Wi-Fi Hotspot Blocking Persists Despite FCC Crackdown

An anonymous reader writes: An examination of consumer complaints to the FCC over the past year and a half shows that the practice of Wi-Fi hotspot device blocking continues even though the agency has slapped organizations such as Marriott and Hilton more than $2 million in total for doing this. Venues argue they need to block hotspots for security reasons, but the FCC and consumers say the organizations are doing this to force people to pay for pricey Internet access.
"Consumers who purchase cellular data plans should be able to use them without fear that their personal Internet connection will be blocked by their hotel or conference center," FCC Enforcement Bureau chief Travis LeBlanc said in a statement. "It is unacceptable for any hotel to intentionally disable personal hotspots while also charging consumers and small businesses high fees to use the hotel's own Wi-Fi network. This practice puts consumers in the untenable position of either paying twice for the same service or forgoing Internet access altogether." Consumers have filed many complaints about Wi-Fi hotspot blocking to the FCC.

Not free?

[Frosty+Piss]

In recent years, I have rarely stayed at a first class hotel that did not have free guest w-fi. People expect it and will bail for the local coffee shop if it's not free in the hotel.

My guess is a lot of the offenders are in tourist traps where everything costs a lot.

Re:Not free?

[Dcnjoe60]

In recent years, I have rarely stayed at a first class hotel that did not have free guest w-fi. People expect it and will bail for the local coffee shop if it's not free in the hotel.

My guess is a lot of the offenders are in tourist traps where everything costs a lot.

I think you intended to say that all of the first class hotels you stayed at had free guest wifi, but your double negative said just the opposite. However, my experience, at least in the US is just the opposite. Big name, first class hotels charge for wifi. It is the middle tier hotels that give it away as part of the room cost. Same thing with parking and other amenities.

Re:Not free?

[Frosty+Piss]

So you have stayed in first class hotels that did not have free guest wi-fi in recent years.

Yes, troll. Out of the last 50 hotels I have stayed in, perhaps two had charges that were very minimal.

My point is that offensive and exorbitant wi-fi fees are in fact far and few between, even as the typically "ZOMG THE SKY IS FALLING" Slashdot article tries (and fails) to imply otherwise.

Non-free wi-fi is simply not a huge issue anymore because while many hotels may charge a nominal fee which is their right, they don't block you from creating a wi-fi hot spot.

You probably don't know this if you don't travel a whole lot, as I do.

Simply put, I travel a lot. I have rarely had to pay for wi-fi, and when I did, the cost was negligible, and hot-spots where not blocked if I had chosen to use my cell data plan.

Why did you even bother with the rest of your post?

I don't know why I respond to Anonymous Cowards , they are usually vapid chihuahuas.

Re:Not free?

In 100% of the crappy low end hotels that Ive stayed in during the last eight years, 100% of them have provided free wifi provided that you ask for the pass code at the front desk. This goes for KOA also.

Re:Not free?

[Frosty+Piss]

I stay a lot at Sheraton and Westin properties because I have a points account... But you could be right.

Re:Not free?

Most Guest Wi-Fi is limited to browsing

Re:Not free?

[turbidostato]

"My guess is a lot of the offenders are in tourist traps where everything costs a lot."

Two options:
1) The USA way: It's a free market, ain't it? Let the owners of the real state do whatever they want within their premises and let the market sort them out.
2) The EU way: let's define a fair leveled playground and punish those that cheat.

You now choose your poison.

Re:Not free?

Good luck to the hotels keeping their WiFi blockers within their premises!

Re:Not free?

Re: That supposed double-negative:

While not a fan of sentence-diagramming, you might benefit. He said what he meant--and correctly.

Re:Not free?

[whoever57]

To be accurate, the GP's statement could be satisfied if he never stayed at a first-class hotel.

Re:Not free?

[wbr1]

I travel quite a bit. Most mid tier hotels offer free wifi. Higher end hotels often have free and 'upgraded' tiers. You can get laggy, almost unable to stream 720 video wifi free or pay.

Re:Not free?

[Applehu+Akbar]

It's different in hotel conference facilities. Charging your organization $50,000 and up just to turn on the WiFi while your conference is in session are routine. Conferees find it pays to use their own cellular data plans to run a personal hotspot that several other conferees can share. The hotels being discussed here will run jammers to prevent this from happening.

Re:Not free?

This is true not just in the US. When I travel with my wife, we stay in the Four Seasons, Ritz, or other similar level hotels. Almost all of them charge for WiFi unless you book them through a service that provides WiFi and other amenities. I've found this the case in Europe, North and South America, Oceania, and Africa. When I travel by myself, I go low-end, usually Marriott or sometimes even hostels. The joke is that the WiFi charge per day when traveling with my wife can be greater than the room charge with free WiFi when I travel by myself.

Re:Not free?

[Gadget_Guy]

In recent years, I have rarely stayed at a first class hotel that did not have free guest w-fi.

I think you intended to say that all of the first class hotels you stayed at had free guest wifi, but your double negative said just the opposite.

That is completely wrong. If you rarely stay at a hotel that does not have free Wi-Fi then it means that you more commonly stay at hotels that do have free Wi-Fi. It certainly does not mean, as you claim, the opposite of what was intended. Nor can you infer that the intention was that all the hotels had free Wi-Fi, as the word rarely indicates that some hotels did not have that feature. If the word used had been never then you could say that all hotels did have it.

Re:Not free?

[Gadget_Guy]

To be accurate, the GP's statement could be satisfied if he never stayed at a first-class hotel.

Actually, that would not be accurate. He must have stayed in at least one first-class hotel for him to be able to say that he has stayed in one that didn't have free Wi-Fi. If you slightly reword the original phrase "I have rarely stayed at a first class hotel that did not have free guest Wi-Fi" as "I have stayed at a first-class hotel that did not have free guest Wi-Fi, but only on rare occasions".

It is possible to say that he might never have stayed at a first-class hotel that did have free Wi-Fi, because the rarely term could mean that he only rarely stays at first-class hotels at all and he gives no indication how often (if ever) he stays at hotels that do have free Wi-Fi..

Re:Not free?

[thegarbz]

I borderline live in hotels at the moment. Spent the past year hotel hopping for work from one top tier place to another. Now I've settled in an area, in Europe, we're taking the opportunity to travel as much as possible jumping from bottom tier, hotel to bottom tier hotel.

Nearly all hotels have had a free service.
Some of those free services had to provide personal information to 3rd parties, such as logging in to Facebook.
Nearly all hotels have had a paid service which was much MUCH faster and with less restrictions.
Generally the more expensive the hotel the less likely it was had free WiFi. I was there for work so they paid for it.

Now the kicker:
Nearly all the hotels which offered any kind of wifi did so via a public hotspot and some gateway login. Great, now I don't even something as basic as WEP encryption to keep the script kiddy next door from snooping on my traffic.

Re:Not free?

[lsatenstein]

In recent years, I have rarely stayed at a first class hotel that did not have free guest w-fi. People expect it and will bail for the local coffee shop if it's not free in the hotel.

My guess is a lot of the offenders are in tourist traps where everything costs a lot.

Naah. Its a Trump Hotel. Nothing is free.

Re:Not free?

[Shirley+Marquez]

Sheraton gives you free WiFi at most of their hotels if you have a membership in their frequent traveler program. Otherwise it's $10 per night. Westin has the same parent company so their policy is likely to be similar. My only recent Westin stay was at a convention that negotiated free WiFi for all guests, so I don't know.

Re:Not free?

[Shirley+Marquez]

This. The hotel charges for internet access in conference areas are insanely high. Professional conventions just pay it and build it into their fee structure, but it means that leisure conventions that have to keep their prices down are typically unable to pay and have to do without internet access. That causes problems for exhibitors who want to use the internet to present things.

Re:Not free?

[larriet]

Yes, troll. Out of the last 50 hotels I have stayed in, perhaps two had charges that were very minimal.

My point is that offensive and exorbitant wi-fi fees are in fact far and few between, even as the typically "ZOMG THE SKY IS FALLING" Slashdot article tries (and fails) to imply otherwise.

Non-free wi-fi is simply not a huge issue anymore because while many hotels may charge a nominal fee which is their right, they don't block you from creating a wi-fi hot spot.

You probably don't know this if you don't travel a whole lot, as I do.

Simply put, I travel a lot. I have rarely had to pay for wi-fi, and when I did, the cost was negligible, and hot-spots where not blocked if I had chosen to use my cell data plan.

Bullshit.

I do travel a lot and while I can usually access the "Free WiFi" at a luxury hotel from their lobby, if I need privacy or bandwidth I (my client) pays their outrageous rates.

Personal travel domestically I look for a Red Roof Inn. Dogs and strong, really free WiFi.

So, make their decision easier

[nightfire-unique]

First offense, $5 million. Second, $50 million and jailtime for those responsible for the policy. Third offense, $500 million, and so on.

Re:So, make their decision easier

[Z00L00K]

Too low, raise it to a billion per suppression device.

Re:So, make their decision easier

It should be a percentage of something, not a fixed cost. Otherwise it will destroy any smaller companies which could learn a lesson, and not matter to large companies which can cover a fixed fine.

Re:So, make their decision easier

No, require them to provide free Wifi (without logins or nags) that is not slower than any paid Wifi they offer, and make them advertise it everywhere they mention their paid Wifi. Make them refund all paid Wifi fees that they collected since they started interfering with other people's Wifi, or the last three years, whichever is longer. Fine them if they keep interfering with other people's Wifi, fail to provide free Wifi as stipulated or fail to refund the paid Wifi fees.

Re:So, make their decision easier

[Bob_Who]

First offense, $5 million. Second, $50 million and jailtime for those responsible for the policy. Third offense, $500 million, and so on.

Yeah, all the above, what you said.

Lets be sure that individuals are named and charged with misdemeanors - no more corporate anonymity - expose the thugs.

Then force them to provide free internet for a whole year to everyone, a fine that pays the customer instead of authorities.

They still have the "honor bar" to make up for any shortfalls..

Re:So, make their decision easier

[93+Escort+Wagon]

First offense, $5 million. Second, $50 million and jailtime for those responsible for the policy. Third offense, $500 million, and so on.

Nah. If you're a Slashdotter and run into this...

First offense, take out the hotel's wifi.

Re:So, make their decision easier

http://tech.slashdot.org/story/16/03/11/1343222/chicagoan-arrested-for-using-cell-phone-jammer-to-make-subway-commute-tolerable

Being established as a crime already, it seems the correct reply to a first offense is a large fine and a misdemeanor charge.

The second offense response should be arrest for the federal crime and thus prison time for management and everyone above (automatically one year minimum incarceration), a much larger fine, the sheriff department evacuate the building and using fire axes open every last potential cavity in the building to find, confiscate, and destroy all equipment involving RF (not just the hotspot jammers, but ALL RF, so take and destroy all networking hardware, all televisions and radios, all building automation systems, all of the lamps in the lobby, etc) for which the hotel is responsible for the repair costs for.

Since they claim is the action is "security related" I believe that means a SWAT should be the lightest possible response to the situation. I sure hope none of the chief officers, managers, or board of directors speak during the operation and get shot multiple times in the back of the head... But it happens, all above board and legal of course.

Re:So, make their decision easier

[Gadget_Guy]

No, require them to provide free Wifi (without logins or nags) that is not slower than any paid Wifi they offer, and make them advertise it everywhere they mention their paid Wifi.

That goes beyond the remit of the FCC. They only care about whether you have used Wi-Fi blocking technology designed to interfere with legal use of the airways. It is not illegal to charge money for Wi-Fi access.

Re:So, make their decision easier

You can't require it of a business that has not interfered with other people's Wifi, but clearly the profit motive was the reason why they interfered, so removing that profit motive directly is a more adequate "punishment" than a simple fine.

Re:So, make their decision easier

[tlhIngan]

Then force them to provide free internet for a whole year to everyone, a fine that pays the customer instead of authorities.

Doesn't work. A lot of hotels already provide "free wifi" but also make money off it. What they do is the WiFi is definitely free - you don't have to pay for it. But it's like 1Mbps. You can then pay $10/night if you want to upgrade to "high speed" 10Mbps or so.

A lot of hotels do this. I wouldn't be surprised if those hotels named also did the same, trying to get people to pay for "premium wifi" over using their phones.

Re:So, make their decision easier

[rworne]

This isn't the same thing. The commuter was blocking cell signals with a jammer. The hotels do not do this, they block WiFi signals instead.

What they do differently is forge deauthentication packets to force WiFi clients to disconnect from the WiFi hotspots and allow connections to a whitelisted batch of MAC addresses. One such tool to do this is called "Omerta".

Cell phones and hotspots work just fine in the venue with the cellular network, just good luck keeping a WiFi device connected to them.

It'd be interesting to see what their argument would be to the FCC. They are not "jamming" the 2.4 or 5 GHz spectrum, they are selectively allowing certain connections and interfering with others. I'd be interested in seeing them prosecuted under computer hacking laws, since they are performing what is essentially a DoS attack on the computers within (and around) their property.

Re:So, make their decision easier

[Jesus_666]

Nah, that is too punishing for smaller venues who might not be aware of the regulations. Better to use day's wages - which for companies should be defined through their annual revenues divided by 365. That way we don't hand out fines that immediately send a small venue into liquidation or go unnoticed by a big venue.

As for jail time: Seriously? For phone/wifi jamming? I mean, sending people to jail for trivialities is all the rage in America these days but I think that reserving that measure for more harmful crimes would be a better policy. Besides, if you just cost the company ten percent of its yearly revenues in fines you will feel the pain - either your boss will want your head or you own the company and it suddenly took a huge financial hit.

Re:So, make their decision easier

Beyond the average hotel guest's expertise, but seems like you could filter the deauth packets.

Re:So, make their decision easier

[Shirley+Marquez]

Sending people to jail is part of the populist desire to make white collar criminals pay with time in prison. Typically poor criminals spend time behind bars, starting even before they are tried because they can't afford bail, and continuing after the trial because they can't afford good lawyers who can get them out of prison time. Meanwhile, white collar criminals get off with fines at worst (and often manage to buy their way out of the charges completely), and those are typically paid by their companies so the criminals themselves feel little pain. Lots of people want that to change, and specifically for white collar infractions to cost the criminals TIME (which is a scarce resource for them) rather than money (which they have plenty of and won't miss much).

Re:So, make their decision easier

[Jesus_666]

I can see the resoning behind that and I agree that those who cause damage to the most people tend to get off with the slightest punishment, which needs to change. But again, I'd reserve prison sentences for those who actually cause significant harm, such as by pushing people beneath the poverty line or making them homeless. Hotels who block wifi/mobile data access inconvenience their guests and cost the companies who use them for conferences a bit of money - bad but not that bad.

I mean, seriously - look at the GGP's proposal: Fines scaling by an order of magnitude, with the first fine already big enough to completely wipe out smaller businesses. Mandatory jail time for the second offense. That's reminiscent of the War on Drugs: Zero tolerance, cruel punishment and a good chance of causing vastly more damage than the thing it's supposed to protect against.

Sure, white collar criminals deserve proper punishment but that doesn't mean we need to maximize their suffering at any cost, for even the slightest infraction. We can't answer injustice with more injustice and expect a good outcome. It's rather telling that blatantly destructive vengeance fantasies like that get +4, Interesting...

CRaCkDowN?

Ha!

Solution: Harsher Punishments

[ThatBeDank]

Make offending organizations pay $25+ million. Make them hurt. Better yet, jail some of the executive staff. Organizations are people and the board and C level suite are the head. Works for me!

Re:Solution: Harsher Punishments

[Z00L00K]

You missed three zeroes, start with a billion for one device, then an exponential increase for each device found.

Re:Solution: Harsher Punishments

[GuB-42]

Did you work for the RIAA?
Reminds me of "oh my god, a torrent, let's sue for 1 billion dollars"

But blocking all wifi is fine?

[sims+2]

So If they block all wifi any force you to use a ethernet connection in you room for an extra $25 that's ok then?

Re:But blocking all wifi is fine?

Then you click the "bluetooth" or "usb" options for sharing a network connection on your phone instead of "wi-fi". For a tech site, some people really have no clue....

Re:But blocking all wifi is fine?

[ShaunC]

I think it's the "blocking wifi" part that's getting the FCC's attention, not so much which expensive alternative is being pimped. If you're jamming frequencies or using some type of active denial to kick everyone off APs in the area, they aren't going to be happy with you.

Link is broken

Link is broken ... here is PROBABLY the original article
http://www.networkworld.com/article/3042454/mobile-wireless/wi-fi-hotspot-blocking-persists-despite-fcc-crackdown.html

Some guy just got arrested for jamming cell phones

But wi-fi "blocking" gets a free pass? Have the FCC throw the book at them.

Security

[thegarbz]

Venues argue they need to block hotspots for security reasons

Due to security reasons we are preventing people from running their own closed network between their devices and their telecom companies and instead forcing them all into our own network joined up with hundreds of other strangers ....

Re:Security

[ShaunC]

Hundreds of other strangers and the lights in their hotel rooms!

Re:Security

[DRJlaw]

Putting a fireall [sic] between the local clients and the rest of the Internet, or even port blocking certain classes of internal traffic, protects the clients and the rest of the Internet from quite a few vulnerabilities, such as unsecured sharing of the "C$" share with no admin password that is prevalent on poorly managed Windows laptops. And it reduces the cost of the service for the hotel by allowing bandwidth limiting on the controlled "free" access.

The concept went right over your head, didn't it?

If you set up your own WiFi hotspot, say using your cellular phone, you are not putting traffic on the facility network, you are not causing the facility to incur costs for bandwidth, and you are not in any sense the facility's local client. You are a client of your cellular provider's network, using a your own WiFi connection between your own cell phone and your other devices (over public airwaves; without connecting to the facility's WiFi network). That connection is presumably entirely private to your own devices (assuming that you're password protected your hotspot; my own device will not provide a WiFi hotspot without one).

Putting a firewall between a customer and the customer's cellular provider is not the facility's job. Policing the internet (as opposed to the facility LAN) is not the facility's job. And appropriating public airwaves (in this case WiFi frequencies) for the exclusive use of the facility is quite simply illegal.

Security reasons have very little to do actively interfering with WiFi hotspots. There is only one potentially valid concern - SSID spoofing. If you want to take on the FCC concerning that issue - go for it. But if the SSID is not the same as your facility's SSID, then you should not and legally cannot interfere with that other wireless network. Full stop.

Got it?

Re:Security

This is not about security, its about money...specifically the venue forcing you to use their wi-fi, and then charging you out the A$$ for it.

Since the hotspots that they are blocking are via people's cell phone service, how is this any different than blocking cell phone calls?

Re:Security

I don't know about the ethics of blocking other people's wifi, I guess it's rude and illegal but obviously by creating your own wifi network in your hotel room and using it, you're using up spectrum.
If the hotel is crowded you might be making everyone else's wifi slow.

Let's imagine you stream netflix from 4G phone, to your laptop, to a Chromecast-like thingie plugged on the hotel's TV and all your crap is configured to broadcast at the max legal power, on 2.4GHz obviously. The law is on your side but you're being a dick, if you know about it and can use USB between your phone and laptop (or other options like a 4G modem or wired hotspot etc.), ask for a hdmi cable.

Re:Security

If the hotel is crowded you might be making everyone else's wifi slow.

You'd make it much slower by being on the hotel network. Further, by blocking, the hotel is even doing more damage here.

The law is on your side but you're being a dick, if you know about it and can use USB between your phone and laptop

Not really. Your phone isn't going to cause much pollution on the frequencies on the other side of your walls. You'd be surprised how much the signal drops off in just the next room. The much bigger issue would be trying to use the hotel's WiFi for streaming Netflix.

Re:Security

[Trickster+Paean]

There is only one potentially valid concern - SSID spoofing. If you want to take on the FCC concerning that issue - go for it. But if the SSID is not the same as your facility's SSID, then you should not and legally cannot interfere with that other wireless network. Full stop.

In general, you are correct, but someone's SSID can still be deceptive without being the same and still pose a security issue.

A security concern about SSID spoofing can be more complicated than just whether the SSID is the same, because you can have a valid security concern if the SSID is misleading. My favorite example is the "Free Public WiFi" you would often see in airports in years past, set up by a virus. Someone could also be using a typo, or adding something to your SSID, like "Guest" or "5G" or something else to make it look like your SSID. In such a case, there is a real argument to be made that they are trying to interfere with your network.

But I think that's the widest possible extent of any valid security concern.

Re:Security

[thegarbz]

Putting a fireall

Sorry but you've failed already, and not because of spelling. Personal hotspots are always encrypted. Neither Android nor iOS provide the ability to do otherwise. Also they ALL have firewalls in place due to the nature of the hotspot requirements ... NAT.

On the other hand hotel / conference centres' WiFi are nearly always unencrypted. No firewall is going to protect you from the person next to you with their laptop. You're now open to additional attacks such as packet sniffing which no firewall is going to protect you against.

Re:Security

[thegarbz]

In general, you are correct, but someone's SSID can still be deceptive without being the same and still pose a security issue.

Yeah I don't trust other's SSIDs. That is why I only connect to the SSID I provided on my device, the one that is listed in my Android settings.....
On the other hand which of the Hotel WiFi, Hotel Guest WiFi, Hotel Guest, WiFi Hotel, Guest_Hotel, Hotel_Guest, should I connect to?

In my view SSID spoofing is another security flaw that would be introduced by this policy.

Re:Security

[Antique+Geekmeister]

> If you set up your own WiFi hotspot, say using your cellular phone, you are not putting traffic on the facility network,

As long as the traffic from the hostspot stays only on that VLAN, then yes. Part of the difficulty is that it does _not_ stay there. People cross connect networks as a matter of course, for example with laptops that have both wired and wifi connections, and they are horrible about the resulting security problems.

Re:Security

[Antique+Geekmeister]

> Personal hotspots are always encrypted.

The connection between the hotspot and a cell phone network is encrypted. The connection of wifi devices to the hotspot is often left unencrypted or with a published or guessable passphrase, for convenience of the hotspot users. Cross-connect them, and you have fascinating issues.

Cross connecting to other devices on the same private subnet, behind the same NAT, is a problem. It's aggravated if devices in the same NAT have non-firewalled and non-monitorable connections to alternative networks at the same time.

How?

How are they blocking hot spots? The only way I can think of is to jam the frequency, but that would kill the venue's APs as well, no?

Re:How?

Cisco calls it containment. Centrally managed access points will send deauth or deassociation frames to clients connected to "rogue" APs.

We use it at my job, but only for our SSIDs ie., if you set up an AP or hotspot with the same SSID as ours, the containment feature will attempt to stop clients from associating. Our company name is part of the SSID, so it's not like you can innocently or accidentally have your connections to your hotspot blocked.

That said, there have been times when I wished we simply banned the use of hotspots (we provide free, fast wi-fi) due to the RF interferences. At one point, 90 hotspots were operating in a ballroom competing for a limited number of 5ghz channels and everyone's experience suffered. When we asked people to disable their hotspots and connect to our unfiltered, unthrottled, free connection, about 70 did and the performance for everyone was (reported by them to be) better.

Re:How?

[sims+2]

Probbably something like this:
https://github.com/DanMcInerne...

Using wifi deauth packets.

Re:How?

[paradxum]

So...... would disabling SSID broadcast stop the devices from getting the info for a successful deauth attack? I don't know... I'm asking... I know it'd be able to see the macid of the ap, but is that enough to do a deauth?

Re:How?

[danbob999]

Cisco calls it containment. Centrally managed access points will send deauth or deassociation frames to clients connected to "rogue" APs.

We use it at my job

What is your job, so that I can complain to the FCC?

Re:How?

Turning off "SSID broadcasts" removes the SSID only from beacon frames. All the other frames still have it. Turning "SSID broadcasts" off has never been beneficial and will never be beneficial. It is in fact detrimental to security, because without the SSID in the beacon frames, clients need to broadcast the SSID in probe requests to find the access point, and they do that everywhere, not just in the vicinity of the access point. Just forget that the option exists.

Re:How?

You really might want to re-think this. Almost anywhere in the world, intentionally interfering with other equipment on a licensed band can land you in prison. Security reasons is no excuse.
If your story is true I have no idea how Cisco gets away with it, those devices should never have gotten a certification and can be confiscated without warning if someone discovers and FCC or local equivalent feels like it (as said, in addition to putting you in prison if they want).

Re:How?

Crap. Meant to write "unlicensed band". Though doing that to a licensed band if you don't own the license would admittedly be even more reliable in getting you into trouble...

Re:How?

No.

If someone is pretending to be us, we're not going to let them keep doing it. I'd actually like to see the FCC taken to court over this.

In a technical sense, this isn't as much like jamming as it is hacking. The client radios are free to hear and be heard, it's just they're receiving (and following) instructions from other unauthenticated devices.

Re:How?

First you'd have to set up APs in/around our property that are pretending to be our APs, only then would anything be done.

Re:How?

[Trickster+Paean]

I don't think there would be an FCC enforcement action over something like this. So long as you're allowing other wireless hotspots if they aren't trying to impersonate you, that should be fine.

In the FCC enforcement advisory put out after Marriott, one of the things they mentioned was that Marriott "admitted that the customers it blocked did not pose a security threat to the Marriott network..." If there is a security threat, that does change the situation. You can see that advisory here: https://apps.fcc.gov/edocs_public/attachmatch/DA-15-113A1_Rcd.pdf

In fact, I would argue that by trying to put up a wireless network with the same or a similar name, that would constitute an attempt at interference by them. Either way, the FCC is indicating it would consider valid security concerns.

Re:How?

But... but... but... why would the FCC file-a-complain page return an HTTP 403 reply to my THIRD independent COMPLAINT? Sic: TWICWIFI and optimumwifi offer free passes and paid per day service, but both went into a vicious circle by the second time I wanted to purchase their service. It is long to explain out of context but easy to see browsing them, they do NOT provide account numbers for these connections but save the email address so it can only be used once. When you want to use the email account they ask for account number (and password), if you want to start anew the account is already in use! Cookies (?) save the free pass information so it works only once as intended, but wanting the paid service ends up after several pages going back to the choice page... So overall I could connect two times in one service, optimum, and once in TWICWIFI, and that was it. The optimum service was truly optimum, my best browsing in years, better than starbucks when I first discovered their last store. TWICWIFI was the alternative to ****** wifi failing but functioned only once; I did get the address of these people but have been unable to visit them, so currently I can only get their ten minute free pass once a month but not the paid service. I am not sure the mother companies are aware. I tried to complain that Cablevision announces they have a hotspot outside Duane Reade on Pine St, NY but it seems to be disabled by PHARMACY EMPLOYEES, and was impossible to get to the complain pages (seemingly only reachable if you are connected through them, otherwise you only find marketing). From my perspective it _IS_ a concerted denial of service attack, accompanied ALSO by employees sometimes turning off the routers or adapters in Starbucks, Dunkin DOnuts and McDOnalds, and library employees manipulating the routers too and letting physical connections break on decay. Last time I tried optimumwifi was in ****** subway hub but was interrupted by policemen wanting to vacate the Subway. I have not tried connecting through them since.

Re:How?

[paradxum]

So.... you are saying that it would not stop the deauth attack? not exactly clear on your answer.

MITM Protection

[mentil]

Experiments have found that unsecured hotspots in airports will be connected to by hundreds of strangers, running Firesheep etc. they can be easily MITMed. I'm sure the same is true in hotels, people don't bother to find out what the hotel's Wifi ID is. Blocking other hotspots prevents people from connecting to any attempts to MITM them.

Re:MITM Protection

[marka63]

Blocking traffic to other spots just means the hotel can MiTM your traffic. I've found most hotels do MiTM traffic sent on their network.

How about Walmart and Meijer stores?

How about Walmart and Meijer stores? I find it odd that they don't block actual calls since that would be noticed quickly, yet mobile internet just doesn't seem to work hardly at all in there.

It's as if they block only internet and leave voice alone *on purpose* to keep you from price checking things in store. Amusing I can have an HD voice call in the depths of the store yet as soon as I cross the front door threshold I can no longer lookup prices on the internet.

Lets investigate this first as it's anti-competitive.

This blocking almost cost me a $7500 job

I am a startup that sets up electronic visual attractions at large venues at facilities like these. For configuration purposes, the units contain APs which are supposed to be connected to via the organizer's phone in order to allow them to control the attractions.

Twice I ran into cases where I was simply unable to connect to any of the units and I had no idea why. Eventually to debug this pulled up wireshark and found someone was performing a de-authentication attack! This was at two different events, but at large hotel chains. Had I not had a wired backup, I could have easily been out some several thousand dollar paychecks.

Two million in fines!

[Revek]

Doctor evil doesn't care about 'Two Million'. Seriously, why not try to fine them a amount that will make it unprofitable.

Re:Two million in fines!

[iggymanz]

let's see, for Mariot gross profit for 2015 totaled 2.1 BILLION dollars

Hilton gross profit was 7.1 BILLION dollars.

Guess you're right, $2M for both is a flea bite

I'm amazed at USB connection sharing

If you have a smartphone + laptop (or smartphone + desktop) you don't even need a wifi network between them.
I was surprised that the internet connection sharing feature works seamlessly, with Firefox OS 1.3 on the phone and Linux Mint on the desktop (it's possibly no different with mainstream OS).

Hit one checkbox/toggle on the phone, plug into the PC's USB, then the PC configures itself in one second (NetworkManager). I have used it to piggyback on the phone's wifi access actually (so the phone is a basic wifi router, with torrenting etc. working). You may probably use that to get hotel wifi on both the smartphone and laptop if needed.

So.. If you want to access 3G/4G from your laptop, a wifi hot spot is not strictly needed. You avoid to waste spectrum.

Block the hotel's wifi?

If the FCC isn't doing their job of shutting down wifi blockers, what's to stop the attendees from blocking the hotel's wifi? It would only take a couple vengeful actors willing to skirt the spottily enforced law and shut down the hotel's pay-to-play thing.

Re:Block the hotel's wifi?

Because if you do it as a person you will go to jail. See the story from a few days ago.

20 million

Gets more attention than 2.

network mangement, not security

you are correct that there is little or no security value in blocking hotspots.

But you are mistaken when you think that running your own hotspot has no impact on the venue network.

Part of properly setting up a wifi network in a venue (and I readily admit very few are properly setup) involves paying very careful attention to the RF environment, what channels are used where at what signal strengths. Setting up your own wifi access point can significantly hurt other people trying to use the venue network.

I run the wireless network for the Scale conference, and I've had people setup their own APs in a booth at the show that knocked out wireless access for not only people nearby on the show floor, but also people in conference rooms on the floor above. In my case, they had signed agreements that they would not be doing this, so I was able to shut them down. I've also had people running hotspots who were willing to shut them down after I pointed out how they were interfering with other people trying to use the network.

But even with this said, I agree with the FCC that blocking this is illegal. There are no licenses issued for running wifi networks. They operate under the part 15 rules which state that they are not allowed to interfere with anyone else and must accept any interference that happens. As a result, trying to block hostspots violates both sides of that policy.

David Lang

Re:Some guy just got arrested for jamming cell pho

[Gadget_Guy]

But wi-fi "blocking" gets a free pass?

How is getting a $2 million fine a "free pass"? That guy who got arrested for using a phone jammer had already been caught once before doing the same thing and yet continued the illegal activity, just the same as the hotels. There is no double standard going on (yet).

Interference with licensed operator

[Todd+Knarr]

Up the ante a bit, and have someone with a ham radio license file a complaint, not about WiFi blocking but about an unlicensed operator's (the hotel) interference with a licensed operator's transmissions. The rules about that, IIRC, apply even on the unlicensed bands and give the FCC well-established grounds to shut down the hotel's WiFi completely until it modifies the equipment to eliminate the interference.

Re:Some guy just got arrested for jamming cell pho

[PinkyGigglebrain]

I was going to post the same thing. With the added comment that IIRCC most private hotspots are actually just cell phones with a "data only" type 3g connection and an standard 802.11x AP.

The only way I can see those getting jammed is either something is jamming every other wi-fi channel or they jam the 3G connection.

In both cases they are willfully interfering with a commercial radio device. I seem to recall there are laws about jamming ANY commercial radio signal.

Could someone with more knowledge about this please clarify?

okay hows this law

[laurencetux]

1 to certify your location as requiring CELL PHONE JAMMERS you need to file with the FCC/FTC actual valid proof of this requirement (in detail and each floor /1000 foot area must have a separate listed reason). there will be a $20K per area fee and this must be filed yearly (twiddle the form each year to prevent simple copy/paste).

or

2 provide free uncapped wifi to all clients/guests (give them the credentials when they check in)

oh and if you get "caught" then your CXO rack has to pay out of pocket to refund all fees collected and they are personally liable for any lawsuits. (oh and then you get fined as a business)