nanog mailing list archives
Re: Marriott wifi blocking
From: Jay Ashworth <jra () baylink com>
Date: Fri, 03 Oct 2014 23:53:36 -0400
No problem, Hugo. In fact, if you paid for Wired service and plugged your own router in, you would still be creating your own network, and not pretending to be the hotel's network. At the RF layer. So it would not be legal for them to zap that either. Doing so might /violate your agreement for the wired internet/, but that's a problem up in layer 10... (People, money, lawyers) On October 3, 2014 11:45:48 PM EDT, Hugo Slabbert <hugo () slabnet com> wrote:
Jay, Thanks; I think I was stretching this a bit far beyond just the Marriott example. Killing hotspots of completely discrete networks "because $$$" is heinous. I had extended this to e.g.: 1. Hotel charges for either wired or wireless access per device and has network policies to that effect. 2. Guest pays for a single device and hooks up an AP or AP/NAT combo to the wired port. 3. User piggybacks multiple devices on that device's WLAN. ...to try to flesh out the scenarios. In the attempt I went a bit far off the reservation. Apologies for the noise. -- Hugo On Fri 2014-Oct-03 23:32:39 -0400, Jay Ashworth <jra () baylink com> wrote:Hugo, I still don't think that you have quite made it to thedistinction that we are looking for here.In the case of the hotel, we are talking about an access point thatconnects via 4G to a cellular carrier. An access point that attempts to create its own network for the subscribers devices. A network disjoint from the network provided by the hotel or its contractor.This is a different case from the circumstance in a business officewhere equipment is deployed to prevent someone from walking in with an access point /which pretends to be part of the network which the office runs./In the latter case, the security hardware is justified indeassociating people from the rogue access point, /because it is pretending to be part of a network it is not authorized to be part of/.In the Marriott case, that is not the circumstance. The networks whichthe deauth probes are being aimed at are networks which are advertising themselves as being /separate from the network operated by the hotel/, and this is the distinction that makes Marriott's behavior is unacceptable.(In my opinion; I am NOT a lawyer. If following my advice breakssomething, you get to keep both pieces.)On October 3, 2014 11:04:08 PM EDT, Hugo Slabbert <hugo () slabnet com>wrote:On Fri 2014-Oct-03 19:45:57 -0700, Michael Van Norman <mvn () ucla edu> wrote:On 10/3/14 7:25 PM, "Hugo Slabbert" <hugo () slabnet com> wrote:On Fri 2014-Oct-03 17:21:08 -0700, Michael Van Norman<mvn () ucla edu>wrote:IANAL, but I believe they are. State laws may also apply (e.g. California Code - Section 502). In California, it is illegal to "knowinglyandwithout permission disrupts or causes the disruption of computerservicesor denies or causes the denial of computer services to anauthorizeduserof a computer, computer system, or computer network." Blockingaccess tosomebody's personal hot spot most likely qualifies.My guess would be that the hotel or other organizations using the blocking tech would probably just say the users/admin of the rogueAPsare not authorized users as setting up said AP would probably be in contravention of the AUP of the hotel/org network.They can say anything they want, it does not make it legal. There's no such thing as a "rogue" AP in this context. I can run an access point almost anywhere I want (there are limits established bytheFCC in some areas) and it does not matter who owns the landunderneath.They have no authority to decide whether or not my access point is "authorized." They can certainly refuse to connect me to theirwirednetwork; and they can disconnect me if they decide I am making inappropriate use of their network -- but they have no legalauthoritytointerfere with my wireless transmissions on my own network (be it my personal hotspot, WiFi router, etc.). FWIW, the same is true inalmostall corporate environments as well.Thanks; I think that's the distinction I was looking for here. By spoofing deauth, the org is actively/knowingly participating on *my network* and causing harm to it without necessarily having proof that *my network* is in any way attached to *their network*. Theassumptionin the hotel case is likely that the WLANs of the "rogue" APs they're targeting are attached to their wired network and are attempts to extend that wireless network without authorization (and that's probably generally a pretty safe assumption), but that doesn't forgive causing harm to that WLAN. There's no reason they can't cut off the wiredportof the AP if it is connected to the org's network as that's their attachment point and their call, but spoofed deauth stuff does seemtobe out of bounds. I'm not clear on whether it runs afoul of FCC regs as it's not RF interference directly but rather an (ab)use of higher layer control mechanisms operating on that spectrum, but it probably does run afoul of most "thou shalt not harm other networks" legislation like the California example./Mike-- Hugo-- Sent from my Android phone with K-9 Mail. Please excuse my brevity.-- Hugo
-- Sent from my Android phone with K-9 Mail. Please excuse my brevity.
Current thread:
- Re: Marriott wifi blocking, (continued)
- Re: Marriott wifi blocking Bob Evans (Oct 04)
- Re: Marriott wifi blocking Owen DeLong (Oct 04)
- Re: Marriott wifi blocking Jay Hennigan (Oct 04)
- Re: Marriott wifi blocking Jay Hennigan (Oct 03)
- Re: Marriott wifi blocking Owen DeLong (Oct 03)
- Re: Marriott wifi blocking David Cantrell (Oct 06)
- Re: Marriott wifi blocking Michael Van Norman (Oct 03)
- Re: Marriott wifi blocking Hugo Slabbert (Oct 03)
- Re: Marriott wifi blocking Jay Ashworth (Oct 03)
- Re: Marriott wifi blocking Hugo Slabbert (Oct 03)
- Re: Marriott wifi blocking Jay Ashworth (Oct 03)
- Re: Marriott wifi blocking Daniel Seagraves (Oct 03)
- Re: Marriott wifi blocking Majdi S. Abbas (Oct 03)
- Re: Marriott wifi blocking Jay Ashworth (Oct 04)
- Re: Marriott wifi blocking Michael Thomas (Oct 04)
- Re: Marriott wifi blocking SML (Oct 04)
- Re: Marriott wifi blocking Jimmy Hess (Oct 04)
- Re: Marriott wifi blocking Florian Weimer (Oct 05)
- Re: Marriott wifi blocking Jay Ashworth (Oct 05)
- Re: Marriott wifi blocking Owen DeLong (Oct 06)
- Re: Marriott wifi blocking Jay Hennigan (Oct 03)