So I’m checking my blog on the hotel wifi, like ya do, and I notice something a little off with the style. There’s a dark colored bar at the top of the page that shouldn’t be there. That’s funny. Maybe a recent Firefox update changed how they treat CSS?
<head> tag (reformatted here for readability):
<body> tag (also reformatted):
sshed into my webhost, and did an
svn diff on my WordPress core files. No changes. Hmm, maybe someone mucked with my custom theme files (which are not under version control)? Nope, no dice, everything appeared kosher. It occurred to me to
wget my blog while I was
But the question remains, did the hotel’s wifi access point get hacked, or is something more nefarious at work? Is it possible that the hotel’s internet service provider is doing this on purpose? Could it be that the Courtyard Marriott in Times Square is actually aware of and condoning this type of bad behavior?
In any case, who the heck do I report something like this to?
Sorry, “RGnets RXG Injection Advertising Demo” was deleted at 10:17:28 Fri Apr 6, 2012. We have no more information about it on our mainframe or elsewhere.
Good thing RG Nets still has the video up on their own site! And thanks to The Verge, there’s now a copy of the video up on YouTube that I can embed for your viewing pleasure:
Demo of RGnets RXG Injection Advertising
Here’s a transcript of the video’s hypnotic, robotic voice-over:
The video demonstrates the HTML payload rewriting feature of the RG Nets Revenue eXtraction Gateway. The web browser that you are looking at is that of an end user that is connected to the internet through an RG Nets Revenue eXtraction Gateway. The end user is running stock IE7 without any special plugins or installations. All rewriting is done on the fly in the RXG. The RXG is configured to rewrite all transit webpages to include a banner advertisement for a BMW S1000RR motorcycle. The S1000RR banner can be positioned at the top, bottom, left, or right side of webpages. In addition, the banner may be rotated with other banners to simultaneously support multiple advertising campaigns. Of course the banners may also be linked to any website desired. As you can see the pervasive nature of the advertising banner on all webpages guarantees banner advertising impressions. The RG Nets RXG HTML payload rewriting feature is a tremendously powerful tool, with a broad spectrum of applications for internet marketing programs.
- Hacker News
- TechCrunch (twice!)
- The New York Times’ Bits Blog (twice!)
- The Verge (twice!)
- The Huffington Post’s Gadling Blog (twice!)
- heise online
- Boing Boing
(though they didn’t link to my post!)
As soon as we learned of the situation, we launched an investigation into the matter. Preliminary findings revealed that, unbeknownst to the hotel, the Internet service provider (ISP) was utilizing functionality that allowed advertising to be pushed to the end user. The ISP has assured the hotel that this functionality has now been disabled.
While this is a common marketing practice with many Internet service providers, Marriott does not condone this practice. At no time was data security ever at risk.”
Which means that the optimal solution to this snafu wasn’t simply that “we’ve disabled the functionality”—it has to be “we’ve removed/replaced the offensive hardware”. Nothing less is sufficient. Otherwise, what’s to stop someone from accidentally (or otherwise) re-enabling it later?