• 4 Posts
  • 10 Comments
Joined 1 year ago
cake
Cake day: October 16th, 2023

help-circle
  • In that sense, it implies that we were encroaching on his space, when in fact he entered this thread (like his handle: a bulldozer) to demand that people recognize an approach to sysadministration that does not respect equal rights, privacy, or the environment, and ultimately undermines human rights and promotes consumerism to ease his job at his competency level, as if the public is expected to serve him. It’s not his lawn in either sense of the meaning.

    He made it quite he expects everyone to go through hoops to make his job convenient when he said:

    “That doesn’t change the fact that Networks and Systems are not configured for your convenience”

    I can imagine that the guy wants to secure his network and is maybe paranoid about people breaking in which seems fair to me,

    It would be a malpractice of security. Security is about confidentiality, integrity, and availability. To reduce availability needlessly is to work against security. If availability were not essential to security, then you would just unplug the all machines, making the internet unusuable to everyone, and call it “secure”. A competent admin can securely offer internet service to people without phones, and people without a wifi card.


  • It’s a good point about the irrational Tor hostility. But note the more perverse absurdity with his comment: that a public library is “his lawn”. If his inability and unwillingness to equally serve the whole public would be just in the private sector, there would be no issue because everyone he disservices can refuse to do business with him.

    What’s sickening here is he said “I’m someone in IT for a Public Library”. So he is operating a public service in an exclusive manner telling people /get off his lawn/, which was financed with public money. And ~7+ of 8 people are okay with that.



  • After reading your post, I would say, no harm intended, just don’t do it again.

    You may be misunderstanding the thesis. This is not really about staying out of trouble. Or more precisely, as an activist up to my neck in trouble it’s about getting into the right trouble. The thesis is about this trend of marginalising people with either no phone and/or shitty wifi gear/software and a dozen or so demographics of people therein who do not so easily give up their rights. It’s about exclusivity of public services funded with public money. Civil disobedience is an important tool for justice outside of courts.

    The security matter is really about competency and cost. The main problem is likely in the requirements specification conveyed to the large tech firms that received the contract. From where I sit, it appears they were simply told “give people wifi”, probably by people who don’t know the difference between wifi and internet. In which case the tech supplier should have been diligent and competent enough to ask “do you want us to exclude segments of the public who have no wifi gear and those without phones?”




  • Someone should let the IT staff know so they can properly block those services on ethernet as well.

    Someone should let the IT staff know that wi-fi does not work for everyone, including:

    • People running a free software platform that lacks support for a wifi NIC that needs a proprietary driver and firmware
    • People running free software who ethically object to running the proprietary non-free driver and firmware their wifi NIC requires
    • People without a mobile phone to perform the captive portal-mandated SMS verfication
    • People with a mobile phone but who want to exercise their GDPR right to data minimization
    • Climate activists who prefer not to spend 30 times more energy needed for wi-fi radios
    • People who want the security of other wi-fi users not eavesdropping on their traffic by simply pointing a yagi antenna from a block away (on a network that blocks the VPNs that would protect them from that on wi-fi)

    (edit)

    • People who cannot get past the captive portal for other reasons, such as the captive portal imposing TLS 1.3 on older software (forced obsolescence), or anything else that fails technically, like DNS breakage preventing the captive portal’s hostname from resolving.

    And because simply turning on Wi-Fi in public enables all iPhones in your range to automatically snoop, collect your wi-fi params including SSIDs your device looks for before sending it to Apple, along with GPS fix and timestamp (according to research), there are people who:

    • for privacy reasons object to being snooped on generally in this way
    • boycott Apple already for any number of reasons, and who have enough discipline and resolve to oppose feeding profitable data to Apple – regardless of whether they actually care about the disclosure.
    • boycott the fossil fuel industry, including Google who supplies AI to Totaal Oil to find drilling locations, and thus oppose feeding Google by way of Androids in range doing the same collection as Apple. (note it’s disputed whether Google actually mirrors Apple on this to the extent of Apple)

  • The librarian who said it was okay to plugin (which they likely understood to mean plugin an A/C power cord) was young, not as senior as the edgy librarian. I’m not going to take down a kid and get them in trouble for not picking apart what it means when someone asks if they can “plug-in”.

    People like Trump will throw his supporters under the bus when self-defense calls for it. I will not.

    What would the point be? I didn’t need a defense. I got scolded and was walking out. Since I was calm, the librarian became calm. Police were not called and I was not detained. And if that had happened, I would have exercised my right to remain silent anyway.


  • And what does trust have to do with it?

    I think they mean trust in the librarian to genuinely know the policy and what should work. They tend not to in this case because ethernet has become obscure enough to be an uncommon question, if ever.

    Another library had ethernet ports all down the wall next to desks. They were dead and no one used them. It was obvious that the librarian had no clue about whether the ports were even supposed to function. When I said they are dead and asked to turn them on or find out what’s wrong, they then figured that if the ports don’t work, it must be intentional. So the librarian’s understanding of the policy was derived from the fact that they were dysfunctional. Of course if they were intended to work but needed service, ethernet users are hosed because the librarian’s understanding of policy is guesswork. There is no proper support mechanism.

    I asked a librarian at another library: I need to use Tor. Is it blocked? I need to know before I buy a membership. Librarian had no idea. They just wing it. They said test it. Basically, if it works, then it’s acceptable. The functionality becomes the source of policy under the presumption that everything is functioning as it should.

    Since ethernet has been phased out, modern devices no longer include an ethernet NIC, and there are places to plug into A/C with no ethernet nearby, the librarians and the public are both conditioned to be unaware of ethernet. So the answer will only be either: no or test and see.


  • When I entered I spoke to a different librarian about the locked PC room (due to a holiday or something). They said I could use wifi but need to give a phone number to a captive portal, which I already knew. My phone was not on me so I said: is it okay if I plug in over there by the catalog PCs? They said yes. Revealing what I mean by "plugging in”, well, i was vague for a reason. I know the population has become ethernet-hostile¹ so indeed asking for forgiveness is better than asking for permission in this situation.

    ¹ Another library in the area has ethernet ports but they are just decoys (dead ports). I asked the librarian what the problem is, why they are disabled, and whether we can turn them on. Librarian was helpless, and said “use wifi”, which didn’t work for me for different reasons than the other library. But the librarian basically said in so many words “not our problem… you can just use wifi.” At another library, I was able to connect but Tor was blocked. I tried to get support from the librarian. They had no clue but were also unwilling to lead me to someone who could give support. The way it works around here is the info systems are outsourced to some unreachable tech giant, and the librarians are rendered helpless. If the SSID does not appear, the librarian can send an email to someone to say it’s down, and that’s about the full extent of their tech capability.