Search By Topic:

Popular Topics:



Thought Leadership | Feb 7th, 2011

Ask the Expert: Am I Safe Using My Laptop in My Hotel Room?

Kent Lawson

Q: The hotel that I sometimes stay in offers either wifi or cable connection in my room. I know that wifi can be hacked into, so I always connect via cable. My communications are safe that way, right?

A: The answer is “no.” Your communication is just as vulnerable when using a hotel cable connection as it would be if you were using wifi.

wifi safety

This actually was one of the most shocking things that I learned about Internet communications before starting Private Communications Corporation. Like many of you, I was dimly aware about the vulnerability of wifi. But I assumed that if I plugged directly into the hotel’s network with a cable that I was safe.

This turns out to be false.

To understand why, we have to look back about 35 years. The technology used for most in-house networks, called Local Area Networks (LANs), originated back in the mid-1970s at Xerox’s famous PARC research lab. LANs were designed to be able to share information within an organization, such as a business. It was assumed, then, that everyone on the LAN could basically be trusted, so no security was necessary.

And that fundamental oversight has been carried forward ever since.

That is not a major problem when the LAN is used internally, such as a business. But the same technology is used for hard-wired Internet access in hotels, and that is a serious problem.

Promiscuous Monitoring, ARP Spoofing

There are several ways to hack hotel LANs, but two the two main ones carry the colorful names of “promiscuous monitoring” and “ARP spoofing.”

Promiscuous monitoring can be used on hotel networks which use a “hub” configuration, which passes everyone’s communication thorough the same cable. (Only about 20% of hotels use this technique, but you have no way of knowing whether they do or not.) So all a hacker has to do is turn on an option in his “network interface card” to listen “promiscuously,” and the communications from every hotel guest can be captured and stored on his laptop.

Almost every laptop, whether PC or Mac, has the ability to do this. It only takes a bit of software that, naturally, is readily available on the Internet.

“ARP spoofing” is more insidious yet also more esoteric as it is very difficult for the hotel to protect against. (That is one reason why most hotels actually have two LANs – one for their internal business, the other for guests.)

With ARP spoofing a hacker convinces the network his laptop is actually that central node with the Internet connection, so all the guest’s communications are re-directed to through him. This is called a man-in-the-middle attack. He can store your communication – or even modify it if he wishes – before sending it on to the Internet. Chances are, no one will ever know what happened. At least until the next credit-card billing cycle.

The only way to protect yourself in hotels, whether using wifi or a cable connection, is to use a VPN such as PRIVATE WiFi™.

Editor's note: Have a question you'd like to submit for an upcoming "Ask the Expert" column? Email your name and question to

Associated Topics:

Associated Topics:


Related Posts

Protecting Your Identity with the Internet of Things

Thought Leadership
Eva Velasquez | May 21st, 2015

The internet of things—or IOT, as it’s commonly known—was once the stuff of science fiction, a newfangled “wave of the future” concept only experienced at futuristic demonstrations like the World’s Fair. But now many of these devices are already in use in millions of households around the world. They’ve become an interesting yet somehow still unknown entity in the world of technology, and industry experts have stated these products will be the norm just a handful of years from now. Read More

Avira Offers PRIVATE WiFi’s VPN As Part of New Bundle

News & Features
Jared Howe | May 14th, 2015

Germany-based security company, Avira, just announced the release of a new bundled product which includes both their Antivirus Pro and PRIVATE WiFi.  This bundle protects users from both malware infection and data theft. Read More

How To: BlueKai, Online Tracking, and Your Privacy

Jared Howe | May 5th, 2015

BlueKai is an online marketing firm that provides data to marketers, ad networks and publishers. This data is used to target ads to consumers.

This information that BlueKai gathers is considered "anonymous" because it identifies web browsers, not individuals. However, Read More

How To: Safari Privacy and Security Settings

Jared Howe | May 5th, 2015

To edit the security settings for Safari:

  1. Go to Safari > Preferences.
  2. Click the AutoFill tab.
  3. On this tab, select what types of forms your browser fills in automatically.
    Note: In general, you should remove all the checkboxes

Read More


Thank you for subscribing to our newsletters

Your email has been added to our system. You will be e-mailed shortly with a request to confirm your membership. Please make sure to click the link in that message to confirm your subscription.