regulation, but many people see it otherwise.
Yes, you have correctly described how fines work. The general intention is prevention not remuneration.
Sometimes there are other legal options other than civil suits, but that is the primary way.
...I've seen today. Or can remember for a long time. Bastids! Marriot is definitely off my list.
The fine is going towards helping people who can't afford to eat? Well, what's not to like!
This was a very one-sided (and fact-light) article that did not even attempt to elaborate on the security posture Marriott could have been taking by employing jamming technology for the safety of its patrons. The $1,000 figure was mentioned by not backed up with any evidence. Just a sad commentary assuming the worst.