Re: Sen. Brownback Spotlights Chinese Order to Spy on Olympic Hotel Guests

[Jim Murray <jim () digitaldaemons co uk>]

Richard M. Smith wrote:
> I wonder what company is supplying this Chinese government spyware 
> “software”?  It seems like the spyware would have to be some sort 
> pack-sniffer box that gets installed in a hotel and then periodically 
> phones home with activity logs.  I wonder also how room registration 
> information is matched with Web surfing activities.

If the hotel charges for internet access (and many do) it's actually 
fairly trivial to match activity logs to room registration.

All of the major players in the hotel internet access market interface 
to the hotel's front office systems for billing purposes already which 
gives them the first part of the data (the guest's name/room number). 
Users are generally authenticated by MAC address so a unique identifier 
is present in the traffic passing the billing gateway.

It's not a huge step from there to recording the history for full 
analysis later.

If you want security, use a VPN to a known-secure location. At least 
then all anyone snooping will get is the endpoint IP.

Jim.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.