a privacy violation at the DC Renaissance Hotel - to all NANOG 20 conference participants
Hmm, Merit's mailer gives me some headaches. Maybe it's because the mail already had a "Delivered-To: header when sent (how to insert that into incoming-only mail in Sendmail has remained a mystery to me). I sent it with the wrong return address, too, so this might have been the true reason. Please be not be distracted from the content of the message itself. [...] The Postfix program <nanog@merit.edu>: mail forwarding loop for nanog@merit.edu [...] From: Kai Schlichting <kai@conti.nu> Subject: a privacy violation at the DC Renaissance Hotel - to all NANOG 20 conference participants Cc: postmaster@stsn.com, wwest@SUITECORP.COM, notphast@MSN.COM, domain.administrator@MARRIOTT.COM, postmaster@MARRIOTT.COM, postmaster@renaissancehotels.com This is a message to all NANOG 20 participants staying at the Renaissance Washington DC conference hotel, October 22-24th (and probably to countless other guests over time that are not affiliated with NANOG). If you have surfed accessed-restricted websites belonging to your employers while using the hotel's in-room Internet service (provided by SuiteCorp, stsn.com), you have good reason to be concerned now, as your privacy has been violated. STSN apparently uses a transparent proxy (which I have no problem with) that continually keeps a copy of what is accessed for a very long time (which I have a BIG problem with) - but it doesn't stop there: it's doing conditional re-GET's on those objects in the cache, keeping it up-to-date (and I will not allege that the STSN admins are "surfing the logs" so to speak, there is not evidence for that). This is a gross privacy violation and a damn good reason not to use secured, private, privacy-sensitive non-SSL websites when using any hotel in-room Internet service like STSN. It's also a damn good reason to sue if you feel like it (I don't, at least not right now). The last 5 accesses in the log below are such cache-refresh accesses, those leading up to it are from my accesses in the room and from the conference network gratiously provided by AOL. p3.stsn.com - - [22/Oct/2000:20:16:22 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" p3.stsn.com - - [22/Oct/2000:23:03:30 -0400] "GET /~kai/home646.html HTTP/1.0" 200 5899 "-" "Mozilla/3.01 (compatible;)" p3.stsn.com - - [22/Oct/2000:23:05:31 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" p3.stsn.com - - [23/Oct/2000:08:26:39 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" nanog-18-142.atdn.net - - [23/Oct/2000:09:02:13 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" nanog-19-66.atdn.net - - [23/Oct/2000:11:09:07 -0400] "GET /~kai/home646.html HTTP/1.0" 200 5899 "-" "Mozilla/4.75 [en] (Win98; U)" p73.stsn.com - - [23/Oct/2000:16:58:52 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" p73.stsn.com - - [23/Oct/2000:17:02:34 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" p73.stsn.com - - [23/Oct/2000:17:59:04 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" 12.23.124.37 - - [23/Oct/2000:21:33:46 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" p244.stsn.com - - [24/Oct/2000:08:57:28 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" nanog-18-140.atdn.net - - [24/Oct/2000:09:26:26 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" p3.stsn.com - - [28/Oct/2000:10:07:51 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" p3.stsn.com - - [03/Nov/2000:04:04:11 -0500] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" p3.stsn.com - - [10/Nov/2000:13:31:57 -0500] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" p3.stsn.com - - [19/Nov/2000:21:40:56 -0500] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" p3.usslc14.stsn.com - - [29/Nov/2000:10:27:01 -0500] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" Thanks, bye,Kai ps: yes, that page is gone now. -- "Just say No" to Spam Kai Schlichting New York, Palo Alto, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://www.SpamShield.org | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxes WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMath
On 5 Dec 00, at 15:17, Kai Schlichting wrote:
STSN apparently uses a transparent proxy (which I have no problem with) that continually keeps a copy of what is accessed for a very long time (which I have a BIG problem with) - but it doesn't stop there: it's doing conditional re-GET's on those objects in the cache, keeping it up-to-date (and I will not allege that the STSN admins are "surfing the logs" so to speak, there is not evidence for that).
Well, I'm glad I didn't hit anything sensitive through that service, and basically only checked mail over SSH. One of the things I'm considering doing (but not got around to yet), is building myself a "friendly" Squid proxy on my office network. Then, whenever I'm on my travels, I open an SSH session to my office network, and tunnel all web traffic through the SSH session to my Squid. That's the best solution I can think of for this kind of stuff. Anyone else got any ideas? Mike -- Mike Hughes,London,UK http://www.smashing.net/ mike@smashing.net ICQ UIN:4871914 "Only one thing in life is certain: init is process No. 1" PGP Public Keys from http://www.smashing.net/pgpkeys.html
At Tuesday 04:02 PM 12/5/00, Mike Hughes wrote:
Then, whenever I'm on my travels, I open an SSH session to my office network, and tunnel all web traffic through the SSH session to my Squid.
That's exactly what I did with all my POP3 and SMTP traffic at the conference: built a tunnel (recent versions of the SSH module for TeraTerm for Windows do this great!) via SSH, pop/smtp to local loopback interface. A 5 minute thing. Even though I had a web proxy available at the other end of that SSH-based tunnel as well, I didn't think it was necessary: data was just not sensitive enough for SSL, yet it was private and of certain value in the wrong hands, and vulnerable as such when stored for extended periods of time on someone else's harddrive. The usefulness of the VPN-spiel or end-to-end IPSec doesn't seem so theoretical anymore.
participants (2)
-
Kai Schlichting
-
Mike Hughes