I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scripts and configs to use clearnet, so the library’s internet is useless to me (unless I bother to try a tor bridge).
I was packing my laptop and a librarian spotted me unplugging my ethernet cable and approached me with big wide open eyes and pannicked angry voice (as if to be addressing a child that did something naughty), and said “you can’t do that!”
I have a lot of reasons for favoring ethernet, like not carrying a mobile phone that can facilitate the SMS verify that the library’s captive portal imposes, not to mention I’m not eager to share my mobile number willy nilly. The reason I actually gave her was that that I run a free software based system and the wifi drivers or firmware are proprietary so my wifi card doesn’t work¹. She was also worried that I was stealing an ethernet cable and I had to explain that I carry an ethernet cable with me, which she struggled to believe for a moment. When I said it didn’t work, she was like “good, I’m not surprised”, or something like that.
¹ In reality, I have whatever proprietary garbage my wifi NIC needs, but have a principled objection to a service financed by public money forcing people to install and execute proprietary non-free software on their own hardware. But there’s little hope for getting through to a librarian in the situation at hand, whereby I might as well have been caught disassembling their PCs.
I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scripts and configs to use clearnet, so the library’s internet is useless to me (unless I bother to try a tor bridge).
Yeah… Trying to bypass their security by using ethernet instead of Wi-Fi to use your own stuff that’s being blocked is tantamount to abusing the library’s services. Someone should let the IT staff know so they can properly block those services on ethernet as well.
Someone should let the IT staff know so they can properly block those services on ethernet as well.
Someone should let the IT staff know that wi-fi does not work for everyone, including:
- People running a free software platform that lacks support for a wifi NIC that needs a proprietary driver and firmware
- People running free software who ethically object to running the proprietary non-free driver and firmware their wifi NIC requires
- People without a mobile phone to perform the captive portal-mandated SMS verfication
- People with a mobile phone but who want to exercise their GDPR right to data minimization
- Climate activists who prefer not to spend 30 times more energy needed for wi-fi radios
- People who want the security of other wi-fi users not eavesdropping on their traffic by simply pointing a yagi antenna from a block away (on a network that blocks the VPNs that would protect them from that on wi-fi)
(edit)
- People who cannot get past the captive portal for other reasons, such as the captive portal imposing TLS 1.3 on older software (forced obsolescence), or anything else that fails technically, like DNS breakage preventing the captive portal’s hostname from resolving.
And because simply turning on Wi-Fi in public enables all iPhones in your range to automatically snoop, collect your wi-fi params including SSIDs your device looks for before sending it to Apple, along with GPS fix and timestamp (according to research), there are people who:
- for privacy reasons object to being snooped on generally in this way
- boycott Apple already for any number of reasons, and who have enough discipline and resolve to oppose feeding profitable data to Apple – regardless of whether they actually care about the disclosure.
- boycott the fossil fuel industry, including Google who supplies AI to Totaal Oil to find drilling locations, and thus oppose feeding Google by way of Androids in range doing the same collection as Apple. (note it’s disputed whether Google actually mirrors Apple on this to the extent of Apple)
Someone should let the IT staff know that wi-fi does not work for everyone, including:
HI there. I’m someone in IT for a Public Library so let me review these points.
People running a free software platform that lacks support for a wifi NIC that needs a proprietary driver and firmware
That’s a you and your hardware problem, not a public library IT problem. You need to purchase hardware that is adequately supported by your chosen Operating System.
People running free software who ethically object to running the proprietary non-free driver and firmware their wifi NIC requires
This is a you and your hardware problem. Buy hardware that is adequately supported by your chosen Operating System.
People without a mobile phone to perform the captive portal-mandated SMS verfication
This one is a semi-serious complaint however I’ve never seen a portal system where the Librarian’s didn’t have the ability to issue a day pass for use. Aside from that you sound like someone who should be technically able to stand up an ephemeral phone number for the purpose of receiving SMS.
People with a mobile phone but who want to exercise their GDPR right to data minimization
Same as above.
Pro-environment people who prefer not to spend 30 times more energy needed for wi-fi radios
What an absolutely petty complaint.
People who want the security of other wi-fi users not eavesdropping on their traffic by simply pointing a yagi antenna from a block away.
I’d bet that as soon as you enter a code your VPN stops being blocked. They’re not trying to block VPN they are preventing you from sidestepping their ToS.
I’ve dealt with Patrons like you before and the instant someone starts yammering at me about ClearNet / Tor I know exactly what kind of person I’m dealing with.
You selected your path for whatever reasons you chose and the inconveniences that come with that path are yours to deal with. Suck it up buttercup, you weren’t promised that a privacy respecting internet lifestyle would be easy or convenient.
BTW if you’d plugged your laptop into one of my systems you’d have gotten vlan’d into the same Captive Portal System that the WiFi has which is precisely how any publicly available Ethernet port should function. Your little length of wires coated in vinyl with plastic shoved on the ends still wouldn’t have gotten you where you wanted to go.
I’ve dealt with Patrons like you before and the instant someone starts yammering at me about ClearNet / Tor I know exactly what kind of person I’m dealing with.
You selected your path for whatever reasons you chose and the inconveniences that come with that path are yours to deal with. Suck it up buttercup, you weren’t promised that a privacy respecting internet lifestyle would be easy or convenient.
I guess Meta, Google, Amazon and countless other companies are with you on this one for the ad and tracking riddled mass exploitation Internet of today.
I began my struggle with F/OSS and its drivers with Slackware V3 shortly after it’s release. I long ago memorized absolutely every argument you could possible come up with and have myself repeated many of them over the years. That doesn’t change the fact that Networks and Systems are not configured for your convenience and YOU are responsible for how your own damn hardware works.
Now get the hell off my lawn.
Now get the hell off my lawn.
We are in a public community on the open Internet here where the following is written in the sidebar :
- Be kind
Tor was created by the USA military and the USA government has funded with millions of dollars. Many years ago Tor had a negative word association to it. But not so much anymore. Countless volunteers run Tor nodes from home, and Tor is not that slow anymore as it used to. I use Tor myself because I strongly dislike all the tracking, snooping and scandals by large and even small companies. The Clearnet Internet has become a disastrous place :(
It’s a good point about the irrational Tor hostility. But note the more perverse absurdity with his comment: that a public library is “his lawn”. If his inability and unwillingness to equally serve the whole public would be just in the private sector, there would be no issue because everyone he disservices can refuse to do business with him.
What’s sickening here is he said “I’m someone in IT for a Public Library”. So he is operating a public service in an exclusive manner telling people /get off his lawn/, which was financed with public money. And ~7+ of 8 people are okay with that.
deleted by creator
it’s clearly there to be used, a lot of places have ethernet jacks for that…
the librarian is just a luddite and you probably had a black hoodie and a terminal open so she assumed you were selling fentanyl to pedophile ransomware communists…deleted by creator
Does the library provide ethernet jacks for patrons to use? If not then I can understand why a librarian would be surprised.
The reality despite what you or i might do, is that 99% of people don’t carry around an ethernet or hardwire in when there is available wifi.
The library might be public, but it’s still a good idea to communicate your intent or obtain permission prior to using someone else’s network in away they might deem to be unexpected.
“Do you have ethernet or wired internet?” is actually a common library question and the response from whoever works the front desk will likely tell you everything you need to know.
Or, and hear me out, approach everything with hostility \s
“Do you have ethernet or wired internet?” is actually a common library question and the response from whoever works the front desk will likely tell you everything you need to know.
Would you trust the reply somebody like the librarian in the OP gave you? Seems like the sort of person who would refuse to admit to any lack of knowledge and just bluster.
Do you trust every one-sided story to be entirely accurate of all details?
And what does trust have to do with it? Can we use Ethernet here? If the person says no, would you just walk around the building until you found a port and plugged in?
And what does trust have to do with it?
I think they mean trust in the librarian to genuinely know the policy and what should work. They tend not to in this case because ethernet has become obscure enough to be an uncommon question, if ever.
Another library had ethernet ports all down the wall next to desks. They were dead and no one used them. It was obvious that the librarian had no clue about whether the ports were even supposed to function. When I said they are dead and asked to turn them on or find out what’s wrong, they then figured that if the ports don’t work, it must be intentional. So the librarian’s understanding of the policy was derived from the fact that they were dysfunctional. Of course if they were intended to work but needed service, ethernet users are hosed because the librarian’s understanding of policy is guesswork. There is no proper support mechanism.
I asked a librarian at another library: I need to use Tor. Is it blocked? I need to know before I buy a membership. Librarian had no idea. They just wing it. They said test it. Basically, if it works, then it’s acceptable. The functionality becomes the source of policy under the presumption that everything is functioning as it should.
Since ethernet has been phased out, modern devices no longer include an ethernet NIC, and there are places to plug into A/C with no ethernet nearby, the librarians and the public are both conditioned to be unaware of ethernet. So the answer will only be either: no or test and see.
spoiler
asdfasdfsadfasfasdf
OP also wanted to know before “buying a membership”. In what world do you buy a membership to a library?
spoiler
asdfasdfsadfasfasdf
Do you trust every one-sided story to be entirely accurate of all details?
No, but for the sake of discussion in this thread, that is the scenario we’re all going by. We’re not rendering a legal judgement here, we’re discussing the situation as described.
In a public library, I would fully expect public-facing ethernet ports, especially in sitting / working areas, to be available for public use. I’m not sure why they would be there otherwise. And if they’re no longer meant for public use, it would be on the library IT staff to have disabled those ports.
what does trust have to do with it?
Because I don’t trust non-IT-savvy people to even properly understand the question. I’ve met way too many people with no technical clue who refuse to admit to any sort of lack of knowledge when it’s extremely obvious.
spoiler
asdfasdfsadfasfasdf
We could discuss all sorts of hypotheticals, including where there’s a secret supervillain base under the library and they’re about to assassinate OP for jacking into their network. It’s pointless because we’re not discussing an event we have any way of obtaining any other information about other than what OP has provided.
spoiler
asdfasdfsadfasfasdf
If the LIBRARIAN doesn’t understand this as a service the library offers - then they don’t offer it - or if you think they’re wrong you need to have an adult conversation that they do and that it should be ok. It’s weird to just assume you can go around sticking your cat5e into other peoples ethernet ports like that.
As far as people I’d trust to not just make shit up, I’d say Librarian, aka, professional fucking researcher is high on the list.
When I entered I spoke to a different librarian about the locked PC room (due to a holiday or something). They said I could use wifi but need to give a phone number to a captive portal, which I already knew. My phone was not on me so I said: is it okay if I plug in over there by the catalog PCs? They said yes. Revealing what I mean by "plugging in”, well, i was vague for a reason. I know the population has become ethernet-hostile¹ so indeed asking for forgiveness is better than asking for permission in this situation.
¹ Another library in the area has ethernet ports but they are just decoys (dead ports). I asked the librarian what the problem is, why they are disabled, and whether we can turn them on. Librarian was helpless, and said “use wifi”, which didn’t work for me for different reasons than the other library. But the librarian basically said in so many words “not our problem… you can just use wifi.” At another library, I was able to connect but Tor was blocked. I tried to get support from the librarian. They had no clue but were also unwilling to lead me to someone who could give support. The way it works around here is the info systems are outsourced to some unreachable tech giant, and the librarians are rendered helpless. If the SSID does not appear, the librarian can send an email to someone to say it’s down, and that’s about the full extent of their tech capability.
Why didn’t you tell this librarian that you’d asked another librarian and they said it was okay to plug in? Why was none of this included in the original post?
The librarian who said it was okay to plugin (which they likely understood to mean plugin an A/C power cord) was young, not as senior as the edgy librarian. I’m not going to take down a kid and get them in trouble for not picking apart what it means when someone asks if they can “plug-in”.
People like Trump will throw his supporters under the bus when self-defense calls for it. I will not.
What would the point be? I didn’t need a defense. I got scolded and was walking out. Since I was calm, the librarian became calm. Police were not called and I was not detained. And if that had happened, I would have exercised my right to remain silent anyway.
You sound insufferable. You used vague wording to justify not using your phone to get internet, and act like child when you get caught. They’re not hostile to Ethernet, they’re hostile to you and your behaviour.
You set a great example of getting mad at a removed eating crackers.
I merely tried to get online using an ethernet cable. I didn’t get hostile. I was calm. And because I was calm, the librarian became calm. The only hostility was in the librarian’s single opening comment to me, and what you see in this thread.
Could I be in the wrong? No, it must be literally everyone else in this entire thread / national library network.
Grow up. You set out to get in trouble, you got yourself in trouble, no one is impressed.
Could I be in the wrong? No, it must be literally everyone else in this entire thread / national library network.
Is your position so weak that you need to resort to a bandwagon fallacy?
Grow up.
and an ad hominem?
You demonstrate being a grown up by avoiding ad hominems in favor of logically sound reasoning.
Another library in the area has ethernet ports but they are just decoys (dead ports). I asked the librarian what the problem is, why they are disabled, and whether we can turn them on.
They’re not decoys, they’re just not patched. Because we don’t generally patch anything that’s not going to be in use. Also because some rando will probably attempt to plug their nasty ass laptop into it, which is also why we block port intrusions.
Good luck with that here. No port you can access will give you a IP If its hot at all. We don’t allow patron machines to use Ethernet since it bypasses the QOS setting for the public WiFi. We also don’t have any requirements to connect to our WiFi.
The reason for not allowing this is simple. We had several people come in and abuse usage of wired connections. Specifically people with consoles that thought it was okay to come in and kill our Patron vlan to download that fifty gig update for their console.
Meh. So my point of view is that qos for Internet is better done at layer 3. Layer 2 qos has its place, but layer 3 is going to let you prioritise services better.
Moreso, if you do it at layer 3 you don’t need to worry about people using ethernet. Every person using ethernet is one less using the extremely finite resources WiFi has. Every active station puts a load on WiFi, less so with the latest versions but they still exhibit a lot of the same problems that mean many workstations can kill WiFi performance.
If you setup your network right (you can actually, although I’ve not seen it too often, setup guests networks on ethernet before WiFi, such that stations cannot see eachother directly) there’s no reason at all to fear ethernet.
The wifi is for public use. The Ethernet isn’t. How is that so hard to understand?
My first reaction is yeah, you don’t just plug into random Ethernet.
The wi-fi is likely a visitor network setup for guests to the library. That ethernet port could provide access to their private intranet, and be a security risk to the library. Worst case scenario, it could result in malware, ransomware, and/or millions of dollars in expenses to recover (on a library budget, that could mean permanently shutting down the library even).
After reading your post, I would say, no harm intended, just don’t do it again.
After reading your comments about intentionally being vague about ‘plugging in’ to lead the librarian to think you were asking to plug in a power cord, and not specifically meaning ethernet connection… yeah, you’re clearly in the wrong. Just be up front; if they say no, so be it. They may be able to direct you to a visitor ethernet plug-in, or maybe not. If this were an AITA thread, i’d say yes, YTA in this case.
Asking in an security community… I would assume some level of technical awareness, and you are likely well aware of network segmentation, and that no IT department would be happy about a guest plugging their laptop into random rj-45 jacks around the building. Maybe it’s not well designed, and that actually has access to firewall administration?
After reading your post, I would say, no harm intended, just don’t do it again.
You may be misunderstanding the thesis. This is not really about staying out of trouble. Or more precisely, as an activist up to my neck in trouble it’s about getting into the right trouble. The thesis is about this trend of marginalising people with either no phone and/or shitty wifi gear/software and a dozen or so demographics of people therein who do not so easily give up their rights. It’s about exclusivity of public services funded with public money. Civil disobedience is an important tool for justice outside of courts.
The security matter is really about competency and cost. The main problem is likely in the requirements specification conveyed to the large tech firms that received the contract. From where I sit, it appears they were simply told “give people wifi”, probably by people who don’t know the difference between wifi and internet. In which case the tech supplier should have been diligent and competent enough to ask “do you want us to exclude segments of the public who have no wifi gear and those without phones?”
spoiler
asdfasdfsadfasfasdf
If it was a publicly available Ethernet port, it was likely for public use. The fact that she thought it was malicious speaks to ignorance on her part, not yours.
Even ignoring that, if internet via a wired ethernet connection isn’t an option they provide for whatever reason… their network infrastructure shouldn’t allow the connection anyway. It should be blocked as an unknown device on the network end, regardless if someone plugs into the network.
Yeah, having services blocked on Wi-Fi and not ethernet just tells me that their IT staff didn’t properly configure the network in public areas properly. That ethernet port should have been disabled, physically locked, or properly configured to use the public network like the Wi-Fi does.
Exactly, and let’s give them the benefit of the doubt since we don’t know. The librarian or assistant helping OP probably just doesn’t know much about the IT stuff other than how to help people get on the wifi. And it is entirely possible that they’re NEVER seen anyone even try the port before, that’s not common at all. Actually managing the IT infrastructure at that level is almost surely NOT part of their job.
WiFi has been included in essentially everything for over a decade. I mean even ignoring laptops having Wifi way before mobile devices, even going back to the origin of smartphones for the masses, the original iPhone had Wifi back in 2007, that’s 17 years ago.
Oh I’ve got nothing against how the librarians handled it. I’m more concerned that their IT staff failed to properly shield the library from liabilities like OP.
have a principled objection to a service financed by public money forcing people to install and execute proprietary non-free software on their own hardware
You are on spot there, but sadly even legislators are far from understanding the reasons why this matters so much, let alone the general public.
Whatever security policy they have, it shouldn’t require you installing a random executable to your system. And it was flawed enough that it didn’t care to give your device access.
And by the way, it’s so awesome you carry an ethernet cable around!!
Well, you were trying to bypass one of their security measures. They require SMS verification so that they can track you in case you break their rules. Presumably this is why they also block other means of anonymizing yourself.
Well, you were trying to bypass one of their security measures.
I was not carrying my phone. Thus bypassing the reckless policy of a tax-funded public resource to exclusively serve people who entered the private marketplace to obtain mobile phone service, in violation of article 21¶2 of the Universal Declaration of Human Rights:
“Everyone has the right of equal access to public service in his country.”
Sounds like a her problem.
