Hotel Operators Petition FCC for Wi-Fi Management Authority

Glenn Fleishman writes for Boing Boing a very good summary of Marriott’s petition to the FCC to allow hotel operators to manage Wi-Fi networks on their premises.

Glenn explains that these techniques may adhere to the letter of the law, but certainly not the spirit of the law:

Rogue AP detection and mitigation relies on the fact that much of the handshaking between devices in Wi-Fi connections isn’t validated. A network-management system can prevent clients from associating with Wi-Fi networks under its control in a number of ways, but they can also block wireless devices from connecting with other networks that are in range. This typically involves sending deauthentication frames—frames are data packets in the wireless world—that either or both spoof the client or base station. (This is also a way to launch a denial-of-service attack, by a rogue hotspot spewing out such frames against legitimate local usage.)

I’m sympathetic to the stated desires of hotel & conference operators, schools, universities, and businesses. Customers & students expect these networks to work, even (or especially) when their own hotspots don’t. Businesses & schools have understandable concerns about user security.

However, unlicensed spectrum is intended for anyone to use pretty much however they want (as long as the equipment is certified & isn’t modified). Allowing these organizations to effectively control who can operate certain devices in this spectrum seems to go against the intent of these rules.

Glenn does a good job of explaining this issue in detail while also keeping it understandable to normal folks. The whole article is worth a read if you’re interested in this topic.

January 2, 2015 4:00 pm Update: Marriott issued a statement clarifying that the requested network management authority would only be used to identify & disable malicious devices in conference venues. While it is encouraging to see this clarification, the FCC needs to clearly define malicious actions that permit use of these techniques, should the FCC allow them in the future.