Over the last 3 years or so there’s been a lot of rumors going around about the host hotels at Dragon Con blocking signals, sometimes cellphone, sometimes Wi-Fi. The important thing to understand is that these rumors are not true, and have never been true, but are based on misunderstandings and interpretations of news reports that had people making assumptions.
First, claims. The first claims around started back in 2014, when the FCC announced that Marriott was being fined for the practice of killing WiFi hotspots in their Gaylord Opryland Hotel and Convention center (hereafter ‘Opry’). This led to assumptions like this.
— Joseph AlKhazraji (@darthqueeg) October 3, 2014
And two years on, the claims still kept coming, as you can see here a week ago:
The problem is that people often don’t understand what exactly is going on with radios and advanced technology, and at the merest hint of foul play that could be blamed, it will be blamed. It’s often not their fault, directly, because most media outlets cover technological issues really badly. That’s why there’s so many specialized technological news sites out there, often focusing on one or two key/niche aspects. Even worse, often the writers of pieces are not even the token technology journalists for the entities, as with the CNN story above, where it was written by CNN’s travel correspondent – Katia Hetter – presumably because of the hotel aspect, rather than the key issue of it being a technological issue ruled on by a very technical government agency. This feeds in to the myth because the where, how and why are not communicated clearly, and even the ‘what’ appears to have been lost in the hunt for an enticing lede such as in the CNN article.
Think hotels are deliberately blocking your personal Wi-Fi networks so you’ll buy theirs?
No, it’s not just a conspiracy theory. It turns out the federal government is concerned about it, too.
Marriott has agreed to pay a $600,000 fine after the Federal Communications Commission found the company blocked consumer WiFi networks last year during an event at a hotel and conference center in Nashville.
A Nashville convention center figured out how to boost its revenue from selling Internet service: it illegally jammed guests’ and exhibitors’ WiFi networks. Glenn Fleishman explains the technical scam and why it earned a six-figure smackdown.
The Marriott-run Gaylord Opryland resort in Nashville was faced with a dilemma. Like all hotels and exhibition centers, it charges exhibitors and conference organizers exorbitant amounts for Internet access on trade-show floors, as well as nightly fees for guests. Nearly all conference centers charge thousands of dollars for a few days of access, per exhibitor, and all they get is a couple of megabits per second at their booth. Google for the price sheets: you’ll need an emesis bag handy.
Thanks to fast cellular networks and portable WiFi hotspots, though, these halls are losing their extortionate edge. A carryover from the days of a captive audience who had no other choice, the wheeze was always factored in as a cost of participating in trade shows and other events. Now, however, the 4G LTE standard–whose frequency range penetrates buildings far better than most older cellular technologies–offers data rates in the tens of Mbps.
Notice the difference? One played up the whole conspiracy angle, while the other noted that it was a specific scheme to drive up exhibitor Wi-Fi rental developed at one hotel.
However, just because it’s a better article, doesn’t mean people won’t get the wrong end of the stick, as the tweet embedded above demonstrates, but the problem is wider than that. For the last two years [2014 & 2015, I had to cancel this year] I’ve been the Assistant Director of the Electronic Frontiers Forums track at Dragon Con (and a track volunteer for the 3 before that) , the major convention that people claimed was also a hotbed of jammed signals. I’ve had Senior Directors (the hierarchy goes ‘Co-chairs > Senior Directors > Directors (then their assistants/seconds) >Volunteers) tell me that it was being blocked, because other Directors said so, and I got the same reports from TechOps (the crew that is responsible for the light/sound/video setup). Yet it’s all based on assumption and inference, and no-one actually thought to ask the guys who not only might know how to check, but were actually checking, the Electronic Frontier Forums people.
The claims are incredibly ironic considering two things. The system used at the Opryland is based on ‘de-auth packets’ breaking connections. Basically it’s a similar process to the one used by Comcast back in 2007 to throttle/disable Bittorrent (except with reset packets instead of de-auths). You pretend you’re the person someone’s communicating with (a ‘man in the middle attack’), and then send them a packet saying ‘quit’. Guess who led the nationwide research for TorrentFreak showing this was happening – oh right, ME.
In addition, the Assistant Director in 2012 and 2013 (the events were roughly 6 months either side of Opryland report) is a gentleman who knows a fair bit about Wifi and data, Keith Watson. Funnily enough, in 2013 the very first panel of the event was… Passive WiFi monitoring, conducted by Keith Watson, including actually monitoring Wifi to spot data using our own wifi hotspot setup, a hotspot that’s been run in previous years.
There have been some issues in the past, including in 2012 and 2013, but it was not due to wifi jamming, it was due to signal congestion. There’s some 60,000 people in a small area, and with a lot more on Friday (people working their regular jobs in downtown Atlanta) and Saturday (the Parade, then the other events) putting a heavy load on the cellular towers and the limited wifi space. That’s right it was just a case of congestion and swamped signal bands.
A lot of the problems people had were that their net connections were slow or unresponsive, sometimes cellphones would work, sometimes they wouldn’t. I even had cellular communication issues, SMS messages could take ten minutes to send, while MMS messages (I was tweeting photos) were slow if they went through at all. That’s not wifi hacking, because it doesn’t use WiFi (I use an old LG EnV2 ‘dumbphone’, which doesn’t have things like WiFi). SMS uses the same communication method that your phone uses to alert towers to their presence, so if that doesn’t work, then there’s serious network issues… which there were – the towers were overloaded. Well, it could also be the usage of cell-tower spoofers (stingrays) as covered in the Wiretapping panel in 2012 and the cell phone surveillance panel in 2013, but which weren’t all that common back then, and would almost certainly be overloaded and useless in such a crowded space. Since 2014, temporary cell towers have been brought in by the main cellular providers to give better cell coverage (in 2015, I tried to get the cell companies to let me write up this use of the technology, but I got no response, a shame as it would be a rare positive story for most providers)
Next is that there’s no evidence of any WiFi jamming at all. Not a single bit. We’ve covered congestion (and that’s still going to be the case, despite the extra ‘Towers on Wheels’ that the providers have brought in to take the load) but the case here was that WiFi hotspot use was being jammed, with de-auth packets being sent to stop people connecting to their own WiFi hotspots, rather than the venues. As previously mentioned, we ran a hotspot in the Hilton, just off the main atrium/lobby. I could also access their lobby WiFi from there, as well as their paid service. Zero issues. Not an issue in 2014 when this was claimed, not one in 2013 or 2012 either. Aha! That’s the Hilton though, not the Marriott you may say. The hotel that did all this was a Marriott hotel, so we should be looking not at the Hilton, but at the Marriott. Right, guess which hotel I stayed at 2010-2014 (and one night in 2015)? Yes, that’s right, I stayed in the Marriott Marquis. I used a hotspot there (provided and set up by my friend, who’s an IT guy for CBS in his daily life) and zero issues. When we weren’t using it for my stuff, it was being used for other peoples devices. Zero issues. Even though it took the place of the $30/day internet connection option offered to people staying in the $250/night rooms (which is funny since it’s free for most cheap motels).
The WiFi situation in the hotels is pretty jammed though. I was fortunate that my extremely helpful friend (and former Pirate Party of Georgia Chairman) Jarod Smith was willing to spend time and effort to do me a WiFi scan in the lobby/atrium of three main hotels (Hilton, Marriott and Hyatt). Here’s the Hyatt
As you can see, it’s pretty congested on the 2.4 GHz band, with some of the Marriott WiFi being picked up (also important for reasons I’ll get to soon) while the 5 GHz band is quieter, but still not exactly clear. Now the Hyatt
It’s if anything more congested and made worse by being regimented into just three channels on the 2.4 GHz side, while the 5 GHz is only slightly better. So then the Marriott
Ok, lots of wifi there too, up and down. In fact there’s very few clear WiFi channels throughout, especially if you don’t have equipment to use the Dynamic Frequency Selection channels in the 5 GHz band.
Now, why is it important as well that you can see Marriott wifi from the Hilton? Well, if the Hilton were running this kind of software, they’d be zapping Marriott customers. They may share a skybridge, but do you think they’d take kindly to each one zapping paying customers off the others WiFi? The Opry is in a more isolated location, the nearest other structure is some 1400ft (0.26 miles or 420 meter) from the center of the hotel (see map below). WiFi can go a ways, but not that far.
How about the ‘Why’? At the Opry Convention center, it was targeting exhibitors. They’re people who often have equipment, be it stock-tracking, order-processing, data resources, etc. that requires internet access. In 2013 the Vendors were moved out of the basement of the Marriott, into the AmericasMart. Instead there’s now autograph areas, and the exhibitors. Neither are going to be locked into requiring internet access on a fixed location, so there’s no benefit in jacking up the rates. As for the convention itself, if it needs it, it already pays for it (for instance in 2013, when internet access went down in the Hyatt, the Signage team was moved to the Sheraton, where access was still available) this year with the live-streaming of Dragon Con TV, fixed lines at a significant cost were also obtained to ensure sufficient bandwidth. Thus there’s no massive benefit in it from a large captive audience.
There does of course come one last point to make regarding these issues. The consent order came out in October 2014, a month after Dragon Con 2014, so many people thought it was in relation to something that happened earlier, so it was seen as the ‘cause’ of the 2014 connection issues (as in the tweet above). However, the incident happened in March 2013, almost 18 months earlier, so if it was done by the hotel, it would have happened not at the 2014 event, or even the 2013 event, since those were both after the FCC had gotten involved (and it’s a very brave hotel that continues with a profit-making policy months after it’s caused a federal investigation) but at the 2012 event.
So, when it comes to the end result, there’s zero evidence that any jamming ever happened, and nothing even to suggest it, except that some people had connection difficulties with their phones and devices tethered to it, which is again, because there’s tens of thousands of people all in a small area swamping resources, bandwidth and frequencies. Plus what most people are accusing the hotel of having done (blocking cellphones) is not actually what the hotel 500 miles away was doing. De-authing 3rd party WiFi hotspots is one thing, but when it comes to actively blocking cellular signals, that’s a MAJOR no-no and one everyone knows you can’t do, which is why the FCC has been stepping up enforcement of it over the past few years.
Going back to the 6 W’s (Who, What, Where, When, Why, and How), let’s put what we now know in that context.
WHO. In the FCC case, it was the Gaylord Opryland Resort & Convention Center in Knoxville, TN., owned by the Gaylord Hotels division of Marriott, operated by Marriott International. Dragon Con uses the Marriott Marquis Atlanta, also owned and operated by Marriott International through their signature division. Funnily enough, another hotel two blocks away, used by many people to stay at Dragon con, but not an official hotel, is the Ritz Carlton Atlanta, also owned by Marriott international through the Ritz-Carlton division. There were no reports/claims of blocking there, mainly because it was on the edge of the convention, and people didn’t spend a lot of time there. Nevertheless, any argument you could make based on the ‘who’ for the Marriott Marquis could also be made for the Ritz-Carlton, and no-one mentioned it. There’s no evidence that anyone involved in the decision at the Opry, had any influence at the Marquis.
WHAT. The Opry blocked wifi hotspots linking with client devices. If you could connect to your hotspot but had no data, that’s something else (lack of bandwidth). If your connection was patchy, intermittent, or weak; it’s not that either (that’s signal congestion). If it was something with cellphone connections – that’s something else entirely, and something everyone knows is a criminal matter already (as well as a big safety issue). No evidence at all that any de-auth-ing was going on.
WHERE. The original story was of the Gaylord Opryland in Nashville, 500 miles from Atlanta where people are claiming. While they’re both Marriott-owned, they’re in different divisions and different types of hotel – the Marquis is a high level hotel with meeting and ballrooms, the Opry is a small hotel that’s also got a big convention center attached and has significant open space around it.
WHEN. The Opry incident was detected in March 2013. Dragon Con takes place in September each year. Most people didn’t hear about it until the FCC press release in October 2014, and blamed connectivity issues in September 2014 on this (such at the tweet at the start). Some were smarter and blamed September 2013 issues on it. Yet if it were going to happen, it would have been at the 2012 event. Again, no mention, no comments, nothing, except that the cellular networks were overloaded. Then again, wifi hotspots weren’t that common back then, especially as cellular data was still expensive (it’s still not cheap now)
WHY. The Opry is a hotel with convention center, half a mile from the next nearest hotel, it’s very much a captive audience. It’s also a massive convention center, with over 700,000 sq feet, with the Ryman Exhibit Hall taking up 260,000 of that (the biggest in-hotel space outside Vegas). The Marriott Marquis by comparison has 169,435 sq ft of TOTAL event space (with the biggest room – the international hall which was the dealers room until 2012 – tipping the scales at just 28,200 sq ft) including the atrium area and the 10th floor. It’s a huge difference and changes the dynamics. The event dynamics between the kind of trade shows (that may require internet access by vendors as discussed earlier) the Opry is useful for, compared to the type of activities that go on at Dragon Con make it implausible that it’d even be a workable thing. Especially with the vast cross-movement between the hotels, it would make such a practice immediately obvious. It wasn’t.
HOW. The accusations people are throwing at the marquis are based on their own basic anecdotal observations. It’s not based on facts, or data. Often they’re not even talking about the right thing. And you know what would have been incredibly helpful to do if you actually thought it was an issue? Why go find the experts (aka the Electronic Frontier Forums track) and ask their people (either volunteers or guests) about it. Not a single person mentioned it to me the entire time I was there, any year. That’s DESPITE having all the equipment needed to track and diagnose it. We had panels on the exact topic, not a single question on this, even though the demonstration would have caught it if it had happened. So instead people share news stories of something that happened to a related chain, a few years ago, in a different state and claim it happened, because it makes it feel like the hotel was doing a bad thing to them and so it’s the hotel’s fault, and not that the people had crap equipment, terrible settings, or just didn’t know what they were doing, and it also makes them seem important and ‘knowledgeable’.
There’s a word for that that I love – ultracrepidarians (one who professes knowledge of a subject they’re really clueless about) which is in many ways more useful than ‘Dunning-Kruger’ because that term’s become known (and also ultracrepdiarian is a lot harder to remember how to spell when they get home).
To finish up, there was no wifi blocking that was ever detected. Again
THERE WAS NO WIFI BLOCKING/HJACKING/JAMMING AT DRAGONCON
Most of the problems people had were more to do with bad setups and lots of people rather than any malicious intent. People eager to shift blame from themselves blame the hotels, and ignore the facts, preferring a good conspiracy story, all after seeing a news story 18 months after the fact and attributing it to the previous month or years problems. And despite all these problems, no-one thought to actually get someone who might know what they’re doing to check it, and maybe fix it or work around it (generally, the reason that happens is that they know the claim is bullshit, and don’t want that proven).
So stop saying the Marriott jammed WiFi, because there’s another problem people may not have realized. Defamation.
When you accuse a business, with all seriousness and attempts of factuality, to make a deliberately false accusation against an entity that said entity did an action it did not do, and that action is criminal or otherwise harms the business, that is an actionable statement. If that meant nothing to you, in plain English it means that if you accuse a business of breaking the law, and they never did, and you make the accusation deliberately despite no evidence, that can put you in the shit. Under Georgia law, these statements can be considered “defamation per se”, as it’s a false statement communicated to others, without bothering to check facts and causes harm to the plaintiff (which would be the Marriott). They don’t have to actually prove that last bit either, since the statement is referring to a falsely claimed business practice that would harm the business. (OCGA §51-5-1 to §51-5-4).
So, not only do you have the problems of losing any sort of credibility, but you might also end up paying a hefty judgment to the hotel to apologize for your rash statement.
So no more bullshit about it, eh? The Gaylord Opryland hotel in Nashville did jam consumer WiFi hotspots in early 2013. The Marriott Marquis in Atlanta did not, at any Dragon Con, and unless you have some actual facts to back up your claims, saying they did is a REALLY bad idea.
Now, if you did have thoughts that it might be happening, then by far the smartest thing to do would be to hunt down someone who can actually tell, that might be the FCC, but it could just as easily be someone at the Electronic Frontiers Forums track, who will know how to check for sure.