Are WLAN Vendors Selling Illegal Jammers?

This won’t take long. Jammers are illegal in the US.jammer1Go here for full page.


Marriott got busted for using jamming, as cited on both pages 1 and 2 of the FCC’s Commission Document.


Marriott’s “jamming” used tools like this, which are part of the WLAN system in use by Marriott (and countless other customers with similar systems by multiple WLAN vendors):

mitigate


Can the average, reasonable person then conclude that what the WLAN industry calls “mitigation” is actually “jamming” as per the FCC?

If so, can the average person also conclude that illegal jamming tools are being being sold by the WLAN industry as part of today’s typical business WLAN system?

I’m not sure what other conclusions can be reached, but I’m no lawyer.

And the latest- from 1/27/15 which seems to confirm. Of course, now we need “commercial” defined.

19 thoughts on “Are WLAN Vendors Selling Illegal Jammers?

  1. John Steely

    Maybe I’m making this too simple. I think that you should “own” the airwaves where your enterprise exists. I also think you have an obligation to be a good neighbor where your enterprise touches that of another. That perspective seems to contain large portions of common sense missing from the FCC’s position. Especially when you consider the point, Lee, that you made previously regarding this “no jamming” logic as it would apply to a hospital or other high-stakes equipment. The argument against Marriott was that they wanted to force guests to use a paid service. The other side of that coin is that Marriott has a compelling obligation to provide a useful wireless service to their paying customers, and their ability to do so depends greatly on mitigating interference within the footprint of their property.

    -John

    Reply
  2. wirednot Post author

    John- thanks for reading and commenting… and you absolutely NAILED it. The purpose of this short blog on the heels of the other one is to call out the ambiguity and short-sightedness of where all of this has come. I’m not so sure the current mitigation (or is it jamming?) is the best mechanism of control, but the finer point is that in our own spaces we should have control.

    And that it’s absurd that the world leaders in wireless networking could be selling feature sets that probably make prefect sense to many customers while are so far out of sync with the regulatory framework we all live in. Why are the FCC and the WLAN makers so far apart here? And why is the customer left holding the bag?

    Reply
  3. Hemant Chaskar

    May be we attempt to answer related question: Is a thing illegal or use of a thing illegal? On that thought then, we can think of checks and balances to prevent illegal use. Illegal in unlicensed spectrum could be equated to non-symbiotic.

    Non-symbiotic transmissions can be from the perspective of security or performance. For security, I know it is possible to arrive at objective criteria for non-symbiotic transmissions (e.g. network connected rogue, honeypot that connects to enterprise owned client, etc.). Some guidelines on this and then certification of adherence to the guidelines could then make the equipment legal for use.

    For performance, objective criteria are difficult. How about a thought of support inside the 802.11 protocol itself for symbiotic co-existence for performance? For example, isn’t the channel overlap rule (where an AP cannot operate on 40 MHz when there are overlapping 20 MHz APs) of the standard already fostering a kind of symbiosis. How about if the standard provides for some IE’s in beacon’s of AP indicative of what performance impact an AP is seeing due to neighbors and then neighbors scale back or get aggressive based on what they hear in beacons from the surrounding APs. Carrier sense kind of does this at frame level, but beacon IE’s can do it at traffic level. The certified equipment would then have been tested to implement this properly. This won’t give guarantees on performance, but at least enforce equitable sharing and not let one AP or client hog the capacity. Very straw man thought at this point, but radical enough I guess, so feel free to beat it down if you wish :).

    Reply
  4. Keith Parsons

    You do NOT own the airwaves in your own area. Full stop.

    Everything else follows.

    I don’t understand how some folks think they should “control” the frequencies just because they are inside their own space. Totally false assumption.

    Keith

    Reply
  5. Kyle

    Keith, I agree with you, we don’t own the airwaves. I think airspace will also become a large issue in the next few years as it pertains to drones and where they are allowed to fly… anyway back to Wi-Fi…
    Most seem to be in agreement that it’s ‘ok’ to “contain” (send de-auths) a rogue that is physically connected to your network via Ethernet or fiber. What about a client that is connected to your WLAN and then creates a virtual router and bridges the connections allowing others to connect via their device onto your network? They are not physically connected, yet still represent a security risk.

    Reply
    1. Hemant Chaskar

      Kyle,

      I think the key to ask is: do you control a device or not? Keith’s criteria of physical connectivity is essentially checking this. When it is physically connected, it is justifiable that owner of the network controls it.

      Now you can apply this same logic to client. If your client is enterprise assigned, enterprise controls it (and has legal policy to back it) and hence can stop it being turned into hotspot or wireless bridge. If this client is something you bought as personal asset, it cannot be stopped from running hotspot or bridge as current ruling indicates.

      What about clients that are dynamically on-boarded like guests? If enterprise wants to stop guests from running hotspots, it is best to show them disclaimer at on-boarding time. If they click through Agree, I think it is justifiable that they can be blocked from running personal hotspots or bridges. If they don’t, it is not justifiable as current status quo indicates to me.

      Reply
      1. Kyle

        In my situation, at a State University I see quite a bit of student connecting to our 802.1X WLAN and then connecting other devices via bridges to avoid authentication. It has been my stance/understanding that they are still connected to our enterprise network and have signed AUP’s stating they will not use any wireless device that connects to our network. I have contained these devices until I could go out and find the students in housing and let them know that they are violating their AUP.

  6. Colin Lowenbergs

    No, the mitigation tools sold by wlan vendors are not illegal and are not jammers. There has been some misuse of these tools, and wlan vendors do not always warn customers not to use them inappropriately. The intended purpose was not blocking MiFi, and the mitigation tools existed long before MiFi. The tools were designed to protect networks from intrusions and attacks.

    Reply
    1. wirednot Post author

      Hi Colin, the interesting thing is that the FCC certainly presented their Commision Document as if this were a jamming case, from the wording of original complaint to closing the doc with links of to the Jamming-specific references. And since all jammers are illegal… But i understand your point and largely agreed until the Marriott incident. Now I have no idea what make of the vendor-provided tools.

      Reply
  7. Rick Hampton

    Folks, I’ve been playing around with radio communications systems for 40+ years now, in multiple forms. I help run the WLAN for a large hospital system on the East Coast and have personally discussed the use of Wi-Fi and other systems for use with medical devices with FCC staff, both high and low-level. So far, they haven’t disagreed with anything I’ve said. So, while I do NOT speak for the FCC, I put personal stock in what I’m about to share.

    I’m *STUNNED* at the overall apparent lack of understanding of the FCC rules governing Wi-Fi networks uncovered by the latest FCC Enforcement Advisory. I will say that the folks here at least seem to be even-headed and headed in the right direction, but I’m I must admit I still can’t understand what all the confusion is about.

    If you have read and understand the underlying regulations permitting the use of unlicensed devices, including Wi-Fi, the FCC’s Enforcement Advisory makes perfect sense. I’ve excerpted the sections below for clarity as they pertain to operation of Wi-Fi systems. I’ve also included URLs to the original rules. You should read them in their entirety.

    From the Code of Federal Regulations:

    Title 47: Telecommunication
    PART 15—RADIO FREQUENCY DEVICES
    Subpart A—General

    §15.3 – Definitions (http://tinyurl.com/p2rwx9n)

    (m) Harmful interference. Any emission, radiation or induction that… seriously degrades, obstructs or repeatedly interrupts a radiocommunications service operating in accordance with this chapter.

    §15.5 General conditions of operation. (http://tinyurl.com/nnvrue2)

    (a) Persons operating intentional… radiators shall not be deemed to have any vested or recognizable right to continued use of any given frequency by virtue of prior registration or certification of equipment….

    (b) Operation of an intentional… radiator is subject to the conditions that no harmful interference is caused and that interference must be accepted that may be caused by the operation of an authorized radio station, by another intentional or unintentional radiator, by industrial, scientific and medical (ISM) equipment, or by an incidental radiator.

    (c) The operator of a radio frequency device shall be required to cease operating the device upon notification by a Commission representative that the device is causing harmful interference. Operation shall not resume until the condition causing the harmful interference has been corrected.

    Further technical rules, which don’t pertain to this discussion, are contained in:
    §15.247 – Operation within the bands 902-928 MHz, 2400-2483.5 MHz, and 5725-5850 MHz.
    §15.249 – Operation within the bands 902-928 MHz, 2400-2483.5 MHz, 5725-5875 MHZ, and 24.0-24.25 GHz.
    §15.250 – Operation of wideband systems within the band 5925-7250 MHz.

    So, in a nutshell, when it comes to Wi-Fi, you cannot cause harmful interference to others. Period. Also, you must accept any harmful interference that others might cause you. If you are experiencing harmful interference from others, the Commission expects you to work things out amicably, NOT start a deauthentication war.

    IPS systems are exactly what they describe, Intrusion PROTECTION Systems. You can use them to deauthenticate clients connecting to YOUR network. The FCC knows about IPS systems and hasn’t said a single negative thing about their proper use. You may NOT weaponize them to deauthenticate clients connecting to OTHER’s networks. This is what Marriott did.

    The FCC didn’t create its rules governing Wi-Fi for any particular group of users. Each user must figure out how to use Wi-Fi to their advantage, as best they can, while remaining inside the box defined by those rules. The key phrase here is, “as best they can.” If, because of the FCC’s Enforcement Advisory, it now becomes impossible or deleterious to deploy a desired application on Wi-Fi, then someone needs to realize Wi-Fi was never meant to support such an application. They need to go back to the beginning and re-think their approach… possibly using a different kind of service or technology… or perhaps realizing their ambitions are ahead of the times and not yet achievable.

    It can’t get any clearer, folks.

    Regards,

    Rick Hampton

    Reply
    1. wirednot Post author

      Great input, Rick. Thanks for taking the time. I see weaponized WIPS marketed on occasion as a cure-all, and also get why people want to cling to “but it’s my property where the Mi-Fis are causing trouble!” school of thought. Is just easier to de-auth than to hunt them down and ask the users to cease. I do have problems with “you maybe should have used another technology” being waved at customers when all players involved from the FCC to Wi-Fi alliance to WLAN industry have created the expectations that WLAN can replace Ethernet in most settings. Here, we have some dated and contradictory messages being sent that need to be reconciled.

      Reply
  8. Rick Hampton

    Thanks, Lee.

    I say this with all sincerity and honesty: I’ve NEVER had ANYONE at the FCC tell me or set the expectation, in writing or in person, that Wi-Fi can replace Ethernet in ANY setting. They have told me, explicitly, they are leaving it up to the consumers to determine what does and does not work for them. If the Commission is guilty of anything here, it is not better controlling how this stuff is marketed. Unfortunately our elected officials have a way of interfering with that kind of thing… but I digress to a topic I do NOT want to discuss.

    I DO agree with you that the WLAN industry has created those expectations. I’ve complained to wireless providers for years about their over-hyping, but they don’t want to listen. As one put it, “We will neither appologize for, nor change, a marketing tool that has shown great success.” Like it or not, if you listen to anyone in the WLAN industry who tells you “that WLAN can replace Ethernet in most settings” well, this old saying applies: “Fool me once, shame on you. Fool me twice, shame on me.”

    I wish, I really do, that the rules were in place for us to do more stuff as we wish. But the reality is, those are not the rules we have. Whether you see it or not, whether you understand it or not, whether you like it or not, the rules protect you far more than they hinder you. With 40+ years of wireless stuff under my belt, I can honestly say I have a few bumps on my head from hitting the regs, but the regs have prevented me from having far more.

    Sorry, but the rules are the rules. You (using the editorial you, now) really need to know them. They haven’t changed since long before Wi-Fi was created and Wi-Fi was created with them in mind. The only thing needing reconciliation is your understanding of the regs with the marketing hype and with the reality that you want to achieve. I run into this on a constant basis where I work. As you might imagine, I’m often not the most popular person when someone wants the latest Shiny Object. But, then again, our patients are safe. I sleep soundly at night, knowing that.

    With Wi-Fi, as in many other things: Caveat Emptor!

    Reply
    1. wirednot Post author

      Again, well said Rick. I’m an Extra Class licensed ham, and that journey does give one an appreciation for the regulatory cats the FCC has to heard. I mention this only to back up your point about the importance of the rules. You also nailed it on the Wi-Fi marketing paradigm and the wake it leaves.

      Sadly, this is a WLAN industry problem and if you go back to the core: if Mi-Fi devices weren’t produced to be so out-of-box offensive to business WLANs (I can operate within regs and still be a complete dick) none of this would probably be in the spotlight.

      Thanks so much for great, thoughtful input. This discussion is really needed.

      Reply
  9. Rick Hampton

    Figures, I’m an Extra Class ham, too. 🙂

    Let’s be honest with ourselves, though. The problem is not just Mi-Fi boxes. Mi-Fi boxes are only the latest thing to attract attention. I’ve seen problems with Bluetooth, UNI-I band systems, “proprietary 802.xx” systems, a paper shredder, wireless phones and headsets, and even a DFS algorithm that couldn’t get out of its own way.

    Most importantly, it’s other Wi-Fi networks, too. We have several large, academic medical centers in urban areas. We have experienced demonstrable problems with neighboring Wi-Fi networks of all ilk; commercial establishments, educational institutions, personal Wi-Fi routers in apartments and condos, etc., ad nauseum. I’ve had to talk with a few of our neighbors about coordinating network functions, but only when we couldn’t engineer around them. (Imagine this; every time we had problems with another network interfering with our network, our network was interfering with the other network as well. Who wulda thunk it?)

    It is a two-way street. We are all interferers. But, to your point, we don’t all have to be dicks. 🙂

    Reply
  10. Pingback: FCC still has ton of explaining to do on Wi-Fi blocking rules - Tech3 Now

  11. Pingback: FCC still has ton of explaining to do on Wi-Fi blocking rules | TutorTechs

Tell me what YOU think.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s