OK, let’s get this out of the way up front: this is a column that might not make us any new friends among the business travelers who we suspect make up a big chunk of our readership. If, somehow, in some way, we mess up your free “piggybacking” Wi-Fi tricks during your next hotel stay, we apologize. We should also say that hotel broadband, in our minds, is something that business-oriented hotels should offer for free, as an amenity and incentive to gain business travelers, instead of charging HUGE fees for something so basic (we’ve seen $12 a night fees recently).
But the reality of the matter is that many hotels do have a business model for not-free broadband, and that business model is in danger because of new inexpensive devices that make it easy to get around hotel provider’s usage restrictions. Specifically, the advent of inexpensive Wi-Fi “travel” or “pocket” routers - designed expressly for business travelers - are making it easy for users in multiple rooms to camp onto a single broadband connection.
We started thinking about this topic a lot at the beginning of the year at CES - we had just about every networking vendor there show us their latest and greatest 802.11g , WPA-enabled, USB-powered, acronym-laden, tiny Wi-Fi routers. Our first thought was: “Oh boy, we really need one of those” (we got the D-Link model, fyi…).
Our second thought, “These are great, let’s buy a shipping container full of these routers and set up a kiosk on the sidewalk in front of the Las Vegas Convention Center.” With 120,000 travelers in town, each carrying a laptop, we figured we’d make enough in a day or two to take the rest of the year off.
After we realized we’d never really DO the second thought, our third thought was, “This is going to kill the business model (not to mention the security) for all these hotels that are charging for access to their hospitality broadband network!”
So a travel router is merely a portable access point (AP). You plug it into the broadband modem in the room, and that’s the MAC address that camps onto the connection; as with any Wi-Fi connection, users with wireless laptops can access that AP to gain access to the broadband connection.
Travel routers in the hospitality network (or even ad hoc wireless networks set up by laptop users connected to a wired Ethernet connection) are really just another example of the rogue access points that every Wi-Fi So a travel router is merely a portable access point (AP). You plug it into the broadband modem in the room, and that’s the MAC address that camps onto the connection; as with any Wi-Fi connection, users with wireless laptops can access that AP to gain access to the broadband connection.
Travel routers in the hospitality network (or even ad hoc wireless networks set up by laptop users connected to a wired Ethernet connection) are really just another example of the rogue access points that every Wi-Fi So a travel router is merely a portable access point (AP). You plug it into the broadband modem in the room, and that’s the MAC address that camps onto the connection; as with any Wi-Fi connection, users with wireless laptops can access that AP to gain access to the broadband connection.
Travel routers in the hospitality network (or even ad hoc wireless networks set up by laptop users connected to a wired Ethernet connection) are really just another example of the rogue access points that every Wi-Fi switch/gateway/controller/AP/monitoring/security vendor on the planet talks about in their slideware. And it’s a real problem if: a) you’re trying to maintain a secured network with limited access; b) trying to avoid wireless interference issues; and/or c) trying to charge guests for broadband access.
It’s easy to see a business case for hotel broadband investment being brought to its knees if the model’s ROI is based on x% of customers paying that $12 a night for broadband. Imagine a hotel room with rooms on either side, across the hallway, above and below. One wireless router could allow all of these to log on if left unsecured, or even if secured and the access passwords were given out to your fellow travelers. This cuts into your top line revenue right away.
Add into this decrease in revenue a potential increase in operational issues. Imagine what happens when users are trying to get logged in and see 10 APs in their list of available networks and don’t know which to use. Or picture those 10 APs in terms of 802.11b/g’s spectrum which provides only 3 non-overlapping channels. Some hotel rooms - like the ones in the Mandalay Bay hotel at the recent Interop show, have their own APs in each room that conflict with the travel routers. Overall, potentially not a pretty RF environment for your paying customers.
And security, already not necessarily a strong suit in hospitality networks (use your VPNs people!) can take a further step backwards as users begin associating with APs that they don’t really know anything about. And we’re not just talking about people trying to skirt the rules here - it’s easy enough to accidentally let Windows XP automatically connect you to one of these networks - especially if it’s got the same default SSID as their home network (think ‘Linksys’ everyone). Talk about a great opportunity for wireless phishing and ”evil twin” attacks (where a fake access point with the same SSID is set up to lure in unsuspecting customers).
We’ve actually spent a fair amount of time talking with service providers, security vendors, wireless equipment vendors, and others about this situation, and one thing strikes us - there’s no really good or immediate solution at hand.
The service providers we talked to (specialists in the hospitality space) haven’t really faced up to the issue yet (though we suspect they will as these devices become more common and inexpensive). The wireless equipment vendors and security system providers we’ve asked all tell us that they can solve the problem by using various combinations of monitoring, analysis, and equipment to “lock down” the airwaves and prevent users from associating with the rogue travel routers.
But that’s a sort of a brute force approach that doesn’t balance the positive side of these devices, which is that customers (like us!) love them and have perfectly legitimate uses for them. For one thing, we’ll consider giving up our travel routers the day that a hotel puts their Ethernet port less than 20 ft away from the bed in our hotel room.
Or consider business travelers who share a room, or simply meet up in a single room for some collaboration before the big presentation. Even if they wanted to take turns connecting to a room’s single Ethernet port, they’d be unable to due to MAC address filtering that keeps a second computer from getting on the network.
What we’re looking for - and have not been able to find - is some happy medium that keeps travelers happy (they are, after all, paying the bills!) and allows these kinds of legitimate “convenience” uses of travel routers while providing hotels with the security and revenue protection that they too deserve.
