FCC Prohibits Blocking of Personal Wi-Fi Hotspots

alphadogg writes: The FCC on Tuesday warned that it will no longer tolerate hotels, convention centers or others intentionally interfering with personal Wi-Fi hotspots. This issue grabbed headlines last fall when Marriott International was fined $600,000 for blocking customer Wi-Fi hotspots, presumably to encourage the guests to pay for pricey Internet access from the hotel.

Re:frist post

[ZipK]

I would have been first had my WiFi not been jammed!

Good

[TJ_Phazerhacki]

Can they prevent wireless companies from blocking hotspots next?

Re:Good

[fuzzyfuzzyfungus]

Less likely. The FCC is pretty clearly within their powers in saying that you aren't allowed to intentionally interfere with other people's Part 15 devices by using your own to generate disruptive RF.

There is no obvious coverage for forbidding the sale of devices having a Part 15 radio component; but lacking a software configuration for providing network access to other devices with that device. They might be able to shove it into the conditions of a spectrum auction, and make it binding on the buyer; but it's more of an FTC problem.

Re: I am mad if I cant unplug my employee hotspots

[CaptainDork]

Private hotspots aren't on your network.

Re:I am mad if I cant unplug my employee hotspots

[ShanghaiBill]

If they won't let me unplug my employees private hotspots on my network, I will be mad.

You can unplug them. You just can't actively jam them.

Re:Damn!

[Harlequin80]

Faraday cages don't jam signals. They insulate the inside from the outside.

Free Pool but no Wifi?

[thogard]

You have to have a free pool to get a 5 star rating. Too bad the ratings companies around the world haven't required decent and free Wi-Fi. Major hotel chains would change their offers in a hurry when they are down rated to a 4 star hotel.

Re:Free Pool but no Wifi?

[CRC'99]

You have to have a free pool to get a 5 star rating. Too bad the ratings companies around the world haven't required decent and free Wi-Fi. Major hotel chains would change their offers in a hurry when they are down rated to a 4 star hotel.

And wait until they start snooping everyones traffic and data mining it... for profit - I mean, reliability monitoring...

On another note, I see you're looking at hotel bookings with another hotel chain at your next destination.........

Re:Free Pool but no Wifi?

[Joe_Dragon]

free Wi-Fi with a forced 25-30 a day resort fee

Re:Free Pool but no Wifi?

[tlhIngan]

You have to have a free pool to get a 5 star rating. Too bad the ratings companies around the world haven't required decent and free Wi-Fi. Major hotel chains would change their offers in a hurry when they are down rated to a 4 star hotel.

Then they give you free wifi with a paid upgrade.

I stayed at a hotel with free wifi. The "free" part was true, it was free, for 4 devices at 1Mbps each. Yes, 1Mbps.

Oh, they were more than happy to sell you different rate plans - perhaps you want 5Mbps for $20/day? Or perhaps if you want more devices on your account. (4 devices is a lot, if you're an individual traveller. But two people starts being limiting when you have 2 laptops, 2 smartphones and perhaps something else, and it's keyed to your stay - you can't shut down one and free up a slot - it's the first 4 devices to log in).

Oh yeah, there was competition too - hotels nearby that had pure paid wifi had free offerings as well, all similarly crippled.

Re:Free Pool but no Wifi?

[houghi]

It will come. The thing is that those hotels depend heavily on corporate customers and they do not care as the company pays the bill.

To me what they charge is almost theft. Yes, there is some infrastructure ti be build, but nothing special. And then there is the cost of the line. Make that 500 EUR per month (On the high side)
Now for a small hotel of say 100 rooms, that is 5 EUR per room for a month. Say 50% occupation and we get to 30 cents per day.
Raise your price with 50 cents per room and you are making money, while including this.

For small hotels, the connection can be even cheaper. 50EUR for VDSL. That is probably less then what they pay in toilet paper.

Re: Damn!

It would be legal to build a faridaycage around your hotel.
Illegal is transmitters that jam a band. They would need to be FCC approved. And the FCC isn't approving them.

Re: I am mad if I cant unplug my employee hotspots

[Antique+Geekmeister]

Just like modems on laptops or in the server room are not a security risk?

The problem is that people can, and do, connect the same device simultaneously to the hotspot or the modem and to the internal network. And then they port forward. I've certainly caught people doing this, especially among non-technical staff who try out "this cool thing they read about". I'm afraid it's often even worse among software architects who use passphrase free SSL or SSH keys "to save time", who lock their passwords to never expire, and who are very careful never to explain what they're doing to anyone else.

I've encountered far too many cases of such setups used for business critical services, unknown to anyone else, that collapse during network cleanup efforts or when the employee finally moves on.

Re: I am mad if I cant unplug my employee hotspots

[Jason+Levine]

If the employees are turning on their personal hotspots and using that, you don't have a security problem. If they are both connecting to the hotspot and to your network, you can stop this by booting them off your network. What you can't do, though, is put a hotspot jamming device in place to knock out all personal hotspots.

Re:Damn!

[Bing+Tsher+E]

Jamming equipment actively interferes.

RF shielding just blocks the signal passively.

It was never not prohibited

[TechyImmigrant]

The rules for access to the frequency spectrum used by WiFi require that the device has a mechanism to prevent it interfering with other users of the channel. That is why frequency hopping, spread spectrum and exponential backoff algorithms are all parts of devices permitted to be used in these bands. The devices are not licensed to access the band, they are certified to comply with the rules to access the band.

A device specifically intended to prevent someone else accessing the band is a clear violation of this law. There was no time since WiFi existed that this was remotely legal.

People should be in jail.

Re:It was never not prohibited

[Muad'Dave]

You're incorrect. Part 15 devices are absolutely required to not cause interference. From the link, emphasis mine:

(a) Persons operating intentional or unintentional radiators shall not be deemed to have any vested or recognizable right to continued use of any given frequency by virtue of prior registration or certification of equipment, or, for power line carrier systems, on the basis of prior notification of use pursuant to 90.35(g) of this chapter.
(b) Operation of an intentional, unintentional, or incidental radiator is subject to the conditions that no harmful interference is caused and that interference must be accepted that may be caused by the operation of an authorized radio station, by another intentional or unintentional radiator, by industrial, scientific and medical (ISM) equipment, or by an incidental radiator.
(c) The operator of a radio frequency device shall be required to cease operating the device upon notification by a Commission representative that the device is causing harmful interference. Operation shall not resume until the condition causing the harmful interference has been corrected.

Re:It was never not prohibited

[Muad'Dave]

I understand Part 15 (as well as Part 97, since I'm licensed under those rules). The mechanisms mentioned in the GP _do_ exist in law for 5GHz U-NII (read WiFi) systems. Please refer to Title 47 Part 15, Subpart E, particularly 15.407(h)(1) and (2) and also 15.37(e).

Also, (if I read it correctly) 15.37(h) forbids the marketing or sale of devices that use any digital modulation technique other than Spread Spectrum operating in the 5725-5850 MHz bands starting on June 2, 2016.

The definition of "digital modulation" is distinct from SS - from 15.403(f):

(f) Digital modulation. The process by which the characteristics of a carrier wave are varied among a set of predetermined discrete values in accordance with a digital modulating function as specified in document ANSI C63.17-1998.

This is a much bigger problem than you might think

[logicassasin]

I worked NetSec for a global casino/resort company. At nearly every site a few times a month I would send local IT to go find wifi routers plugged into our network. Employees would bring in cheap routers because we didn't allow wifi other than the guest network which was strictly for corporate visitors (ie. sales reps, etc) and they wanted to use their personal devices for whatever. This happened even at corporate, where I sat.

Re:Damn!

[fustakrakich]

The method is not specified in the rule. It just says blocking and disruption are prohibited.

Re: I am mad if I cant unplug my employee hotspots

[Antique+Geekmeister]

> If the employees are turning on their personal hotspots and using that, you don't have a security problem.

If they connect anything that lives inside your network, at any time, or that even has a VPN connection your internal networks at any time, you have a security problem. It may be one you choose to accept as a matter of policy, but the risk is very real. Worse. Most admins simply do not have the tools are buy-in to review and monitor systems for gateways, remote console access, or network tunnels that may expose your internal network through precisely such a hotspot or modem access.

I agree that by current regulation you may not run a hotspot jammer. The FCC regulations are quite clear about this, partly because they block other cellular communications and services such as telephones and GPS. But I'm afraid I disagreee vehemently with you that their use does not constitute "a security problem".

Incidentally...

[fuzzyfuzzyfungus]

What I find most baffling about the whole affair is how something that one would ordinarily think of as a fairly overtly malicious exploit, spoofing the appropriate management frames to break a network you don't have authenticated access to the configuration interface for, became a 'respectable' tool for 'management', even included out of the box in fancy commercial products from vendors with risk averse legal teams and so on.

This seems like the place where somebody who has been dealing with enterprise wireless gear long enough to have observed the change might be found. Did this 'feature' cross over from what was initially a proof of concept by a security researcher? Was it recognized as a possibility before the standards had even been hammered out and was available from day one? Do we know what vendor adopted it first? Were there any who specifically didn't offer it for legal, rather than technical, reasons?

At this point, it is certainly the case that at least some wireless management consoles adopt a very...possessive...tone, detecting 'rogue' APs, despite those APs being no more or less legitimate than any others, in terms of spectrum use, and offering 'containment' or various similarly clinical euphemisms for dealing with them. How, historically, did it come to be that this nasty DoS trick went all legitimate, even as generalized hacker hysteria can get you a stiff dose of CFAA charges for almost anything that involves a CLI and confuses the DA?

I'd love to have my hands on all the versions of various vendors' wireless management and administration packages, to see how this feature evolved over time. I can certainly see its appeal; but I find it hard to believe that nobody had serious doubts about its legality from time to time.

Re:Incidentally...

Companies can not be charged for hacking:
- See this company that makes a DoS device.
- See SONY rootkit drm.
- See companies that are poisoning P2P networks.

Re:Incidentally...

[DickBreath]

The Technical manner of Marriott's jamming is less important than the Legal fact that they are doing it.

If I used a stupid protocol trick to jam your tv signal, but without radio jamming, it would be no less a violation of the law.

Re:This is a much bigger problem than you might th

[Harlequin80]

I'm still not understanding how your setup allowed them to function. Assuming you are talking about them plugging a router into an active port in a room, how are their devices resolving anything other than your hotels generic hotel login screen. That there should have immediately stopped them as they would have had to authenticate through your portal and you would have had a log of it. Simple case of warning then dismissal.

If it's not a port for guests to access the internet from in their rooms why the hell don't you have port locking turned on at the very least? Why would those ports be of any use what so ever? They either should not have worked via port locking or there should have been no way they resolved and address or had a gateway to the internet. Staff will stop bringing in routers if it doesn't go anywhere.

Re:Damn!

[Harlequin80]

Then you would need to charge every plaster who used iron cored mesh when they rendered a house.

And seriously think about what you are saying. If they turned their building into a faraday cage then everything inside the building would still be able to talk to each other. It's not like they are saying "please sir, will you please place your phone inside this copper ball please" and cutting your phone off.

If a hotel turned itself into a faraday cage everyone's mobile phone wouldn't be working either and the last thing a hotel would want is to not be able to host a conference because people's phones don't work.

If I jammed the hotels WiFi

If I jammed the hotels WiFi it'd be a criminal (more likely 'terrorist') attack. Should I be surprised there isn't a criminal investigation into hotels doing this to it's own customers?

Re:frist post

[davester666]

well, stop using my channels. I'm using channels 1-16 to stream 4k video from my computer to the TV next to it.

Re: This is a much bigger problem than you might t

1. Your stupid policy of no wifi created the behaviour.
2. Authenticate physical connections to your corporate LAN. This function has been built into most non welfare switches for at least 15 years

Re:This is a much bigger problem than you might th

[ruir]

Would it not be wiser on the long run to implement 802.1X with MAC authentication?

Re:I am mad if I cant unplug my employee hotspots

[Applehu+Akbar]

So finally, the government does something for the consumer rather than the biggest corporate monopoly, and there's all this butthurt? You people are slaughtering that gift horse and serving up chevalineburgers to the hungry multitudes.

Re:Don't allow untrusted devices on a trusted netw

[pnutjam]

Does that product run on Linux and BSD?

Why this is a money grab by hotels

[DickBreath]

It is not about security. If the hotels were concerned for security, they would make their secure WiFi free (even if it required a password) so that everyone could securely use their secure network.

It's a money grab.

Oh, but the hotels argue: it costs money to build and operate a WiFi network!

I would point out that those hotels do not charge an extra fee for other things that have a substantial cost to build and substantial operating cost:

• Indoor Plumbing
• Electric Lighting
• Electrical outlets
• Air conditioning
• Heating
• Cable / Satellite TV

Why aren't the hotels charging fees for those other things that have a substantial cost to build and operate?

Wake up dinosaurs, it's the 21st century.