55
submitted 6 months ago* (last edited 6 months ago) by coffeeClean@infosec.pub to c/cybersecurity@infosec.pub

I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scripts and configs to use clearnet, so the library’s internet is useless to me (unless I bother to try a tor bridge).

I was packing my laptop and a librarian spotted me unplugging my ethernet cable and approached me with big wide open eyes and pannicked angry voice (as if to be addressing a child that did something naughty), and said “you can’t do that!”

I have a lot of reasons for favoring ethernet, like not carrying a mobile phone that can facilitate the SMS verify that the library’s captive portal imposes, not to mention I’m not eager to share my mobile number willy nilly. The reason I actually gave her was that that I run a free software based system and the wifi drivers or firmware are proprietary so my wifi card doesn’t work¹. She was also worried that I was stealing an ethernet cable and I had to explain that I carry an ethernet cable with me, which she struggled to believe for a moment. When I said it didn’t work, she was like “good, I’m not surprised”, or something like that.

¹ In reality, I have whatever proprietary garbage my wifi NIC needs, but have a principled objection to a service financed by public money forcing people to install and execute proprietary non-free software on their own hardware. But there’s little hope for getting through to a librarian in the situation at hand, whereby I might as well have been caught disassembling their PCs.

you are viewing a single comment's thread
view the rest of the comments
[-] coffeeClean@infosec.pub -1 points 6 months ago* (last edited 6 months ago)

Why are you even in the library to begin with if you’re so opposed to how they manage their network?

How does one know how they manage their network before entering the library? The libraries that have ethernet /never/ advertise it. Only wi-fi is ever advertised. I have never seen a library elaborate on their wifi preconditions (which periodically change). This info is also not in OSMand, so if you are on the move and look for the closest library on the map, the map won’t be much help apart from a possible boolean for wifi. Some libraries have a captive portal and some do not. Among those with captive portals, some require a mobile phone with SMS verification and some do not. But for all of them, the brochure only shows the wifi symbol. You might say “call and ask”, but there are two problems with that: you need a phone with credit loaded. But even if you have that, it’s useful to know whether ethernet is available and the receptionist is unlikely to reliably have that info. Much easier to walk in and see the situation. Then when you ask what will be blocked after you get connected, that’s another futile effort that wastes time on the phone. It really is easier and faster to pop in and scope out the situation. Your device will give more reliable answers than the staff. But I have to wonder, what is your objection to entering a library to reliably discover how it’s managed in person?

[-] null@slrpnk.net 1 points 6 months ago

Just because it's a public resource doesn't mean you can break in after hours, and just because you don't have a phone doesn't give you permission to sidestep their security policies.

this post was submitted on 29 Apr 2024
55 points (63.8% liked)

cybersecurity

3292 readers
48 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS