Re: Marriott wifi blocking

[Hugo Slabbert <hugo () slabnet com>]

On Fri 2014-Oct-03 19:45:57 -0700, Michael Van Norman <mvn () ucla edu> wrote:

> On 10/3/14 7:25 PM, "Hugo Slabbert" <hugo () slabnet com> wrote:
>
> > On Fri 2014-Oct-03 17:21:08 -0700, Michael Van Norman <mvn () ucla edu>
> > wrote:
> >
> > > IANAL, but I believe they are.  State laws may also apply (e.g.
> > > California
> > > Code - Section 502).  In California, it is illegal to "knowingly and
> > > without permission disrupts or causes the disruption of computer services
> > > or denies or causes the denial of computer services to an authorized user
> > > of a computer, computer system, or computer network."  Blocking access to
> > > somebody's personal hot spot most likely qualifies.
> >
> > My guess would be that the hotel or other organizations using the
> > blocking tech would probably just say the users/admin of the rogue APs
> > are not authorized users as setting up said AP would probably be in
> > contravention of the AUP of the hotel/org network.
>
> They can say anything they want, it does not make it legal.
>
> There's no such thing as a "rogue" AP in this context.  I can run an
> access point almost anywhere I want (there are limits established by the
> FCC in some areas) and it does not matter who owns the land underneath.
> They have no authority to decide whether or not my access point is
> "authorized."  They can certainly refuse to connect me to their wired
> network; and they can disconnect me if they decide I am making
> inappropriate use of their network -- but they have no legal authority to
> interfere with my wireless transmissions on my own network (be it my
> personal hotspot, WiFi router, etc.).  FWIW, the same is true in almost
> all corporate environments as well.

Thanks; I think that's the distinction I was looking for here.  By 
spoofing deauth, the org is actively/knowingly participating on *my 
network* and causing harm to it without necessarily having proof that 
*my network* is in any way attached to *their network*.  The assumption 
in the hotel case is likely that the WLANs of the "rogue" APs they're 
targeting are attached to their wired network and are attempts to extend 
that wireless network without authorization (and that's probably 
generally a pretty safe assumption), but that doesn't forgive causing 
harm to that WLAN.  There's no reason they can't cut off the wired port 
of the AP if it is connected to the org's network as that's their 
attachment point and their call, but spoofed deauth stuff does seem to 
be out of bounds.

I'm not clear on whether it runs afoul of FCC regs as it's not RF 
interference directly but rather an (ab)use of higher layer control 
mechanisms operating on that spectrum, but it probably does run afoul of 
most "thou shalt not harm other networks" legislation like the 
California example.

> /Mike

--
Hugo

Attachment: signature.asc
Description: Digital signature