I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scripts and configs to use clearnet, so the library’s internet is useless to me (unless I bother to try a tor bridge).

I was packing my laptop and a librarian spotted me unplugging my ethernet cable and approached me with big wide open eyes and pannicked angry voice (as if to be addressing a child that did something naughty), and said “you can’t do that!”

I have a lot of reasons for favoring ethernet, like not carrying a mobile phone that can facilitate the SMS verify that the library’s captive portal imposes, not to mention I’m not eager to share my mobile number willy nilly. The reason I actually gave her was that that I run a free software based system and the wifi drivers or firmware are proprietary so my wifi card doesn’t work¹. She was also worried that I was stealing an ethernet cable and I had to explain that I carry an ethernet cable with me, which she struggled to believe for a moment. When I said it didn’t work, she was like “good, I’m not surprised”, or something like that.

¹ In reality, I have whatever proprietary garbage my wifi NIC needs, but have a principled objection to a service financed by public money forcing people to install and execute proprietary non-free software on their own hardware. But there’s little hope for getting through to a librarian in the situation at hand, whereby I might as well have been caught disassembling their PCs.

  • DoomBot5@lemmy.world
    link
    fedilink
    English
    arrow-up
    75
    arrow-down
    5
    ·
    8 months ago

    I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scripts and configs to use clearnet, so the library’s internet is useless to me (unless I bother to try a tor bridge).

    Yeah… Trying to bypass their security by using ethernet instead of Wi-Fi to use your own stuff that’s being blocked is tantamount to abusing the library’s services. Someone should let the IT staff know so they can properly block those services on ethernet as well.

    • deweydecibel@lemmy.world
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      1
      ·
      edit-2
      8 months ago

      They should just be disabling the ports, frankly. The overwhelming majority of visitors will never miss them. If you need to use a computer on an Ethernet connection because you can’t/won’t use the Wi-Fi, most libraries provide desktop stations for you to use.

      Keep some Wi-Fi USB dongles in the drawer at the front desk for people whose Wi-Fi isn’t working, or the extreme edge case where somebody has some sort of device that can only use an ethernet connection, and for some reason they brought it to the library.

    • coffeeClean@infosec.pubOP
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      41
      ·
      edit-2
      8 months ago

      Someone should let the IT staff know so they can properly block those services on ethernet as well.

      Someone should let the IT staff know that wi-fi does not work for everyone, including:

      • People running a free software platform that lacks support for a wifi NIC that needs a proprietary driver and firmware
      • People running free software who ethically object to running the proprietary non-free driver and firmware their wifi NIC requires
      • People without a mobile phone to perform the captive portal-mandated SMS verfication
      • People with a mobile phone but who want to exercise their GDPR right to data minimization
      • Climate activists who prefer not to spend 30 times more energy needed for wi-fi radios
      • People who want the security of other wi-fi users not eavesdropping on their traffic by simply pointing a yagi antenna from a block away (on a network that blocks the VPNs that would protect them from that on wi-fi)

      (edit)

      • People who cannot get past the captive portal for other reasons, such as the captive portal imposing TLS 1.3 on older software (forced obsolescence), or anything else that fails technically, like DNS breakage preventing the captive portal’s hostname from resolving.

      And because simply turning on Wi-Fi in public enables all iPhones in your range to automatically snoop, collect your wi-fi params including SSIDs your device looks for before sending it to Apple, along with GPS fix and timestamp (according to research), there are people who:

      • for privacy reasons object to being snooped on generally in this way
      • boycott Apple already for any number of reasons, and who have enough discipline and resolve to oppose feeding profitable data to Apple – regardless of whether they actually care about the disclosure.
      • boycott the fossil fuel industry, including Google who supplies AI to Totaal Oil to find drilling locations, and thus oppose feeding Google by way of Androids in range doing the same collection as Apple. (note it’s disputed whether Google actually mirrors Apple on this to the extent of Apple)
      • Buelldozer@lemmy.today
        link
        fedilink
        English
        arrow-up
        53
        arrow-down
        2
        ·
        edit-2
        8 months ago

        Someone should let the IT staff know that wi-fi does not work for everyone, including:

        HI there. I’m someone in IT for a Public Library so let me review these points.

        People running a free software platform that lacks support for a wifi NIC that needs a proprietary driver and firmware

        That’s a you and your hardware problem, not a public library IT problem. You need to purchase hardware that is adequately supported by your chosen Operating System.

        People running free software who ethically object to running the proprietary non-free driver and firmware their wifi NIC requires

        This is a you and your hardware problem. Buy hardware that is adequately supported by your chosen Operating System.

        People without a mobile phone to perform the captive portal-mandated SMS verfication

        This one is a semi-serious complaint however I’ve never seen a portal system where the Librarian’s didn’t have the ability to issue a day pass for use. Aside from that you sound like someone who should be technically able to stand up an ephemeral phone number for the purpose of receiving SMS.

        People with a mobile phone but who want to exercise their GDPR right to data minimization

        Same as above.

        Pro-environment people who prefer not to spend 30 times more energy needed for wi-fi radios

        What an absolutely petty complaint.

        People who want the security of other wi-fi users not eavesdropping on their traffic by simply pointing a yagi antenna from a block away.

        I’d bet that as soon as you enter a code your VPN stops being blocked. They’re not trying to block VPN they are preventing you from sidestepping their ToS.

        I’ve dealt with Patrons like you before and the instant someone starts yammering at me about ClearNet / Tor I know exactly what kind of person I’m dealing with.

        You selected your path for whatever reasons you chose and the inconveniences that come with that path are yours to deal with. Suck it up buttercup, you weren’t promised that a privacy respecting internet lifestyle would be easy or convenient.

        BTW if you’d plugged your laptop into one of my systems you’d have gotten vlan’d into the same Captive Portal System that the WiFi has which is precisely how any publicly available Ethernet port should function. Your little length of wires coated in vinyl with plastic shoved on the ends still wouldn’t have gotten you where you wanted to go.

        • coffeeClean@infosec.pubOP
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          7
          ·
          edit-2
          8 months ago

          That’s a you and your hardware problem, not a public library IT problem. You need to purchase hardware that is adequately supported by your chosen Operating System.

          Forcing people to buy more hardware is yet another variation of discrimination against the poor. Imposed needless consumerism is also reckless from an environmental standpoint. If you choose not to step your competency up to the level needed to serve the public without costing them more money, you’re only getting off the hook in the view of right-wing conservatives who are happy to have library service cheapened at the expense of equal rights.

          Not being “your problem” is simply a problem of an ill-defined contract that allows irresponsible policy.

          This is a you and your hardware problem. Buy hardware that is adequately supported by your chosen Operating System.

          It’s not a hardware problem. It’s an ethics problem, and the problem is on your part whether you choose to acknowledge it or not. If you lack the higher level of competency needed to practice your trade ethically, you should try to gain the competency you need to be inclusive of people in different economic standings and diverse hardware.

          This one is a semi-serious complaint however I’ve never seen a portal system where the Librarian’s didn’t have the ability to issue a day pass for use.

          Not a single public library in my area has a day pass option as an alternative authentication. If the patron has no phone, the library helpless and the user is not getting online with their own device.

          Aside from that you sound like someone who should be technically able to stand up an ephemeral phone number for the purpose of receiving SMS.

          There is no way to get a phone or an active SIM chip gratis in my area. The only difference between a burner phone and a non-burner phone in my area is you quit using the burner phone early. It has all the same problems as a permanent phone. You can get a pinger number online, but it only works if you’re already online. Apart from that, your suggestion is absurd as an official policy in response to public complaint about phoneless people being officially excluded.

          Same as above.

          It fails here too, for the same reason.

          What an absolutely petty complaint.

          What an absolutely pathetic failure to support a claim to the contrary.

          I’d bet that as soon as you enter a code your VPN stops being blocked. They’re not trying to block VPN they are preventing you from sidestepping their ToS.

          This is not a /me/ problem. You are responding to a list of demographics of people who are excluded from a public service. If not every single person has a gratis VPN (and they don’t), this is a broken argument. To say every user must acquire a VPN because you cannot provide a means of access that thwarts the most trivial MitM possible is a reckless abandonment of duty.

          I’ve dealt with Patrons like you before and the instant someone starts yammering at me about ClearNet / Tor I know exactly what kind of person I’m dealing with.

          So your emotional bias adversely hinders your judgement and ability to service a diverse range of users. It shows.

          You selected your path for whatever reasons you chose and the inconveniences that come with that path are yours to deal with. Suck it up buttercup, you weren’t promised that a privacy respecting internet lifestyle would be easy or convenient.

          Inconveniences are borne out of the kind of incompetent infosec that you’re peddling. A competent tech firm can do this job without violating data minimisation principles and without violating Article 21 of the UDHR.

          BTW if you’d plugged your laptop into one of my systems you’d have gotten vlan’d into the same Captive Portal System that the WiFi has which is precisely how any publicly available Ethernet port should function. Your little length of wires coated in vinyl with plastic shoved on the ends still wouldn’t have gotten you where you wanted to go.

          And that would still be violating peoples’ Article 21 rights to equal access. Imposing a mobile phone is among the injustices I’ve mentioned. I would still favor the ethernet regardless of the captive portal for many of the reasons I’ve mentioned. In the very least it avoids discriminating against people without functioning wifi h/w.

        • lemmyreader@lemmy.ml
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          21
          ·
          8 months ago

          I’ve dealt with Patrons like you before and the instant someone starts yammering at me about ClearNet / Tor I know exactly what kind of person I’m dealing with.

          You selected your path for whatever reasons you chose and the inconveniences that come with that path are yours to deal with. Suck it up buttercup, you weren’t promised that a privacy respecting internet lifestyle would be easy or convenient.

          I guess Meta, Google, Amazon and countless other companies are with you on this one for the ad and tracking riddled mass exploitation Internet of today.

          • Buelldozer@lemmy.today
            link
            fedilink
            English
            arrow-up
            22
            arrow-down
            3
            ·
            8 months ago

            I began my struggle with F/OSS and its drivers with Slackware V3 shortly after it’s release. I long ago memorized absolutely every argument you could possible come up with and have myself repeated many of them over the years. That doesn’t change the fact that Networks and Systems are not configured for your convenience and YOU are responsible for how your own damn hardware works.

            Now get the hell off my lawn.

            • lemmyreader@lemmy.ml
              link
              fedilink
              English
              arrow-up
              6
              arrow-down
              3
              ·
              edit-2
              8 months ago

              Now get the hell off my lawn.

              We are in a public community on the open Internet here where the following is written in the sidebar :

              • Be kind

              Tor was created by the USA military and the USA government has funded with millions of dollars. Many years ago Tor had a negative word association to it. But not so much anymore. Countless volunteers run Tor nodes from home, and Tor is not that slow anymore as it used to. I use Tor myself because I strongly dislike all the tracking, snooping and scandals by large and even small companies. The Clearnet Internet has become a disastrous place :(

              • coffeeClean@infosec.pubOP
                link
                fedilink
                English
                arrow-up
                2
                ·
                edit-2
                7 months ago

                It’s a good point about the irrational Tor hostility. But note the more perverse absurdity with his comment: that a public library is “his lawn”. If his inability and unwillingness to equally serve the whole public would be just in the private sector, there would be no issue because everyone he disservices can refuse to do business with him.

                What’s sickening here is he said “I’m someone in IT for a Public Library”. So he is operating a public service in an exclusive manner telling people /get off his lawn/, which was financed with public money. And ~7+ of 8 people are okay with that.

                  • coffeeClean@infosec.pubOP
                    link
                    fedilink
                    English
                    arrow-up
                    2
                    ·
                    edit-2
                    7 months ago

                    In that sense, it implies that we were encroaching on his space, when in fact he entered this thread (like his handle: a bulldozer) to demand that people recognize an approach to sysadministration that does not respect equal rights, privacy, or the environment, and ultimately undermines human rights and promotes consumerism to ease his job at his competency level, as if the public is expected to serve him. It’s not his lawn in either sense of the meaning.

                    He made it quite he expects everyone to go through hoops to make his job convenient when he said:

                    “That doesn’t change the fact that Networks and Systems are not configured for your convenience”

                    I can imagine that the guy wants to secure his network and is maybe paranoid about people breaking in which seems fair to me,

                    It would be a malpractice of security. Security is about confidentiality, integrity, and availability. To reduce availability needlessly is to work against security. If availability were not essential to security, then you would just unplug the all machines, making the internet unusuable to everyone, and call it “secure”. A competent admin can securely offer internet service to people without phones, and people without a wifi card.

      • catloaf@lemm.ee
        link
        fedilink
        English
        arrow-up
        25
        arrow-down
        1
        ·
        8 months ago

        You’re welcome to use the library PCs (if available) or get your own ISP connection.

      • DoomBot5@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        4
        ·
        8 months ago

        Yeah, this argument is bullshit once you actually know what you’re talking about instead of following some cult videos that teach you to repeat them.