I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scripts and configs to use clearnet, so the library’s internet is useless to me (unless I bother to try a tor bridge).
I was packing my laptop and a librarian spotted me unplugging my ethernet cable and approached me with big wide open eyes and pannicked angry voice (as if to be addressing a child that did something naughty), and said “you can’t do that!”
I have a lot of reasons for favoring ethernet, like not carrying a mobile phone that can facilitate the SMS verify that the library’s captive portal imposes, not to mention I’m not eager to share my mobile number willy nilly. The reason I actually gave her was that that I run a free software based system and the wifi drivers or firmware are proprietary so my wifi card doesn’t work¹. She was also worried that I was stealing an ethernet cable and I had to explain that I carry an ethernet cable with me, which she struggled to believe for a moment. When I said it didn’t work, she was like “good, I’m not surprised”, or something like that.
¹ In reality, I have whatever proprietary garbage my wifi NIC needs, but have a principled objection to a service financed by public money forcing people to install and execute proprietary non-free software on their own hardware. But there’s little hope for getting through to a librarian in the situation at hand, whereby I might as well have been caught disassembling their PCs.
The reality despite what you or i might do, is that 99% of people don’t carry around an ethernet or hardwire in when there is available wifi.
The library might be public, but it’s still a good idea to communicate your intent or obtain permission prior to using someone else’s network in away they might deem to be unexpected.
“Do you have ethernet or wired internet?” is actually a common library question and the response from whoever works the front desk will likely tell you everything you need to know.
“Do you have ethernet or wired internet?” is actually a common library question and the response from whoever works the front desk will likely tell you everything you need to know.
Would you trust the reply somebody like the librarian in the OP gave you? Seems like the sort of person who would refuse to admit to any lack of knowledge and just bluster.
Do you trust every one-sided story to be entirely accurate of all details?
And what does trust have to do with it? Can we use Ethernet here? If the person says no, would you just walk around the building until you found a port and plugged in?
Do you trust every one-sided story to be entirely accurate of all details?
No, but for the sake of discussion in this thread, that is the scenario we’re all going by. We’re not rendering a legal judgement here, we’re discussing the situation as described.
In a public library, I would fully expect public-facing ethernet ports, especially in sitting / working areas, to be available for public use. I’m not sure why they would be there otherwise. And if they’re no longer meant for public use, it would be on the library IT staff to have disabled those ports.
what does trust have to do with it?
Because I don’t trust non-IT-savvy people to even properly understand the question. I’ve met way too many people with no technical clue who refuse to admit to any sort of lack of knowledge when it’s extremely obvious.
And what does trust have to do with it?
I think they mean trust in the librarian to genuinely know the policy and what should work. They tend not to in this case because ethernet has become obscure enough to be an uncommon question, if ever.
Another library had ethernet ports all down the wall next to desks. They were dead and no one used them. It was obvious that the librarian had no clue about whether the ports were even supposed to function. When I said they are dead and asked to turn them on or find out what’s wrong, they then figured that if the ports don’t work, it must be intentional. So the librarian’s understanding of the policy was derived from the fact that they were dysfunctional. Of course if they were intended to work but needed service, ethernet users are hosed because the librarian’s understanding of policy is guesswork. There is no proper support mechanism.
I asked a librarian at another library: I need to use Tor. Is it blocked? I need to know before I buy a membership. Librarian had no idea. They just wing it. They said test it. Basically, if it works, then it’s acceptable. The functionality becomes the source of policy under the presumption that everything is functioning as it should.
Since ethernet has been phased out, modern devices no longer include an ethernet NIC, and there are places to plug into A/C with no ethernet nearby, the librarians and the public are both conditioned to be unaware of ethernet. So the answer will only be either: no or test and see.
As far as people I’d trust to not just make shit up, I’d say Librarian, aka, professional fucking researcher is high on the list.
Would you trust the reply somebody like the librarian in the OP gave you?
I mean, if the answer is “no” would you just go around plugging into random Ethernet ports until you found one that works? Just because you don’t “trust” the librarian who gave you the answer? That sounds like a fast track to getting trespassed (or at least banned from using their public internet altogether) for abuse of services.
The library isn’t required to provide free Ethernet. They aren’t even required to provide free wifi. But they choose to do so because they recognize that wifi is a big reason people will come to a library to spend time. Which is sort of the whole point of the library. So providing free wifi goes hand-in-hand with the library’s ultimate mission.
But that wifi is provided on an as-is basis, because they can’t guarantee things like 100% uptime, good speeds, or any kind of troubleshooting. And any potential ethernet connection would also be as-is. And in this case, “as-is” could easily translate to “not available to the public at all.” Because again, the library isn’t required to provide any of it.
When I entered I spoke to a different librarian about the locked PC room (due to a holiday or something). They said I could use wifi but need to give a phone number to a captive portal, which I already knew. My phone was not on me so I said: is it okay if I plug in over there by the catalog PCs? They said yes. Revealing what I mean by "plugging in”, well, i was vague for a reason. I know the population has become ethernet-hostile¹ so indeed asking for forgiveness is better than asking for permission in this situation.
¹ Another library in the area has ethernet ports but they are just decoys (dead ports). I asked the librarian what the problem is, why they are disabled, and whether we can turn them on. Librarian was helpless, and said “use wifi”, which didn’t work for me for different reasons than the other library. But the librarian basically said in so many words “not our problem… you can just use wifi.” At another library, I was able to connect but Tor was blocked. I tried to get support from the librarian. They had no clue but were also unwilling to lead me to someone who could give support. The way it works around here is the info systems are outsourced to some unreachable tech giant, and the librarians are rendered helpless. If the SSID does not appear, the librarian can send an email to someone to say it’s down, and that’s about the full extent of their tech capability.
Another library in the area has ethernet ports but they are just decoys (dead ports). I asked the librarian what the problem is, why they are disabled, and whether we can turn them on.
They’re not decoys, they’re just not patched. Because we don’t generally patch anything that’s not going to be in use. Also because some rando will probably attempt to plug their nasty ass laptop into it, which is also why we block port intrusions.
Why didn’t you tell this librarian that you’d asked another librarian and they said it was okay to plug in? Why was none of this included in the original post?
The librarian who said it was okay to plugin (which they likely understood to mean plugin an A/C power cord) was young, not as senior as the edgy librarian. I’m not going to take down a kid and get them in trouble for not picking apart what it means when someone asks if they can “plug-in”.
People like Trump will throw his supporters under the bus when self-defense calls for it. I will not.
What would the point be? I didn’t need a defense. I got scolded and was walking out. Since I was calm, the librarian became calm. Police were not called and I was not detained. And if that had happened, I would have exercised my right to remain silent anyway.
I wouldn’t want you on my network either to be fair. People like you should be kept in an isolated area of the network with a proxy pointing all your traffic to resolve Italkaloadofshit.com
Jumped up little twat.
Does the library provide ethernet jacks for patrons to use? If not then I can understand why a librarian would be surprised.
yeah OP needs to provide this detail specifically as it changes everything.
If the Ethernet jack was not on a desk, then it wasn’t there for them to use. If they unplugged a cable to make it accessible, that is unfortunately enough to be considered tampering.
If an Ethernet jack was not expressly provided, unoccupied, at the technology access station then yes the access to Ethernet information facilities was unauthorized and illegitimate and could carry legal ramifications. Say what you want about proprietary wifi drivers, you get the access you are given and any attempts to gain further access without authorization are defined as intrusion attempts and will more likely than not be treated as such to some degree. Because honestly, the libraries aren’t funded enough to have great security and Ethernet security is harder than WiFi security in practice, despite the challenges being characterized by the same principles.
Yeah, any half decent city IT department will at least be using port filtering for their switches anyways. Unless a port is specifically set up to provide open access to the internet, all OP would be able to do is bonk against the city IT’s MAC address filter until the port was disabled for having an unrecognized device/suspicious activity.
In my building, (and pretty much any city building I’ve ever worked in,) only specific ports were set up to provide open internet access. And usually those ports are in places that need to be unlocked, and which OP wouldn’t have ready access to without a fun little bit of breaking and entering. Because those ports aren’t intended for the general public to use; They’re meant for presenters, speakers, clients who have rented a room for the day, etc… The general public is meant to use the free wifi. Because there’s a different level of service expected if you’re renting a room, vs simply camping out all day in the quiet study area.
When OP tries to bypass that by plugging straight in, the switch will just go “lol git fukd loser” and disable the port. Of fucking course they weren’t able to access anything, because the port isn’t there for OP; It’s for the IT department to be able to use whenever they need to set up a new computer, or book checkout station, or simply to plug their city-owned laptop in to be able to use the city network.
I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scripts and configs to use clearnet, so the library’s internet is useless to me (unless I bother to try a tor bridge).
Yeah… Trying to bypass their security by using ethernet instead of Wi-Fi to use your own stuff that’s being blocked is tantamount to abusing the library’s services. Someone should let the IT staff know so they can properly block those services on ethernet as well.
They should just be disabling the ports, frankly. The overwhelming majority of visitors will never miss them. If you need to use a computer on an Ethernet connection because you can’t/won’t use the Wi-Fi, most libraries provide desktop stations for you to use.
Keep some Wi-Fi USB dongles in the drawer at the front desk for people whose Wi-Fi isn’t working, or the extreme edge case where somebody has some sort of device that can only use an ethernet connection, and for some reason they brought it to the library.
Someone should let the IT staff know so they can properly block those services on ethernet as well.
Someone should let the IT staff know that wi-fi does not work for everyone, including:
- People running a free software platform that lacks support for a wifi NIC that needs a proprietary driver and firmware
- People running free software who ethically object to running the proprietary non-free driver and firmware their wifi NIC requires
- People without a mobile phone to perform the captive portal-mandated SMS verfication
- People with a mobile phone but who want to exercise their GDPR right to data minimization
- Climate activists who prefer not to spend 30 times more energy needed for wi-fi radios
- People who want the security of other wi-fi users not eavesdropping on their traffic by simply pointing a yagi antenna from a block away (on a network that blocks the VPNs that would protect them from that on wi-fi)
(edit)
- People who cannot get past the captive portal for other reasons, such as the captive portal imposing TLS 1.3 on older software (forced obsolescence), or anything else that fails technically, like DNS breakage preventing the captive portal’s hostname from resolving.
And because simply turning on Wi-Fi in public enables all iPhones in your range to automatically snoop, collect your wi-fi params including SSIDs your device looks for before sending it to Apple, along with GPS fix and timestamp (according to research), there are people who:
- for privacy reasons object to being snooped on generally in this way
- boycott Apple already for any number of reasons, and who have enough discipline and resolve to oppose feeding profitable data to Apple – regardless of whether they actually care about the disclosure.
- boycott the fossil fuel industry, including Google who supplies AI to Totaal Oil to find drilling locations, and thus oppose feeding Google by way of Androids in range doing the same collection as Apple. (note it’s disputed whether Google actually mirrors Apple on this to the extent of Apple)
Someone should let the IT staff know that wi-fi does not work for everyone, including:
HI there. I’m someone in IT for a Public Library so let me review these points.
People running a free software platform that lacks support for a wifi NIC that needs a proprietary driver and firmware
That’s a you and your hardware problem, not a public library IT problem. You need to purchase hardware that is adequately supported by your chosen Operating System.
People running free software who ethically object to running the proprietary non-free driver and firmware their wifi NIC requires
This is a you and your hardware problem. Buy hardware that is adequately supported by your chosen Operating System.
People without a mobile phone to perform the captive portal-mandated SMS verfication
This one is a semi-serious complaint however I’ve never seen a portal system where the Librarian’s didn’t have the ability to issue a day pass for use. Aside from that you sound like someone who should be technically able to stand up an ephemeral phone number for the purpose of receiving SMS.
People with a mobile phone but who want to exercise their GDPR right to data minimization
Same as above.
Pro-environment people who prefer not to spend 30 times more energy needed for wi-fi radios
What an absolutely petty complaint.
People who want the security of other wi-fi users not eavesdropping on their traffic by simply pointing a yagi antenna from a block away.
I’d bet that as soon as you enter a code your VPN stops being blocked. They’re not trying to block VPN they are preventing you from sidestepping their ToS.
I’ve dealt with Patrons like you before and the instant someone starts yammering at me about ClearNet / Tor I know exactly what kind of person I’m dealing with.
You selected your path for whatever reasons you chose and the inconveniences that come with that path are yours to deal with. Suck it up buttercup, you weren’t promised that a privacy respecting internet lifestyle would be easy or convenient.
BTW if you’d plugged your laptop into one of my systems you’d have gotten vlan’d into the same Captive Portal System that the WiFi has which is precisely how any publicly available Ethernet port should function. Your little length of wires coated in vinyl with plastic shoved on the ends still wouldn’t have gotten you where you wanted to go.
That’s a you and your hardware problem, not a public library IT problem. You need to purchase hardware that is adequately supported by your chosen Operating System.
Forcing people to buy more hardware is yet another variation of discrimination against the poor. Imposed needless consumerism is also reckless from an environmental standpoint. If you choose not to step your competency up to the level needed to serve the public without costing them more money, you’re only getting off the hook in the view of right-wing conservatives who are happy to have library service cheapened at the expense of equal rights.
Not being “your problem” is simply a problem of an ill-defined contract that allows irresponsible policy.
This is a you and your hardware problem. Buy hardware that is adequately supported by your chosen Operating System.
It’s not a hardware problem. It’s an ethics problem, and the problem is on your part whether you choose to acknowledge it or not. If you lack the higher level of competency needed to practice your trade ethically, you should try to gain the competency you need to be inclusive of people in different economic standings and diverse hardware.
This one is a semi-serious complaint however I’ve never seen a portal system where the Librarian’s didn’t have the ability to issue a day pass for use.
Not a single public library in my area has a day pass option as an alternative authentication. If the patron has no phone, the library helpless and the user is not getting online with their own device.
Aside from that you sound like someone who should be technically able to stand up an ephemeral phone number for the purpose of receiving SMS.
There is no way to get a phone or an active SIM chip gratis in my area. The only difference between a burner phone and a non-burner phone in my area is you quit using the burner phone early. It has all the same problems as a permanent phone. You can get a pinger number online, but it only works if you’re already online. Apart from that, your suggestion is absurd as an official policy in response to public complaint about phoneless people being officially excluded.
Same as above.
It fails here too, for the same reason.
What an absolutely petty complaint.
What an absolutely pathetic failure to support a claim to the contrary.
I’d bet that as soon as you enter a code your VPN stops being blocked. They’re not trying to block VPN they are preventing you from sidestepping their ToS.
This is not a /me/ problem. You are responding to a list of demographics of people who are excluded from a public service. If not every single person has a gratis VPN (and they don’t), this is a broken argument. To say every user must acquire a VPN because you cannot provide a means of access that thwarts the most trivial MitM possible is a reckless abandonment of duty.
I’ve dealt with Patrons like you before and the instant someone starts yammering at me about ClearNet / Tor I know exactly what kind of person I’m dealing with.
So your emotional bias adversely hinders your judgement and ability to service a diverse range of users. It shows.
You selected your path for whatever reasons you chose and the inconveniences that come with that path are yours to deal with. Suck it up buttercup, you weren’t promised that a privacy respecting internet lifestyle would be easy or convenient.
Inconveniences are borne out of the kind of incompetent infosec that you’re peddling. A competent tech firm can do this job without violating data minimisation principles and without violating Article 21 of the UDHR.
BTW if you’d plugged your laptop into one of my systems you’d have gotten vlan’d into the same Captive Portal System that the WiFi has which is precisely how any publicly available Ethernet port should function. Your little length of wires coated in vinyl with plastic shoved on the ends still wouldn’t have gotten you where you wanted to go.
And that would still be violating peoples’ Article 21 rights to equal access. Imposing a mobile phone is among the injustices I’ve mentioned. I would still favor the ethernet regardless of the captive portal for many of the reasons I’ve mentioned. In the very least it avoids discriminating against people without functioning wifi h/w.
I’ve dealt with Patrons like you before and the instant someone starts yammering at me about ClearNet / Tor I know exactly what kind of person I’m dealing with.
You selected your path for whatever reasons you chose and the inconveniences that come with that path are yours to deal with. Suck it up buttercup, you weren’t promised that a privacy respecting internet lifestyle would be easy or convenient.
I guess Meta, Google, Amazon and countless other companies are with you on this one for the ad and tracking riddled mass exploitation Internet of today.
Well, you were trying to bypass one of their security measures. They require SMS verification so that they can track you in case you break their rules. Presumably this is why they also block other means of anonymizing yourself.
Well, you were trying to bypass one of their security measures.
I was not carrying my phone. Thus bypassing the reckless policy of a tax-funded public resource to exclusively serve people who entered the private marketplace to obtain mobile phone service, in violation of article 21¶2 of the Universal Declaration of Human Rights:
“Everyone has the right of equal access to public service in his country.”
So the protected class they are discriminating against here is “doesn’t want to use wifi”?
You had the means to access the Internet, you chose not to use them.
So the protected class they are discriminating against here is “doesn’t want to use wifi”?
The protected class is the poor. The UDHR specifically protects people from discrimination on the basis of property. You cannot treat someone different under the UDHR for owning less property than someone else with regard to all the rights enshrined in the UDHR. Only serving people who bought a mobile phone and paid for a subscription violates that provision.
You had the means to access the Internet, you chose not to use them.
I did not have a mobile phone on me. I could have gone home to fetch my phone because incidentally I happened to have a phone with service at home. But I would not have had time to return to the library and complete my task before it closed.
I’ve also gone over 6 months with no phone service at all sometimes. If I were in one of those time periods, connecting would have been impossible. My phone access is touch and go. I let my service die whenever nothing critical comes up that demands it for a period of time.
And I will do it again. Not having a phone is a goal I will continue to meet, off and on, because it’s important to periodically test whether we have a right to unplug. It’s especially important to test this if you live in a GSM registration part of the world.
Why are you even in the library to begin with if you’re so opposed to how they manage their network?
If you want to complain, complain. Write to the city, start a petition, whatever.
But regardless of how it’s supposed to work legally, the day that you were in the library, there was a network security setting that was blocking you. You sought to get around that, and you’re not going to get any sympathy for trying to do so.
Just because it’s a public resource doesn’t mean you can break in after hours, and just because you don’t have a phone doesn’t give you permission to sidestep their security policies.
Why are you even in the library to begin with if you’re so opposed to how they manage their network?
How does one know how they manage their network before entering the library? The libraries that have ethernet /never/ advertise it. Only wi-fi is ever advertised. I have never seen a library elaborate on their wifi preconditions (which periodically change). This info is also not in OSMand, so if you are on the move and look for the closest library on the map, the map won’t be much help apart from a possible boolean for wifi. Some libraries have a captive portal and some do not. Among those with captive portals, some require a mobile phone with SMS verification and some do not. But for all of them, the brochure only shows the wifi symbol. You might say “call and ask”, but there are two problems with that: you need a phone with credit loaded. But even if you have that, it’s useful to know whether ethernet is available and the receptionist is unlikely to reliably have that info. Much easier to walk in and see the situation. Then when you ask what will be blocked after you get connected, that’s another futile effort that wastes time on the phone. It really is easier and faster to pop in and scope out the situation. Your device will give more reliable answers than the staff. But I have to wonder, what is your objection to entering a library to reliably discover how it’s managed in person?
Everyone has access, phone or not, just not when the PC room sometimes is closed due reasons.
You don’t have 24/7 access rights as far as I’m aware.
That’s not equal access. Everyone has equal access to the PCs running Firefox, but not everyone has equal access to BYoD internet service.
Is someone claiming we only need Firefox? If so, then you won’t mind if we scrap wifi altogether, right? BYoD internet service enables people to keep a data store with them which then connects periodically to operate on the persistent data in a collaborative way, which also empowers people to control the applications that are installed. That’s a different public service for difference purposes than a shared PC where your data does not persist and you cannot control the apps.
Please cite the definition of public service that includes all the things you’ve described; access to the internet via Ethernet on a personal machine running the various software you mentioned.
Quote the passage that outlines those details.
Why not take it a step further? I can’t get to the library so they’re denying me my human rights by not running cables right to my house so I can access it without that restriction.
The proof is in the money trail. If the library’s funding traces to a tax-funded government, it is a public service that encompasses all services offered by that institution. It’s also in state or national law that legislates for libraries to exist, which differs from one state to another.
If you want to find a clause that says “only people with wifi hardware may access the internet, and only if they have a mobile phone”, I suspect you’ll have a hard time finding that. At best, I could imagine you might find a sloppily written law that says “libraries shall offer wifi” without specifying the exclusion of others. But if you could hypothetically find that, it would merely be an indication of a national or state law that contradicts that country’s signature on the UDHR. So it’s really a pointless exercise.
Good luck with that here. No port you can access will give you a IP If its hot at all. We don’t allow patron machines to use Ethernet since it bypasses the QOS setting for the public WiFi. We also don’t have any requirements to connect to our WiFi.
The reason for not allowing this is simple. We had several people come in and abuse usage of wired connections. Specifically people with consoles that thought it was okay to come in and kill our Patron vlan to download that fifty gig update for their console.
Meh. So my point of view is that qos for Internet is better done at layer 3. Layer 2 qos has its place, but layer 3 is going to let you prioritise services better.
Moreso, if you do it at layer 3 you don’t need to worry about people using ethernet. Every person using ethernet is one less using the extremely finite resources WiFi has. Every active station puts a load on WiFi, less so with the latest versions but they still exhibit a lot of the same problems that mean many workstations can kill WiFi performance.
If you setup your network right (you can actually, although I’ve not seen it too often, setup guests networks on ethernet before WiFi, such that stations cannot see eachother directly) there’s no reason at all to fear ethernet.
Its gonna change soon anyway since we are getting new service with four times the bandwidth. For the first time I will be able to get netflow data since our current train wreck ISP(Windstream) wouldn’t give me so much as a read only snmp string on their managed routers. I will have all kinds of options after I replace them with something I can manage. They have this product called weconnect that give you all kinds of information only its hours out of date and sometimes not sequentially timestamped.
If you setup your network right (you can actually, although I’ve not seen it too often, setup guests networks on ethernet before WiFi, such that stations cannot see eachother directly) there’s no reason at all to fear ethernet.
Sure but this isn’t a corporate office with an IT team on call, this is a public library. They could hire someone who will go the extra mile to manage all of this and set the security up correctly, but they’re not likely to get that person or keep them around. Their patrons are not going to be so opposed to wifi that expending all this effort to keep the ethernet ports active will be worth that effort. Maybe in a college library, or a public library in a city center, but not your run of mill local branches.
As for finite wifi resources, I seriously doubt most public libraries would be so frequently at capacity that this becomes an issue, especially when many of them only allow clients for a couple hours at a time without renewing. They just need to scale up for their needs.
I would have expected a public library, run by the city to either use the existing Internet infrastructure from the city (e.g security already is handled) or be installed and maintained by some common city IT team.
Independent libraries sure can have a basic setup, but I’d still say one guy setting up the security outside of WiFi security would mean there’s no reason to fear ethernet connections, as they would provide the same level of security to their network, and likely more to the user (assuming it’s an insecure AP with portal).
In the case of the OP, I would find it far more likely that the actions of the staff member was more down to (understandable) ignorance of what they were doing and assuming connecting a wire means they’re trying to do something nefarious, just because noone else is, and/or hacking in all the movies looks just like that.
I apply QoS at the edge so wired or wireless doesn’t matter to us for performance but either one is still going to our Captive Portal and forcing you to agree to our ToS.
Fun Fact: I started applying QoS at the edge because of the people dragging their laptops in so they could Torrent. They’d blow out our bandwidth for everyone else and we were racking up DMCA warnings from our ISP.
