So I’m checking my blog on the hotel wifi, like ya do, and I notice something a little off with the style. There’s a dark colored bar at the top of the page that shouldn’t be there. That’s funny. Maybe a recent Firefox update changed how they treat CSS?
Screenshot of Justinsomnia with weird bar circled in red
<head> tag (reformatted here for readability):
<body> tag (also reformatted):
sshed into my webhost, and did an
svn diff on my WordPress core files. No changes. Hmm, maybe someone mucked with my custom theme files (which are not under version control)? Nope, no dice, everything appeared kosher. It occurred to me to
wget my blog while I was
But the question remains, did the hotel’s wifi access point get hacked, or is something more nefarious at work? Is it possible that the hotel’s internet service provider is doing this on purpose? Could it be that the Courtyard Marriott in Times Square is actually aware of and condoning this type of bad behavior?
In any case, who the heck do I report something like this to?
RG Nets RXG-A8
Update: I guess not all press is good press. Ronen Isaac (coincidentally of Wlan Mall) appears to have taken down the Vimeo video (I had previously embedded above) that I thought did such an excellent job describing how the Revenue eXtraction Gateway worked.
Sorry, “RGnets RXG Injection Advertising Demo” was deleted at 10:17:28 Fri Apr 6, 2012. We have no more information about it on our mainframe or elsewhere.
Good thing RG Nets still has the video up on their own site! And thanks to The Verge, there’s now a copy of the video up on YouTube that I can embed for your viewing pleasure:
Demo of RGnets RXG Injection Advertising
Here’s a transcript of the video’s hypnotic, robotic voice-over:
The video demonstrates the HTML payload rewriting feature of the RG Nets Revenue eXtraction Gateway. The web browser that you are looking at is that of an end user that is connected to the internet through an RG Nets Revenue eXtraction Gateway. The end user is running stock IE7 without any special plugins or installations. All rewriting is done on the fly in the RXG. The RXG is configured to rewrite all transit webpages to include a banner advertisement for a BMW S1000RR motorcycle. The S1000RR banner can be positioned at the top, bottom, left, or right side of webpages. In addition, the banner may be rotated with other banners to simultaneously support multiple advertising campaigns. Of course the banners may also be linked to any website desired. As you can see the pervasive nature of the advertising banner on all webpages guarantees banner advertising impressions. The RG Nets RXG HTML payload rewriting feature is a tremendously powerful tool, with a broad spectrum of applications for internet marketing programs.
Update: A thought exercise: imagine the hotel delivered complementary issues of the New York Times to every room, except that in this case, all the ads had been cut out, some of the articles had been accidentally cut out (because they happened to be on the other side of an ad), and on every single page there’s a new ad that’s been stuck on top. How would you react? How do you think the New York Times would react?
- Hacker News
- TechCrunch (twice!)
- The New York Times’ Bits Blog (twice!)
- The Verge (twice!)
- The Huffington Post’s Gadling Blog (twice!)
- heise online
- Boing Boing
(though they didn’t link to my post!)
Update, April 9, 2012: I just received the following message from a representative of Marriott:
As soon as we learned of the situation, we launched an investigation into the matter. Preliminary findings revealed that, unbeknownst to the hotel, the Internet service provider (ISP) was utilizing functionality that allowed advertising to be pushed to the end user. The ISP has assured the hotel that this functionality has now been disabled.
While this is a common marketing practice with many Internet service providers, Marriott does not condone this practice. At no time was data security ever at risk.”
Update: Something has bothered me about Marriott’s official response above. I completely get that Marriott is a large sprawling corporation, and it’s likely that the right hand often does not know what the left hand is doing. I get that. I’ve worked in much smaller organizations where that has been the case. I also get that their response is a typical, old school public relations gloss over the problem—without any satisfying transparency as to how the problem came to be or any meaningful details about how it was ameliorated.
Which means that the optimal solution to this snafu wasn’t simply that “we’ve disabled the functionality”—it has to be “we’ve removed/replaced the offensive hardware”. Nothing less is sufficient. Otherwise, what’s to stop someone from accidentally (or otherwise) re-enabling it later?