Marriott fined $600,000 by FCC for interfering with customer WiFi hotspots

by
in legal on (#2T6H)
Marriott (since 2012) has been using wireless technology to prevent guests at the Gaylord Opryland hotel and convention center from using their own Wi-Fi mobile hotspots, forcing exhibitors or customers to use Marriott's expensive Internet services, available at the whopping cost of $250 to $1,000 per wireless access point. Despite popular press reports, this did not involve "jamming" which is strictly illegal in the US, but instead something more like a WiFi DoS attack.

Marriott had deployed a Wi-Fi monitoring system with a "containment capability". When activated, the system could identify Wi-Fi access points that were not part of Marriott's own Wi-Fi system (or otherwise authorized by Marriott). Such non-Marriott access points were dubbed "rogues". When rogues were detected, the system sent "de-authorization" packets to the unauthorized access points, booting those users off their free connections and, presumably, forcing them to pony up for Marriott's paid Internet access.

http://www.commlawblog.com/2014/10/articles/enforcement-activities-fines-f/marriott-whacked-for-600000-for-war-on-rogue-wifi-hotspots/

Re: Under The Radar? (Score: 2, Interesting)

by evilviper@pipedot.org on 2014-10-11 02:41 (#2T7G)

how far one would have to go to fly under the radar of most of these WiFi attacks and countermeasures and just use your own damn equipment and services without interference.
I'd use the FCC's contact page... It's super effective!

Turning-off SSID broadcasting won't do the tiniest thing.

The AC mentioned 802.11w before me. But there are other potential options in the interim...

* WiFi firmware (on ALL your clients) could be modified to ignore deauth packets if sent too frequently, and pay attention to data connectivity, instead.

* You could put your AP and all your clients in a metal (Farady) cage, but you need your cellular antenna to be outside the cage to get a signal.

* You could use network monitoring tools to look for deauth packets, then walk around checking signal strength to find the physical location of the AP interfering with you. From there, a crowbar will solve the problem quite nicely... Alternatively, unplugging or putting a metal cage around the interfering device will work, if you're opposed to vandalism for some strange reason.

* You could PLUG-IN to your AP instead of using WiFi. Of course if you're tethering to your cell phone (as opposed to a "MiFi" device that has an RJ45 port) then the deauth attack could make internet access unavailable indirectly.
Post Comment
Subject
Comment
Captcha
Eighty eight, two or fifty eight: the smallest is?