Nerdy tidbits from my life as a software engineer

Thursday, February 26, 2009

Problems Paying For Internet Access

I was on vacation at Whistler this weekend.  Because I can’t live without the internet, I brought my laptop with me thinking that there was free internet at our condo.  I found out quickly that yes, there was internet access….but no, it was not free.

Being the miserly person that I am, I decided not to pay $10.00 to get on the internet just to check my email and read the news.  I can wait a couple of days.  But a friend of mine who came with me needed to send an email, and decided to fork over the 10 bucks.  Since he paid for a username / password, I mooched off of his purchase and spent some time online.

When I got back home to Seattle, I had this strange problem with my computer where it was connecting to my home network, but I only had local access.  At first I figured it was just Comcast doing there usual thing where they take your internet down for no reason.  But when I discovered that my desktops connection worked fine, it occurred to me that the pay-for-your-internet-access script at Whistler did something funky to my machine and it couldn’t connect to the internet any more.

But what could it have done?  I didn’t run an ActiveX control.  I didn’t install any VPN software.  I didn’t do anything funky to my connection other than type in a username and password in a website.  Nope.  Somehow, via voodoo black magic, I ended up on the internet at Whistler, and some script altered my network settings to make that happen.  And of course, the script didn’t have the intelligence to revert its changes when I was no longer connecting through their network.

First I checked my internet connection settings.  I figured they were redirecting me to a proxy server.  But no – that wasn’t it. 

So then I checked the properties of my Wireless Connection and checked the properties on my TCP/IPv4 protocol.  And that’s when I discovered the problem: whatever happened when I logged into the Whistler pay-for-your-internet system changed my settings from “Obtain DNS server address automatically” to “Use the following DNS server addresses”, which of course had some IP address that’s only valid on their network and cannot be resolved once you leave.

So that’s how those systems work.  When you log in, they must somehow change your TCP/IP settings to point to a custom IP address to resolve DNS names.  This scares me for several reasons.  First, how on earth can a website change your network settings?  That seems like a clear security violation to me.  I can’t tell how they got away with it.

Second, it’s clearly irresponsible to change people’s network settings without a) telling them, and b) reverting them later on.  I’m pretty knowledgeable about this sort of thing – but what about grandma?  Most people would end up calling Comcast and complaining that their internet doesn’t work any more.  And we all known how those phone calls end up.  I can only imagine how much time is wasted cleaning up people’s TCP/IP settings from these bad systems.

Now the other thing: once you know their little trick, what’s stopping somebody from just manually setting their DNS server in their network settings and bypassing the $10.00 fee?

0 comments: