Interesting perspective, but I’d tend to argue that the technologies such as WiFi have massively increased inclusiveness and accessibility for magnitudes more people than it has raised issues for.
Not in the slightest¹. It has reduced inclusiveness. The groups being excluded were previously given full and equal access. To argue that nighttime access is possible is to inherently advocate for exclusive access to those who would sit on the sidewalk with their device while people who need access by other means are denied. What a bizarre and obscure corner case. It’d be somewhat elitist to be selective like that. Human rights calls for equal access to public services (UDHR Art.21¶2). That means if a service cannot be offered to all demographics it should be offered to no one.
It’s really hair-splitting esoterics to be concerned about what library access there is at night time on the sidewalk. Maybe it’s fair enough to say outside of hours there is no sense of equal access. I don’t want to die on the nighttime access hill either way. My post concerns equality during the day when the library doors are open. If there really is a notable need for nighttime access from the sidewalk, that can also be deployed in an egalitarian way by mounting exterior ethernet ports and removing the captive portals.
(edit)¹ well, Wi-Fi in the 2000s was inclusive because it did not generally come with a captive portal and it was offered in parallel to ethernet. Having Wi-Fi is an essential part of being inclusive now that wi-fi-only devices exist. But the way they are doing it in 2024 is exclusive, depending on the library. Some libraries still today do not have captive portals but that’s becoming more rare as libraries prioritize a paperless agreement above equal access.
I am also concerned with outsourcing. But worried about cloudflare are pretty far down the list. Adobe controlled DRM on most ebooks, and even third party cloud based catalogues, are way more concerning.
You’re thinking about the barriers and inconveniences to you personally. But when I speak about exclusivity, I’m talking about different demographics of people getting different treatment and different service. It’s unacceptible for a public service to say “sorry, some people just do not make the cut for the profile of those we are including.. our public service is only for people who subscribe to private GSM service” (precisely the demographic less in need of public service). It’s better to pull the plug to ensure equality than to create unequal access.
The DRM problem is not a problem of exclusivity w.r.t the public library, AFAICT, because the library secures whatever DRM rights are needed equally for all patrons. DRM does not cause someone who cannot afford a mobile phone to be refused service. Unless a DRM mechanism were to require an SMS verfication -- then I would be with you on that because that would be discriminatory and exclusive. Although I’ve heard that some forms of DRM prevent reading a page more than once. I can imagine that someone with an impairment of some kind might need to read a page more times than someone else to absorb the same book. In that case, DRM would indeed be adding to the exclusivity problem and would need a remedy in that regard. If a library could not negotiate an egalitarian deal in that case, then the egalitarian remedy is to drop that book from the library’s catalog completely, as that would ensure equal access.
Lets face it, the half dozen people per million (if that) who care about the FLOSS status of thier WiFi hardware’s firmware, probably are technically capable enough to find a way to access library resources securely more than most people!
It’s not a technical problem. It’s an ethical problem. When a public funded service is forces people to run proprietary non-free software on their own devices, it’s an abuse of public funding to needlessly force people into the private sector. In the US, the American Library Association has a bill of rights that states people are not to be excluded from the library based on their views or beliefs. Designing a library to only cater for people who are ethically okay with running non-free proprietary software would undermine that principle. It would be comparable to a public service denying service to vegans because of their ethical viewpoints.
Wouldn’t direct access to a library’s network via Ethernet in an uncontrolled manner pose a security risk though?
You would have to detail why. Ethernet offers /more/ security by not exposing users’ traffic and by avoiding MitM to a reasonable extent. It’s far easier to spoof a Wi-Fi AP from next door or even a block away than it would be to to plant an ethernet attached MitM box, which means getting behind the drywall or breaking into a utility room. Not to mention the mass surveillance of all iOS devices collecting data, timestamps, location of every other WiFi device in range and feeding that to Apple. Ethernet is trivially immune to that collection, whereas Wi-Fi users are exposed without a countermeaure. They can dynamically change their MAC daily or whatever but that’s not the only data being collected by Apple.
(edit) It’s worth noting as well that the NSA actually advises people not to use Wi-Fi.
Also, while propriety Wi-Fi and other technology-related solutions are sometimes frustrating, many libraries are ultimately budget constrained, making the use of standardized solutions far more economical than custom ones.
Economics does not justify excluding some demographics of people¹. If a public funded service cannot offer service in an equitable way, it’s better to not offer the service at all. When a public library offers a service, assumptions are then made in other contexts that the whole public has that access. Governments operate on the assumption that people they serve have access, and they use that assumption to remove analog means of contact and service. Some government offices have already closed their over-the-counter service. How was it that they could afford it previously but not anymore? Those budgets are themselves set by assumptions, like assumptions that everyone carries a mobile phone.
¹ exceptionally, public funding cannot for example cover every heart transplant everyone needs. But the library does not face those kinds of extremes. Ethernet cable is cheap enough. Getting people to agree to terms of service the old fashioned way (paper) is cheap enough. Priorities have to be really screwed up to be willing to exclude someone from service to save money on paper agreements.
1913 - library established in Houston by a black community. Years later, the city disbanded the all 8 black board members and shut the library down
1939 - 5 black people thrown out of a Virginia library for “disturbing the peace” (they were quietly reading).
1961 - Geraldine Edwards Hollis and eight other students from historically-black Tougaloo College — a group known as the Tougaloo Nine — held a sit-in at a “whites-only” public library in Jackson, Mississippi, as an act of civil disobedience.
1970 - the first meeting of the Black Caucus of the American Library Association formed to address the fact that the ALA wasn’t meeting the needs of Black library professionals.
The late 1990s started to become the sweet spot for library inclusion and governance. Everyone was welcome to access books and media without restriction.
In the 2000s, technology emerged in public libraries in a quite inclusive way. There some libraries had PCs and some had ethernet and/or Wi-Fi (free of captive portals). Anyone could use any of those technologies.
2024:
-
Ethernet becomes nearly non-existent, thus excluding:
- people running FOSS systems (which often lack FOSS Wi-Fi firmware)
- people with old hardware
- people who oppose the energy waste of Wi-Fi
- people who do not accept the security compromise of Wi-Fi (AP spoofing/mitm, traffic evesdropping, arbitrary tracking by all iOS and Android devices in range)
-
Wi-Fi service itself has become more exclusive at public libraries:
- captive portals -- not all devices can even handle a captive portal, full stop. Some captive portals are already imposing TLS 1.3 so people with slightly older hardware cannot even reach the ToS page. Some devices cannot handle a captive portal due to DNS resolution being dysfunctional before the captive portal is passed and the captive portal itself is designed to need DNS resolution.
- GSM requirement -- some public library captive portals now require patrons to complete an SMS verification. This of course excludes these demographics of people:
- People who do not own a mobile phone
- People who do not carry a mobile phone around with them
- People who do not subscribe to mobile phone service (due to poverty, or for countless privacy reasons)
- People who object to disclosing their mobile phone number and who intend to exercise their right to data minimisation (under the GDPR or their country’s version thereof)
-
Web access restrictions intensified:
- e-books outsourced to Cloudflared services, thus excluding all demographics of people who Cloudflare excludes.
- Invidious blocked. This means people who do not have internet at home have lost the ability to download videos to watch in their home.
- Egress Tor connections recently blocked by some libraries, which effectively excludes people whose systems are designed to use Tor to function. So if someone’s email account is on an onion service, those people are excluded from email.
There’s a bit of irony in recent developments that exclude privacy seekers who, for example, deliberately choose not to have a GSM phone out of protest against compulsory GSM registration with national IDs, because the library traditionally respects people’s privacy. Now they’re evolving to actually deny service to people for exercising their privacy rights.
There needs to be pushback to get public libraries back on track to becoming as inclusive as they were in the 1990s. A big part of the problem is outsourcing. The libraries are no longer administrating technology themselves. They have started outsourcing to tech giants like Oracle who have a commercial motivation to save money, which means marginalising demographics of people who don’t fit in their simplified canned workflow. When a patron gets excluded by arbitrary tech restrictions, the library is unable to remedy the problem. Librarians have lost control as a consequence of outsourcing.
One factor has improved: some libraries are starting to nix their annual membership fee. It tends to be quite small anyway (e.g. $/€ 5/year), so doesn’t even begin to offset those excluded by technology.
Some of them do, while some libraries proactively take steps to /block/ people who make egress Tor connections from the library’s network, which is a revolting contrast to the librarians who care. The same libraries who block Tor also impose SMS verification on Wi-Fi users. Note that article is US based and only the US has a “Library Bill of Rights”. Outside the US it’s quite a different story.
I wonder if it’s because privacy is in such a poor state of affairs in the US to start with that the US libraries are motivated to give some refuge.
Hate to be a party pooper but the author is a bit off. From the article:
It’s a place I can get free wifi and where I don’t have to explain myself to anyone in any way.
This is precisely where libraries demonstrate poor governance.
First of all by offering Wi-Fi and not ethernet the library discriminates against people with old hardware, people who oppose the non-FOSS firmware that Wi-Fi cards depend on as well as those who don’t want to expose their traffic to all eavesdroppers in range and those who prefer to avoid spoofed APs and those who would rather be less wasteful with energy. I do not think I’ve encountered any library in the past decade that intentionally offer ethernet. The very few I’ve encountered with open ethernet ports apparently offer it by accident (ports that were likely meant for the libraries own assets but unused and left inadvertently connected).
Even if you are in the included group who are happy to see ethernet users marginalised, among Wi-Fi users are those who are discrimated against because they do not have a mobile phone, thus cannot get past the Wi-Fi captive portal that demands SMS verification. Which also inherently discriminates against people whose devices cannot handle captive portals as well. So libraries are less of a refuge from corporate bullshit than they were in the past.
And that we can do it without a profit motive, simply because we think that’s the way it ought to be.
It’s great that the library itself is non-profit. But that only mitigates part of the problem brought by corporate commercial greed. The library needs to evolve to:
- help people find refuge from tech giants, which means not imposing mobile phones on the public and ideally go as far as offering access to FOSS PCs. It should be mostly FOSS PCs, and perhaps 1 or 2 Windows and MACs for those who have various special needs. Most libraries are 100% MS Windows with Chromium (possibly Firefox as an alternative) and the search engine default is Google. So library visitors are still being immersed in the same exploitive commercial environment that dominates homes and workplaces.
- the library blocks Youtube front-ends like Invidious but not Youtube, which ensures delivering an a profitable audience to Google. I realise the library has to avoid copyright violations, but Invidious is not a clear offender. It’s murky gray area but the library should be fighting for the people considering Invidious nodes are not being shut down which highlights the weakness of Google’s position.
- mention of lending out Rokus is a double-edged sword. Yes it’s keeping pace with the times to get people access to streams but Roku is a smart TV which doubles as spyware designed to enrich corporations. I’m not sure if there is a FOSS alternative. I’m tempted to say Kodi but it would then have to be installed on portable hardware that the library could lend.
- cut ties with all e-book suppliers who lock their books up into Cloudflare’s exclusive walled garden. Cloudflare should not be a gatekeeper for who gets access to e-books.
Our governmental structures and agencies should not be in the service of business,
Indeed. But when a library excludes those without mobile phones, they are serving the telephony industry and undermining the human right to equal access to public services.
The author himself, J.Hill, deployed this blog from a website that is inside an exclusive walled garden that discriminates against some demographis of people. I agree with his push to defend libraries from right-wing assholes and in that sense we are united. But a fight is also needed within the library systems to stop libraries from discriminating against some classes of people. They are outsourcing their technology to tech giants who have made library access exclusive.
I see a lot of downvotes on your comments on this thread and I wonder if it’s due to differences in nationality/geography/jurisdiction.
Guess I should answer this. The enormous class of people with mobile phones (likely 100% of those in this channel) are happy to be in the included group and amid any chatter about expanding the included group to include those without a phone (a segment they do not care about), they think: “that extra degree of egalitarian policy to support a more diverse group will cost more and yield nothing extra to me; yet that extra cost will be passed on to me.”
Which is true. And very few people among them care about boycott power because it’s rarely used by willful consumerist consumers of tech and telecom svc. But the ignorance is widespread failure to realise that as mobile phones become effectively a basic requirement for everyone, the suppliers will have even less incentive to win your business. The duopolies and triopolies can (and will) increase prices and reduce service quality as a consequence of that stranglehold. Most people are too naïve to realise the hold-out non-mobile phone customers are benefiting them even from the selfish standpoint of the mobile phone customers. And the fact that they are paying an invisible price with their data doesn’t occur to most people either, or how that loss of privacy disempowers them.
They will pay more in the end than if they had supported diversity and egalitarian inclusion.
I see that the relevant websites (FCC and lifelinesupport.org) both block Tor so you can’t be poor in need of the Lifeline and simultaneously care about privacy. Many parts of the US have extremely expensive telecom costs. I think I heard an avg figure of like $300/month (for all info svcs [internet,phone,TV]), which I struggle to believe but I know it’s quite costly nonetheless. One source says $300/month is the high end figure, not an avg. Anyway, a national avg of $144/month just for a mobile phone plan is absurdly extortionate.
About Lifeline:
Lifeline provides subscribers a discount on qualifying monthly telephone service, broadband Internet service, or bundled voice-broadband packages purchased from participating wireline or wireless providers. The discount helps ensure that low-income consumers can afford 21st century connectivity services and the access they provide to jobs, healthcare, and educational resources.
So they get a discount. But you say free? Does the discount become free if income is below a threshold? Do they get a free/discounted hardware upgrade every 2-3 years as well, since everyone is okay with the chronic forced obsolescence in the duopoly of platforms to choose from? In any case, I’m sure the program gets more phones into more needy hands, which would shrink the population of marginalized people. That’s a double edged sword. Shrinking the size of a marginalized group without completely eliminating it means fewer people are harmed. But those in that group are further disempowered by their smaller numbers, easier to oppress, and less able to correct the core of the problem: not having a right to be analog and be unplugged (which is an important component of the right to boycott).
This topic could be a whole Lemmy community, not just a thread. In the US, you have only three carriers: AT&T, Verizon, and T-Mobile. I’ve seen enough wrongdoing by all 3 to boycott all 3. I would not finance any them no matter how much money I have. T-Mobile is the lesser of evils but it’s wrong to be forced to feed any of the three as an arbitrary needless precondition to using the library’s public wifi. It’s absolutely foolish that most people support that kind of bundling between public and private services.
US govs do not (AFAIK) yet impose tech on people. I think every gov service in the US has an analog option, including cash payment options. That’s not the case in many regions outside the US. There are already govs that now absolutely force you to complete some government transactions online, along with electronic payments which imposes bank patronisation, even if you boycott the banks for investing in fossil fuels and private prisons. And if you don’t like being forced to use their Google CAPTCHA (which supports Google, the surveillance advertiser who participates in fossil fuel extraction), that’s tough. Poor people are forced to use a PC (thus the library) to do public sector transactions with the gov, as are a segment of elderly people who struggle to use the technology. There is also a segment of tech people who rightfully object, precisely because they know enough about how info traverses information systems to see how privacy is undermined largely due to loss of control (control being in the wrong hands). It’s baffling how few people are in that tech segment.
So the pro-privacy tech activists are united with the low-tech elderly and the poor together fighting this oppression (called “digital transformation”) which effectively takes away our boycott power and right to choose who we do business with in the private sector. A divide and conquer approach is being used because we don’t have a well-organised coalition. Giving the poor cheaper tech and giving assistance to the elderly is a good thing but the side effect is enabling the oppression to go unchallenged. When really the right answer in the end is to not impose shitty options in the first place. It’s like the corp swindle of forced bundling (you can only get X if you also take Y). You should be able to get public wifi without a mobile phone subscription.
The UDHR prohibits discrimination on the basis of what property you have. The intent is to protect the poor, but the protection is actually rightfully bigger in scope because people who willfully opt not to have property are also in the protected class.
It’s all quite parallel to Snowden’s take. The masses don’t care about privacy due to not really understanding it.
“Ultimately, arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.” ― Edward Snowden
The idea that activists need both free speech and privacy in order to fight for everyone’s rights is lost on people making the /selfish/ choice to disregard privacy. All those mobile phone users who don’t give a shit about mobile phones being imposed on everyone are missing this concept. The choice to have a mobile phone is dying. It’s gradually and quietly becoming an unwritten mandate.
Banking is also becoming bound to having a mobile phone. There are already banks who will not open account for those without a mobile phone. So we are losing the option to have a bank account but not a mobile phone.
Yeah I’ve done the same in one case. Librarian green lit me plugging into the rj45 but it turned out to be a dead port. I might have been able to get permission to hijack an occupied port to an unoccupied machine but just opted to bounce instead.
The wifi is for public use. The Ethernet isn’t. How is that so hard to understand?
How is it hard to understand that those two undisputed facts are actually a crucial part of my thesis? Of course I understand it because it’s the cause for the problems I described and my premise. It’s why this thread exists.
If that weren’t the case, the only notable problem would be with the mobile phone precondition on captive portals.
Could I be in the wrong? No, it must be literally everyone else in this entire thread / national library network.
Is your position so weak that you need to resort to a bandwagon fallacy?
Grow up.
and an ad hominem?
You demonstrate being a grown up by avoiding ad hominems in favor of logically sound reasoning.
Their terms require a phone so yes, on their terms.
I keep a copy of everything I sign. The ToS I signed on one library do not require a mobile phone. It’s an ad hoc implementation that was certainly not thought out to the extent of mirroring the demand for a mobile phone number into the agreement. And since it’s not in the agreement, this unwritten policy likely evaded the lawyer’s eyes (who likely drafted or reviewed the ToS).
Why would they make an exception for anyone?
Because their charter is not: “to provide internet service exclusively for residents who have mobile phones”.
And why would they want to deal with paper agreements for WiFi?
Paper agreements:
- do not discriminate (you cannot be a party to a captive portal agreement that you cannot reach)
- are more likely to actually be read (almost no one reads a tickbox agreement)
- inherently (or at least easily) give the non-drafting party a copy of the agreement for their records. A large volume of text on a tiny screen is unlikely to even be opened and even less likely to save it. Not having a personal copy reduces the chance of adherence to the terms.
- provide a higher standard of evidence whenever the agreement is litigated over
You don’t have to be a member to use WiFi, someone else could have given you the password if there even is one
That’s not how it works. The captive portal demands a phone number. After supplying it, an SMS verification code is sent. It’s bizarre that you would suggest asking a stranger in a library for their login info. In the case at hand, someone would have to share their mobile number, and then worry that something naughty would be done under their phone number, and possibly also put that other person at risk for helping someone circumvent the authentication (which also could be easily detected when the same phone number is used for two parallel sessions).
If someone is doing something illegal it’s gonna involve the library if you get caught (that’s why the phone number but maybe they are just being shitty with it). Not worth the risk.
Exactly what makes it awkward to ask someone else to use their phone.
You have, throughout your comments, repeatedly spoken down toward librarians and libraries.
Again, you’re not quoting. You’ve already been told it’s not the case. You need to quote. You replied to the wrong message.
but you’re certainly not painting them as “trying their best”
There are many librarians with varying degrees of motivation. I spoke to one yesterday that genuinely made an effort to the best of their ability. I cannot say the same for all librarians. When I describe a problem of being unable to connect, some librarians cannot be bothered to reach out to tech support, or even so much as report upstream that someone was unable to connect.
“worth having an adult conversation with instead of misrepresenting my situation intentionally”
This is a matter of being able to read people. I don’t just bluntly blurt out a request. I start the conversation with baby steps (borderline small talk) describing the issue to assess from their words, mood, and body language the degree to which they are likely to be accommodating whatever request I am building up to. Different people get a different conversation depending on the vibe I get from them. Even the day of week is a factor. People tend to be in their best mood on Fridays and far from that on Mondays.
You’ll have to quote me on that because I do not recall calling them baddies. I have spotlighted an irresponsible policy and flawed implementation. It’s more likely a competency issue and unlikely a case of malice (as it’s unclear whether the administration is even aware that they are excluding people).
If they are knowingly and willfully discriminating against people without mobile phones, then it could be malice. But we don’t know that so they of course have the benefit of any doubt. They likely operate on the erroneous assumption that every single patron has a mobile phone and functional wifi.
I have to say I didn’t downvote you as you’ve been civil and informative so far. But I’m not sure how to cite/quote from the UDHR as though it’s not law. I named the article and pasted the text. For me whether the enforcement machinery is in force doesn’t matter w.r.t to the merits of the discussion. From where I sit, many nations signed the UDHR because it has a baseline of principles worthy of being held in high regard. When the principles are violated outside the context of an enforcement body, the relevance of legal actionability is a separate matter. We are in a forum where we can say: here is a great idea for how to treat human beings with dignity and equality, and here that principle is being violated. There is no court in the loop. Finger wagging manifests from public support and that energy can make corrections in countless ways. Even direct consumer actions like boycotts. Israel is not being held to account for Gaza but people are boycotting Israel.
I guess I’m not grasping your thesis. Are you saying that if a solidly codified national law was not breached, then it’s not worthwhile to spotlight acts that undermine the UDHR principles we hold in high regard?
After reading your post, I would say, no harm intended, just don’t do it again.
You may be misunderstanding the thesis. This is not really about staying out of trouble. Or more precisely, as an activist up to my neck in trouble it’s about getting into the right trouble. The thesis is about this trend of marginalising people with either no phone and/or shitty wifi gear/software and a dozen or so demographics of people therein who do not so easily give up their rights. It’s about exclusivity of public services funded with public money. Civil disobedience is an important tool for justice outside of courts.
The security matter is really about competency and cost. The main problem is likely in the requirements specification conveyed to the large tech firms that received the contract. From where I sit, it appears they were simply told “give people wifi”, probably by people who don’t know the difference between wifi and internet. In which case the tech supplier should have been diligent and competent enough to ask “do you want us to exclude segments of the public who have no wifi gear and those without phones?”
The UDHR is not a treaty, so it does not create any direct legal bindings.
Sure, but where are you going with this? Legal binding only matters in situations of legal action and orthogonal to its application in a discussion in a forum. Human rights violations are rampant and they rarely go to The Hague (though that frequency is increasing). Human rights law is symbolic and carries weight in the court of public opinion. Human rights law and violations thereof get penalized to some extent simply by widespread condemnation by the public. So of course it’s useful to spotlight HR violations in a pubic forum. It doesn’t require a court’s involvement.
The judge who presided over the merits of the Israel genocide situation explained this quite well in a recent interview. If you expect an international court to single-handedly remedy cases before it, your expectations are off. The international court renders judgements that are mostly symbolic. But it’s not useless. It’s just a small part of the overall role of international law.
The article you quote may have been excluded, overwritten or rephrased in your jurisdiction.
I doubt it. It’s been a while since I read the exemptions of the various rights but I do not recall any mods to Article 21. The modifications do not generally wholly exclude an article outright. They typically make some slight modification, such as some signatories limiting free assembly (Art.20 IIRC) to /safe/ gatherings so unsafe gatherings can be broken up. I would not expect to see libraries excluded from the provision that people are entitled to equal access to public services considering there is also Article 27:
“Everyone has the right freely to participate in the cultural life of the community, to enjoy the arts and to share in scientific advancement and its benefits.”
The European HR convocations take that even further iirc.
You set a great example of getting mad at a bitch eating crackers.
I merely tried to get online using an ethernet cable. I didn’t get hostile. I was calm. And because I was calm, the librarian became calm. The only hostility was in the librarian’s single opening comment to me, and what you see in this thread.
You need to read Article 21. And as you read it, keep in mind it’s a public library.
(edit) There was a day when black people were denied access to the library. I suppose you would have said “Bruh, denying books is not a human rights violation” without any kind of legal rationale that articulates the meaning of Article 21.
Bizarre that so many here think it’s human-rights compliant to block poor people (those without phones) from public internet; who are in fact the people who need it most as governments are abolishing analog mechanisms of public service. Would be interesting to survey that same crowd on how many of them find it okay to block black people from publicly owned books. People can’t be this obtuse. It’s likely a high density of right-wing conservatives here, who understand human rights law but simply condemn anything they regard as competing with their privilege.
That “right” is exclusively available to people who:
- have a mobile phone
- who carry it with them
- who have working wifi hardware
The Universal Declaration of Human Rights has no such limitation on Article 21.
You can use it but on their terms.
Not without a phone.
Captive portal is likely making you agree to not abuse the service.
Have you forgotten that an agreement can be made on paper?
Nothing about a captive portal requires wifi. There are many ways to get that agreement. Neglecting to make the agreement part of the ToS when you become a member is just reckless.
Someone should let the IT staff know so they can properly block those services on ethernet as well.
Someone should let the IT staff know that wi-fi does not work for everyone, including:
- People running a free software platform that lacks support for a wifi NIC that needs a proprietary driver and firmware
- People running free software who ethically object to running the proprietary non-free driver and firmware their wifi NIC requires
- People without a mobile phone to perform the captive portal-mandated SMS verfication
- People with a mobile phone but who want to exercise their GDPR right to data minimization
- Climate activists who prefer not to spend 30 times more energy needed for wi-fi radios
- People who want the security of other wi-fi users not eavesdropping on their traffic by simply pointing a yagi antenna from a block away (on a network that blocks the VPNs that would protect them from that on wi-fi)
(edit)
- People who cannot get past the captive portal for other reasons, such as the captive portal imposing TLS 1.3 on older software (forced obsolescence), or anything else that fails technically, like DNS breakage preventing the captive portal’s hostname from resolving.
And because simply turning on Wi-Fi in public enables all iPhones in your range to automatically snoop, collect your wi-fi params including SSIDs your device looks for before sending it to Apple, along with GPS fix and timestamp (according to research), there are people who:
- for privacy reasons object to being snooped on generally in this way
- boycott Apple already for any number of reasons, and who have enough discipline and resolve to oppose feeding profitable data to Apple -- regardless of whether they actually care about the disclosure.
- boycott the fossil fuel industry, including Google who supplies AI to Totaal Oil to find drilling locations, and thus oppose feeding Google by way of Androids in range doing the same collection as Apple. (note it’s disputed whether Google actually mirrors Apple on this to the extent of Apple)
I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scripts and configs to use clearnet, so the library’s internet is useless to me (unless I bother to try a tor bridge).
I was packing my laptop and a librarian spotted me unplugging my ethernet cable and approached me with big wide open eyes and pannicked angry voice (as if to be addressing a child that did something naughty), and said “you can’t do that!”
I have a lot of reasons for favoring ethernet, like not carrying a mobile phone that can facilitate the SMS verify that the library’s captive portal imposes, not to mention I’m not eager to share my mobile number willy nilly. The reason I actually gave her was that that I run a free software based system and the wifi drivers or firmware are proprietary so my wifi card doesn’t work¹. She was also worried that I was stealing an ethernet cable and I had to explain that I carry an ethernet cable with me, which she struggled to believe for a moment. When I said it didn’t work, she was like “good, I’m not surprised”, or something like that.
¹ In reality, I have whatever proprietary garbage my wifi NIC needs, but have a principled objection to a service financed by public money forcing people to install and execute proprietary non-free software on their own hardware. But there’s little hope for getting through to a librarian in the situation at hand, whereby I might as well have been caught disassembling their PCs.
IMO this is a #netneutrality issue due to lack of access equality. People with old phones are discriminated against.
cross-posted from: https://infosec.pub/post/11021006
> …
> TLS-encumbered captive portal (transit service)
> ---
> A transit service offered wi-fi but the network forcibly redirected me to a
> captive portal that triggers this error:
> > net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH >
> I tried a couple browsers and tried rewriting the https:// scheme as http:// but SSL redirect was forced consistently. The error apparently implies my phone’s browser can’t do TLS 1.3.
>
> It seems like a shitty move for a transit service to require passengers to use TLS 1.3 just to tick a fucking box that says “I agree” (to the terms no one reads anyway). Couple questions:
>
> * I’m generally in the /protect everything by default/ school of thought. But I cannot get my head around why a captive portal where people just tap “I agree” would warrant disclosure protection that could hinder availability. In reality, I don’t really know what the captive portal at hand requests.. maybe it demands people’s phone# or email, in which case it might make sense (though I would object to them collecting that info in a GDPR region in the 1st place).
>
> * Is there a good reason for a captive portal to require TLS 1.3? It seems either the network provider does not trust their own network, or they’re simply incompetent (assumes everyone runs the latest phones). But if I’m missing something I would like to understand it.
>
> I still have to investigate what limitation my browser has and whether I can update this whilst being trapped on an unrooted Android 5.
>
> Bypass methods
> ---
> I guess I need to study:
> * ICMP tunnel (slow, but IIUC it’s the least commonly blocked)
> * SSH tunnel
> * others?
>
> Are there any decent FOSS tools that implement the client side of tunnels without needing root? I have openvpn but have not tested to see if that can circumvent captive portals. I’ve only found:
>
> * MultiVNC - VNC over SSH
> * AVNC - VNC over SSH
> * ConnectBot - Can all traffic be routed over this SSH tunnel, or just a shell session?
> * VX ConnectBot - same as connectBot but expanded
>
> I’m curious if the VNC clients would work but at the same time I’m not keen to bring in the complexity of then having to find a VNC server. Running my own server at home is not an option.
>
> My to-do list of things to tinker with so far:
> * Captive Portal Controller
> * CaptivePortalLogin (AOS 6+, and no Izzy archives on this)
> * Hotspot Login
>
> Legal options
> ---
> If a supplier advertises Wi-Fi but then they render it dysfunctional by imposing arbitrary tech requirements after consumers have already bought the product/service it was included with (coffee, train/bus/plane fare, etc), then they neglect to support it, doesn’t that constitute false advertising? Guess this is out of scope for the community but I might be ½ tempted to file false advertising claims with consumer protection agencies in some cases.
>
> And when a captive portal demands email or phone number, it would seem to be a GDPR violation. Some public libraries make wi-fi access conditional on sharing a mobile phone number which then entails an SMS verification loop.
This is likely a Lemmy bug but infosec.pub is related because there are so many Android communities that are federated from bad places so I thought I would mention it here as well.
cross-posted from: https://infosec.pub/post/11060800
> The cross-post mechanism has a limitation whereby you cannot simply enter a precise community to post to. Users are forced to search and select. When searching for “android” on infosec.pub within the cross-post page, the list of possible communities is totally clusterfucked with shitty centralized Cloudflare instances (lemmy world, sh itjust works, lemm ee, programming dev, etc). The list of these junk instances is so long !android@hilariouschaos.com does not make it to the list.
>
> The workaround is of course to just create a new post with the same contents. And that is what I will do.
>
> There are multiple bugs here:
> ① First of all, when a list of communities is given in this context, the centralized instances should be listed last (at best) because they are antithetical to fedi philosophy.
> ② Subscribed communities should be listed first, at the top
> ③ Users should always be able to name a community in its full form, e.g.:
> * !android@hilariouschaos.com
> * hilariouschaos.com/android
>
> ④ Users should be able to name just the instance (e.g. hilariouschaos.com) and the search should populate with subscribed communities therein.
The cross-post mechanism has a limitation whereby you cannot simply enter a precise community to post to. Users are forced to search and select. When searching for “android” on infosec.pub within the cross-post page, the list of possible communities is totally clusterfucked with shitty centralized Cloudflare instances (lemmy world, sh itjust works, lemm ee, programming dev, etc). The list of these junk instances is so long !android@hilariouschaos.com does not make it to the list.
The workaround is of course to just create a new post with the same contents. And that is what I will do.
There are multiple bugs here: ① First of all, when a list of communities is given in this context, the centralized instances should be listed last (at best) because they are antithetical to fedi philosophy. ② Subscribed communities should be listed first, at the top ③ Users should always be able to name a community in its full form, e.g.:
!android@hilariouschaos.comhilariouschaos.com/android
④ Users should be able to name just the instance (e.g. hilariouschaos.com) and the search should populate with subscribed communities therein.
cross-posted from: https://infosec.pub/post/11021006
> …
> TLS-encumbered captive portal (transit service)
> ---
> A transit service offered wi-fi but the network forcibly redirected me to a
> captive portal that triggers this error:
> > net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH >
> I tried a couple browsers and tried rewriting the https:// scheme as http:// but SSL redirect was forced consistently. The error apparently implies my phone’s browser can’t do TLS 1.3.
>
> It seems like a shitty move for a transit service to require passengers to use TLS 1.3 just to tick a fucking box that says “I agree” (to the terms no one reads anyway). Couple questions:
>
> * I’m generally in the /protect everything by default/ school of thought. But I cannot get my head around why a captive portal where people just tap “I agree” would warrant disclosure protection that could hinder availability. In reality, I don’t really know what the captive portal at hand requests.. maybe it demands people’s phone# or email, in which case it might make sense (though I would object to them collecting that info in a GDPR region in the 1st place).
>
> * Is there a good reason for a captive portal to require TLS 1.3? It seems either the network provider does not trust their own network, or they’re simply incompetent (assumes everyone runs the latest phones). But if I’m missing something I would like to understand it.
>
> I still have to investigate what limitation my browser has and whether I can update this whilst being trapped on an unrooted Android 5.
>
> Bypass methods
> ---
> I guess I need to study:
> * ICMP tunnel (slow, but IIUC it’s the least commonly blocked)
> * SSH tunnel
> * others?
>
> Are there any decent FOSS tools that implement the client side of tunnels without needing root? I have openvpn but have not tested to see if that can circumvent captive portals. I’ve only found:
>
> * MultiVNC - VNC over SSH
> * AVNC - VNC over SSH
> * ConnectBot - Can all traffic be routed over this SSH tunnel, or just a shell session?
> * VX ConnectBot - same as connectBot but expanded
>
> I’m curious if the VNC clients would work but at the same time I’m not keen to bring in the complexity of then having to find a VNC server. Running my own server at home is not an option.
>
> My to-do list of things to tinker with so far:
> * Captive Portal Controller
> * CaptivePortalLogin (AOS 6+, and no Izzy archives on this)
> * Hotspot Login
>
> Legal options
> ---
> If a supplier advertises Wi-Fi but then they render it dysfunctional by imposing arbitrary tech requirements after consumers have already bought the product/service it was included with (coffee, train/bus/plane fare, etc), then they neglect to support it, doesn’t that constitute false advertising? Guess this is out of scope for the community but I might be ½ tempted to file false advertising claims with consumer protection agencies in some cases.
>
> And when a captive portal demands email or phone number, it would seem to be a GDPR violation. Some public libraries make wi-fi access conditional on sharing a mobile phone number which then entails an SMS verification loop.
cross-posted from: https://infosec.pub/post/11021006
> The red padlock (at a cafe)
> ---
> The captive portal of a cafe simply rendered a red padlock on with a line through it. Essentially, it was apparently telling me I am being denied access arbitrarily without using any words. There was no other screen before that. Immediately after wifi handshaking Android’s built-in captive portal detection app just went straight to a padlock. I have never been in that cafe in my life and never use my device maliciously.
>
> Showed the screen to the staff who said “works for me on my phone”, who then noticed the airplane on my status bar and said “oh, you got the little airplane, that’s the problem”. Shit; so then I had to explain that wi-fi works in airplane mode. It was just a distraction for them. I couldn’t really convince them that the problem isn’t anything I’m doing wrong. There is no tech support for this situation -- like pretty much all captive portal scenarios. Being the customer of the customer is a very weak position to be in when the direct customer doesn’t really give a shit if it works or not.
>
> So, has anyone seen this kind of behavior? I run into shitty broken captive portals often enough that I guess I really need to get a better understanding of them, and ways to bypass them.
>
> TLS-encumbered captive portal (transit service)
> ---
> A transit service offered wi-fi but the network forcibly redirected me to a
> captive portal that triggers this error:
> > net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH >
> I tried a couple browsers and tried rewriting the https:// scheme as http:// but SSL redirect was forced consistently. The error apparently implies my phone’s browser can’t do TLS 1.3.
>
> It seems like a shitty move for a transit service to require passengers to use TLS 1.3 just to tick a fucking box that says “I agree” (to the terms no one reads anyway). Couple questions:
>
> * I’m generally in the /protect everything by default/ school of thought. But I cannot get my head around why a captive portal where people just tap “I agree” would warrant disclosure protection that could hinder availability. In reality, I don’t really know what the captive portal at hand requests.. maybe it demands people’s phone# or email, in which case it might make sense (though I would object to them collecting that info in a GDPR region in the 1st place).
>
> * Is there a good reason for a captive portal to require TLS 1.3? It seems either the network provider does not trust their own network, or they’re simply incompetent (assumes everyone runs the latest phones). But if I’m missing something I would like to understand it.
>
> I still have to investigate what limitation my browser has and whether I can update this whilst being trapped on an unrooted Android 5.
>
> Bypass methods
> ---
> I guess I need to study:
> * ICMP tunnel (slow, but IIUC it’s the least commonly blocked)
> * SSH tunnel
> * others?
>
> Are there any decent FOSS tools that implement the client side of tunnels without needing root? I have openvpn but have not tested to see if that can circumvent captive portals. I’ve only found:
>
> * MultiVNC - VNC over SSH
> * AVNC - VNC over SSH
> * ConnectBot - Can all traffic be routed over this SSH tunnel, or just a shell session?
> * VX ConnectBot - same as connectBot but expanded
>
> I’m curious if the VNC clients would work but at the same time I’m not keen to bring in the complexity of then having to find a VNC server. Running my own server at home is not an option.
>
> My to-do list of things to tinker with so far:
> * Captive Portal Controller
> * CaptivePortalLogin (AOS 6+, and no Izzy archives on this)
> * Hotspot Login
>
> Legal options
> ---
> If a supplier advertises Wi-Fi but then they render it dysfunctional by imposing arbitrary tech requirements after consumers have already bought the product/service it was included with (coffee, train/bus/plane fare, etc), then they neglect to support it, doesn’t that constitute false advertising? Guess this is out of scope for the community but I might be ½ tempted to file false advertising claims with consumer protection agencies in some cases.
>
> And when a captive portal demands email or phone number, it would seem to be a GDPR violation. Some public libraries make wi-fi access conditional on sharing a mobile phone number which then entails an SMS verification loop.
The red padlock (at a cafe) --- The captive portal of a cafe simply rendered a red padlock on with a line through it. Essentially, it was apparently telling me I am being denied access arbitrarily without using any words. There was no other screen before that. Immediately after wifi handshaking Android’s built-in captive portal detection app just went straight to a padlock. I have never been in that cafe in my life and never use my device maliciously.
Showed the screen to the staff who said “works for me on my phone”, who then noticed the airplane on my status bar and said “oh, you got the little airplane, that’s the problem”. Shit; so then I had to explain that wi-fi works in airplane mode. It was just a distraction for them. I couldn’t really convince them that the problem isn’t anything I’m doing wrong. There is no tech support for this situation -- like pretty much all captive portal scenarios. Being the customer of the customer is a very weak position to be in when the direct customer doesn’t really give a shit if it works or not.
So, has anyone seen this kind of behavior? I run into shitty broken captive portals often enough that I guess I really need to get a better understanding of them, and ways to bypass them.
TLS-encumbered captive portal (transit service)
---
A transit service offered wi-fi but the network forcibly redirected me to a
captive portal that triggers this error:
net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH
I tried a couple browsers and tried rewriting the https:// scheme as http:// but SSL redirect was forced consistently. The error apparently implies my phone’s browser can’t do TLS 1.3.
It seems like a shitty move for a transit service to require passengers to use TLS 1.3 just to tick a fucking box that says “I agree” (to the terms no one reads anyway). Couple questions:
-
I’m generally in the /protect everything by default/ school of thought. But I cannot get my head around why a captive portal where people just tap “I agree” would warrant disclosure protection that could hinder availability. In reality, I don’t really know what the captive portal at hand requests.. maybe it demands people’s phone# or email, in which case it might make sense (though I would object to them collecting that info in a GDPR region in the 1st place).
-
Is there a good reason for a captive portal to require TLS 1.3? It seems either the network provider does not trust their own network, or they’re simply incompetent (assumes everyone runs the latest phones). But if I’m missing something I would like to understand it.
I still have to investigate what limitation my browser has and whether I can update this whilst being trapped on an unrooted Android 5.
Bypass methods --- I guess I need to study:
- ICMP tunnel (slow, but IIUC it’s the least commonly blocked)
- SSH tunnel
- others?
Are there any decent FOSS tools that implement the client side of tunnels without needing root? I have openvpn but have not tested to see if that can circumvent captive portals. I’ve only found:
- MultiVNC - VNC over SSH
- AVNC - VNC over SSH
- ConnectBot - Can all traffic be routed over this SSH tunnel, or just a shell session?
- VX ConnectBot - same as connectBot but expanded
I’m curious if the VNC clients would work but at the same time I’m not keen to bring in the complexity of then having to find a VNC server. Running my own server at home is not an option.
My to-do list of things to tinker with so far:
- Captive Portal Controller
CaptivePortalLogin(AOS 6+, and no Izzy archives on this)- Hotspot Login
Legal options --- If a supplier advertises Wi-Fi but then they render it dysfunctional by imposing arbitrary tech requirements after consumers have already bought the product/service it was included with (coffee, train/bus/plane fare, etc), then they neglect to support it, doesn’t that constitute false advertising? Guess this is out of scope for the community but I might be ½ tempted to file false advertising claims with consumer protection agencies in some cases.
And when a captive portal demands email or phone number, it would seem to be a GDPR violation. Some public libraries make wi-fi access conditional on sharing a mobile phone number which then entails an SMS verification loop.
update (phones bought last year already obsolete) --- TLS 1.3 was not introduced until Android OS 10 (sept.2019). That was the release date of AOS 10. Older devices like AOS 9 would still be sold at that time and continuing at least into 2023. Shops do not pull their stock from the shelves when the end of support arrives. This means people buying new COTS Android devices just last year or even this year are already too out of date for the TLS 1.3 captive portal to function.
It’s seriously disgusting how many people expect consumers to upgrade this chronically fast.
Looking for a SIP provider for my very low usage. So I’m after:
- prepaid without monthly fee, pay per unit time (no DID needed)
- security (TLS or SRTP)
- caller ID control (I have no inbound voice line; I have an inbound fax line I prefer to use; freetyping CID info nanny-free is the best)
- web portals must support Tor, no Cloudflare
- (not critical) support for lightweight codecs like speex, gsm, or bv16
The closest provider to satisfying that criteria I’ve found so far is leap.tel, but they lack TLS/SRTP and only support G.711. DID Logic supports TLS/SRTP, but they only have plans with monthly fees.
cross-posted from: https://infosec.pub/post/10262373
> Question for people willing to visit Cloudflare sites: > > How do you determine whether to trust a login page on a CF site? A sloppy or naïve admin would simply take the basic steps to putting their site on Cloudflare, in which case the authentication traffic traverses CF. Diligent admins setup a separate non-CF host for authentication. > > Doing a view-source on the login page and inspecting the code seems like a lot of effort. The source for the lemmy.world login page is not humanly readable. It looks as if they obfuscated the URLs to make them less readable. Is there a reasonably convenient way to check where the creds go? Do you supply bogus login info and then check the httpput headers?
Share quickly the Internet connection of your Linux PC with your Unrooted Android smartphone via a common USB cable
There are apparently only two documented ways to reverse tether an Android via USB to a linux host:
OpenVPN dead I really wanted the #openVPN method to work because I’m a fan of reducing special-purpose installations and using Swiss army knives of sorts. In principle we might expect openVPN to be well maintained well into the future. But openVPN turns out to be a shit show in this niche context. Features have been dropped from the Android version.
Gnirehtet dying
Gnirehtet works but it’s falling out of maintenance. It’s also unclear if #Gnirehtet really works without root. There is mixed info:
- Ade Malsasa Akbar from Ubuntubuzz claims root is not needed (and devs agree).
- OSradar claims root is needed. (edit: they are mistaken)
If anyone has managed to reverse tether an unrooted Android over USB to a linux host using free software, please chime in. Thanks!
update on Gnirehtet --- Gnirehtet indeed works without root. But some apps (like VOIP apps) fail to detect an internet connection and refuse to communicate.
#askFedi
Question for people willing to visit Cloudflare sites:
How do you determine whether to trust a login page on a CF site? A sloppy or naïve admin would simply take the basic steps to putting their site on Cloudflare, in which case the authentication traffic traverses CF. Diligent admins setup a separate non-CF host for authentication.
Doing a view-source on the login page and inspecting the code seems like a lot of effort. The source for the lemmy.world login page is not humanly readable. It looks as if they obfuscated the URLs to make them less readable. Is there a reasonably convenient way to check where the creds go? Do you supply bogus login info and then check the httpput headers?
An HTML-only email from a gov agency has a logo referencing an URL that looks like this:
https://1wy1y.mjt.lu/tplimg/1wy1y/f/l9hl7/g3q3v.png
It’s not exactly that (apart from the domain) but of course it’s rather unique looking. They send email routinely. The initial emails had an obviously non-suspicious basic logo, like “(their office domain)/files/logo.png”. But then later they switched and every message from them is the URL in the mjt.lu domain. It’s not unique per message but it could be unique to the user, perhaps to keep tabs on when each person reads their messages.
The output of torsocks curl -LI looks like this:
HTTP/2 200 date: (exactly now) content-type: image/png accept-ranges: bytes
That’s it. It’s the shortest HTTP header I’ve seen. There’s no content-length. I find that suspicious because if this is a service that facilitates tracker pixels, then they would want to withhold the length in order to dodge detection. Although from its usage in my case it wouldn’t just be a pixel -- it’s a logo.
The date is also suspect. Shouldn’t the date be the date of the object, not the current time this second?
Are there any other checks to investigate this?
I installed NetGuard about a month ago and blocked all internet to apps, unless they’re on a whitelist. No notifications from this particular system app (that can’t be disabled) until recently when it started making internet connection requests to google servers. Does anyone know when this became a ...
The technical mechanism:
https://play.google.com/store/apps/details?id=com.google.android.apps.devicelock
update --- To be clear, I am not the OP who experienced this problem. I just linked them from here.
It's official. After 3 months of back and forth, a major medical provider has elected to drop me as a patient for not having a Google or Apple device. It is unclear if this is legal, but it is very clearly discriminatory and unethical. Any tech journalists or lawyers interested in this? I would...
There used to be no problem archiving a Mastodon thread in the #internetArchive #waybackMachine. Now on recent threads it just shows a blank page:
https://web.archive.org/web/20240318210031/https://mastodon.social/@lrvick/112079059323905912
Or is it my browser? Does that page have content for others?
I received several machine-generate e-mails which are all mostly the same: a notification. They are HTML emails with no plaintext MIME part. Yikes! And to complicate matters further, the messages traversed my anonaddy forwarding account which PGP encrypts every message to me before forwarding it to my normal email account.
The gov wants me to give them an “unaltered copy” of these e-mails. This gov office actually blocks my mail server so I am generally unwilling to send them email. This means I will be giving them the emails on paper hardcopy.
So wtf, this is tricky. They want an “unaltered copy”. If I were to print the MBOX files, it would be useless to them because it’s a base64 blob that only I can decrypt. My mail client is mutt so the HTML is detected and piped through w3m to give me a text version that is readable enough.
But in general, how do you give unaltered copies of an HTML email on paper form? This is not necessarily for a court but it could go down that path. Would a court want to see raw HTML tags? Or do courts prefer the HTML to be rendered for readability?
Normally I copy the w3m-rendered text of email into LaTeX and typeset it to look pretty and copy-paste the useful headers into a well-styled header in a monospaced font. And I omit the useless headers. But I get the impression my way of working would not pass for “unaltered”.
I could perhaps try to feed the HTML into wkhtmltopdf. In the end, HTML rendering always varies depending on the rendering tool. Normies use MS Outlook, and I have to figure that the gov is normally dealing with normies. So maybe I should install Evolution or Thunderbird. Any suggestions for a tool that is particularly good at making HTML email presentable on paper without looking too custom?
#askFedi
Just like catcatnya, infosec.exchange just gives a black page. Up, but broken, at least in my browser.
(update) browser issue. Downvoted myself on this to lessen the visibility although some may still find that interesting so I’ll let the thread live.
cross-posted from: https://infosec.pub/post/9936059
> I would like to collect the scenarios in which people are forced to enter Google’s #walledGarden (that is, to establish and/or maintain an account). > > If someone needs a Google service to access something essential like healthcare or education, that’s what I want to hear about. To inspire a list of things that are “essential” I had a look at human rights law to derive this list: > > * right to life > * healthcare > * freedom of expression > * freedom of assembly and of association > * right to education > * right to engage in work and access to placement services > * fair and just working conditions > * social security and social assistance > * consumer protection > * right to vote > * right to petition > * right of access to (government) documents > * right to a nationality (passport acquisition) > * right of equal access to public service in his country > > Below is what I have encountered personally, which serves as an example of the kind of experiences I want to hear about: > > * Google’s Playstore is a gate-keeper to most Android apps in the world and this includes relatively essential apps, such as: > * emergency apps (e.g. that dial 112 in Europe or 911 in the US) > * banking apps > * apps for public services (e.g. public parking) > * others? > * (education) Google docs is used by students in public schools, by force to some extent. Thus gdocs sometimes cannot be escaped in pursuit of education. When groups of students collaborate, sometimes the study groups impose use of gdocs. Some secondary school teachers impose the use of Google accounts for classroom projects. > * (education) A public university’s wi-fi network involved a captive portal and the only way to gain access was to supply credentials for a Google or Facebook account. > > I’ve noticed that when creating an account for a public service I often have the option to supply credentials for Google or Facebook to bypass the verification process. In all cases of this kind of registration shortcut being used for public service, there was an alternative Google-free way to open the account. But in the private sector, I’ve seen this style of registration that absolutely required a proxy login via some shitty walled garden (like the university wi-fi). So I wonder if there are any situations where a government (anywhere in the world) requires a Google account in order to get service. >
cross-posted from: https://infosec.pub/post/9936059
> I would like to collect the scenarios in which people are forced to enter Google’s #walledGarden (that is, to establish and/or maintain an account). > > If someone needs a Google service to access something essential like healthcare or education, that’s what I want to hear about. To inspire a list of things that are “essential” I had a look at human rights law to derive this list: > > * right to life > * healthcare > * freedom of expression > * freedom of assembly and of association > * right to education > * right to engage in work and access to placement services > * fair and just working conditions > * social security and social assistance > * consumer protection > * right to vote > * right to petition > * right of access to (government) documents > * right to a nationality (passport acquisition) > * right of equal access to public service in his country > > Below is what I have encountered personally, which serves as an example of the kind of experiences I want to hear about: > > * Google’s Playstore is a gate-keeper to most Android apps in the world and this includes relatively essential apps, such as: > * emergency apps (e.g. that dial 112 in Europe or 911 in the US) > * banking apps > * apps for public services (e.g. public parking) > * others? > * (education) Google docs is used by students in public schools, by force to some extent. Thus gdocs sometimes cannot be escaped in pursuit of education. When groups of students collaborate, sometimes the study groups impose use of gdocs. Some secondary school teachers impose the use of Google accounts for classroom projects. > * (education) A public university’s wi-fi network involved a captive portal and the only way to gain access was to supply credentials for a Google or Facebook account. > > I’ve noticed that when creating an account for a public service I often have the option to supply credentials for Google or Facebook to bypass the verification process. In all cases of this kind of registration shortcut being used for public service, there was an alternative Google-free way to open the account. But in the private sector, I’ve seen this style of registration that absolutely required a proxy login via some shitty walled garden (like the university wi-fi). So I wonder if there are any situations where a government (anywhere in the world) requires a Google account in order to get service. >