Recently, you may have noticed ad popping up when connecting through a router or public WiFi hotspot. It's the latest gimmick to serve up more advertising.

Pablo Valerio, International Business & IT Consultant

September 1, 2015

5 Min Read
<p align="left">(Image: teekid/iStockphoto)</p>

Google OnHub Router: My First 24 Hours

Google OnHub Router: My First 24 Hours


Google OnHub Router: My First 24 Hours (Click image for larger view and slideshow.)

I had never heard of a company called RaGaPa until a few days ago. I read a story about people complaining that their mobile devices started showing unusual ads, some of them taking up half a screen, when people connected to AT&T hotspots.

RaGaPa advertises itself as the leader of "in-browser content insertion technology," a "solution" that enables venues, such as retailers, airports, restaurants, and other locations, to insert specific content and advertisements when visitors connect to their WiFi hotspots.

That got me thinking: What's stopping ISPs from using such technology to start serving ads to residential customers when connected to their networks? One of the sales pitches of RaGaPa is "Monetizing your network," and would seem to allow carriers or venues to serve ads, display sponsored content, or just place their brand on every page the user visits.

Consumer reliance on hotspots and WiFi has grown significantly. Now most devices connect to the Internet and corporate networks through WiFi, and many laptops no longer feature a wired Ethernet connector.

Cellular carriers also encourage their customers to connect via WiFi with their smartphones to reduce network congestion, since data traffic is growing exponentially. Customers like the speed of WiFi, and the bonus of not consuming their data allowances.

In fact, cellular carriers will offload nearly 60% of mobile data traffic to WiFi networks over the next four years, according to Juniper Research.

Most users, when arriving at a location that offers free WiFi, spend several minutes going through the process of connecting to the service, regardless of the privacy and security implications of sending all their device's internet traffic through such an unsecured connection.

Now, thanks to services such as the one from RaGaPa, not only could their Internet activity be captured and analyzed, it could be monetized, too.

Router Manufacturers Can Do It, Too

Three years ago, Cisco launched its Connect Cloud service, pushing an update to a series of Linksys consumer models. Users of those routers were then pushed to a sign-up page for Cisco Connect Cloud instead of the usual password log-in.

In order to change router configuration users were required to sign up for a Connect Cloud account.

Cisco claimed that the service was intended to help users set up additional devices and change the network parameters remotely from any device. But many users saw it as invasion of privacy since the new firmware could send "certain information related to the use of the service" back to Cisco.

After a massive backlash on social media platforms, including Facebook and Slashdot, Cisco was forced to respond. The company restored access to the previous firmware, and changed the conditions of Connect Cloud so users did not need to setup an account to manage their router.

Brett Wingo, vice president and general manager of Cisco's Home Networking division, wrote in a blog post at the time: "In response to our customers' concerns, we have simplified the process for opting-out of the Cisco Connect Cloud service and have changed the default setting back to traditional router set-up and management."

What stops Cisco, D-Link, ZTE, Netgear and others from starting to place ads through their routers? The answer is probably the possibility of being shamed on social networks.

Home ISP and WiFi Offload

Many home internet subscribers, especially in Europe, do not purchase their home router; they use the one provided by the ISP. Those routers are usually inexpensive units from companies such as D-Link and ZTE that come preconfigured to connect to the ISP network through DSL, cable, or fiber.

[Read about what one of the creators of WiFi is up to now.]

However the ISP retains access to the router configuration, being able to push updates or change the WiFi parameters.

One interesting feature that is being deployed on those routes is home Carrier WiFi offload for mobile users. Many big cellular carriers and ISPs are now deploying large numbers of WiFi hotspots in cities using the existing infrastructure of their customers' homes and businesses.

Some carriers are converting their residential customers' WiFi connections into wireless hotspots to supplement their 3G and 4G networks, without informing them. For mobile customers, the switch to WiFi is completely unnoticeable -- the terminal connects to WiFi automatically when passing by a node in the network without interrupting service -- and many operators are offering additional data allowance of 5GB and 10GB on WiFi offload.

This is a new opportunity for carriers to serve ads to mobile customers connected to those hotspots. While the residential customer won't be seeing ads on their "internal" network (the one not intended to be shared), users connecting to those hotspots are effectively on the "carrier" network.

The most disturbing part is of all this is privacy.

WiFi offloading is taking advantage of network isolation, so cellular users won't have access to other devices on the network. But that won't stop hackers from circumventing the isolation block and potentially tapping residential networks.

Most ISPs allow residential customers to opt out of the service, but then those customers are not allowed to use the carrier's hotspots free of charge, unless they subscribe to an additional service.

What do people need to do? First, avoid public hotspots and only connect to WiFi networks that you know and trust. Second, use an app such as the Smarter WiFi Manager to avoid broadcasting your WiFi Mac ID, and third, purchase your own router and install an open source firmware such as OpenWrt.

About the Author(s)

Pablo Valerio

International Business & IT Consultant

Pablo Valerio has been in the IT industry for 25+ years, mostly working for American companies in Europe. Over the years he has developed channels, established operations, and served as European general manager for several companies. While primarily based in Spain, he has also lived in Germany, The Netherlands and Denmark. His knowledge of the European IT business and his interest in EU technology initiatives spurred his move to technology writing. For the past four years, he has been a regular contributor to several publications in the IT ecosystem, focusing on privacy, security, mobile technology and smart cities. His work has appeared in InformationWeek, EETimes, Enterprise Efficiency, UBM Future CitiesDell's Tech Page One, and SAP Business Innovation, among others.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights