Path: news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail
From: Martin Brown <'''newspam'''@nonad.co.uk>
Newsgroups: sci.electronics.design
Subject: Re: public APs
Date: Sun, 4 May 2025 16:47:36 +0100
Organization: A noiseless patient Spider
Lines: 101
Message-ID: <vv826o$29e9f$2@dont-email.me>
References: <vv624s$e8eb$1@dont-email.me> <vv7abp$1j49u$2@dont-email.me>
 <vv7mn7$1u0bf$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 04 May 2025 17:47:37 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="1fa705ce4930303582e9abbeafd0d783";
	logging-data="2406703"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX19G288HBih1abXupUNC191HJBWVNCmwBUqr2yDHrNyUtg=="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:KmmAufqsmAXWVH90DpS50TRZqy8=
Content-Language: en-GB
In-Reply-To: <vv7mn7$1u0bf$1@dont-email.me>

On 04/05/2025 13:31, Don Y wrote:
> On 5/4/2025 2:00 AM, Martin Brown wrote:
>> On 03/05/2025 22:34, Don Y wrote:
>>> I seldom use public wifi.  But, had the occasion to TRY to do so
>>> at a local library branch.
>>>
>>> Dismayed to find no HTTPS support; they apparently have an
>>> "agent" interposed between all network accesses.
>>>
>>> Is this common?  I.e., how do people do banking or other
>>> "secure" transactions?  Or, do they just use them to
>>> "check pricing" at other stores?
>>
>> The one in my public library is properly secure. In fact it is so 
>> secure that some of the libraries own computers won't talk to it at 
>> the moment after a recent upgrade to the Wifi router.
> 
> Oops!  Are the "library's own computers" connected wirelessly to their
> network provider?
> 
> Here, the workstations IN the library -- and the computers used by the
> librarians -- have wired connections.  The wireless AP is only for
> the convenience of people who want to bring their own laptop into
> the coverage area *or* (more commonly) their cell phone (to avoid
> "data plan" charges as well as homeless people who don't have a
> "home" in which to have wired service.

The immovable ones are wired in, but the portables that are brought out 
and used when it is busy or for schools computing classes are not. They 
rely on the Wifi - but are chained to the desk for other reasons.
> 
> Bringing your own bit of kit in allows you to avoid any snoop-ware
> that may be installed on the "public access" machines on the library's
> wired network (there are no options to connect to the wired network
> other than using a prewired machine).

The network access password is displayed.

> And, the whole point of HTTPS is to safeguard against MitM attacks
> and spoofing.  (else, your ISP could just as easily be snooping
> your traffic; I suspect some of the bigger/national ISPs here
> regularly watch for torrent traffic, warez sites, etc.)
> 
> [The library implements some sort of black/white-listing service
> but I suspect it is contracted out as they don't have the skills
> or "internet awareness" to know what might be "inappropriate use"]
> 
> The question posed is whether or not "every" such AP (coffee shops,
> department stores, doctor offices, etc.) has such a MitM proxy
> in place, censoring transactions.  And, if not, WHY not?  (this
> seems a social vulnerability)

IDK for sure but I suspect libraries connect to the internet through 
some national government gateway that blocks most really dodgy sites. 
Their in house computer expertise is essentially nil.
> 
>> I have a portable sat on my desk that I need to reset the 
>> forgotten/not known admin password for right now. Unable to install 
>> the latest network drivers because they don't know what the admin 
>> password was set to by someone about 5 
> 
> I put sticky labels on each of my devices with the UID of the
> "priviledged user" along with the password.  I figure if someone
> has broken into my home, a password is not going to deter them
> from taking what they want (I don't encrypt disk drives)
> 
> [FBI visited the local library branch some time ago and carted
> off a workstation.  Apparently, someone had sent a threatening
> note using it (so they obviously track traffic and connection
> history).  Biggest privacy risk, IMHO, is using their printer
> as it caches documents on an internal disk...]

Most printers also leave a hidden signature on every document they print 
(in very faint yellow dots). Illuminate in pure blue light to see them.
> 
>> years ago. Yes their PCs are quite elderly and run into the ground but 
>> plenty good enough for web browsing. For some reason the "L" key 
>> consistently seems to wear out fastest to blank - any ideas why?
>>
>> Followed by S, C, H, N, D & O but they still remain legible (sort of).
> 
> I don't "touch type" but my fingers tend to know where the
> keys are, regardless of label (though there seems to be
> a noted differential in nerve impulse propagation that
> leads to "teh" instead of "the", etc.)
> 
> I periodically clean the keyboards, removing the keycaps and
> soaking them in soapy water.  Then, after drying, test my memory
> of the keyboard layout by putting them back in place, unaided.
> 
>> Only the very top left half trace of the vertical for the L remains.
> 
> My mice tend to see more wear than the keyboard.  Of course,
> fewer "keys" involved there.

The mouse buttons gradually develop a high polish. At least with modern 
optical ones you no longer have to remove the rubber ball the defur it!

-- 
Martin Brown