On 5/4/2025 2:00 AM, Martin Brown wrote:
On 03/05/2025 22:34, Don Y wrote:
I seldom use public wifi. But, had the occasion to TRY to do so
at a local library branch.
>
Dismayed to find no HTTPS support; they apparently have an
"agent" interposed between all network accesses.
>
Is this common? I.e., how do people do banking or other
"secure" transactions? Or, do they just use them to
"check pricing" at other stores?
The one in my public library is properly secure. In fact it is so secure that some of the libraries own computers won't talk to it at the moment after a recent upgrade to the Wifi router.
Oops! Are the "library's own computers" connected wirelessly to their
network provider?
Here, the workstations IN the library -- and the computers used by the
librarians -- have wired connections. The wireless AP is only for
the convenience of people who want to bring their own laptop into
the coverage area *or* (more commonly) their cell phone (to avoid
"data plan" charges as well as homeless people who don't have a
"home" in which to have wired service.
Bringing your own bit of kit in allows you to avoid any snoop-ware
that may be installed on the "public access" machines on the library's
wired network (there are no options to connect to the wired network
other than using a prewired machine).
And, the whole point of HTTPS is to safeguard against MitM attacks
and spoofing. (else, your ISP could just as easily be snooping
your traffic; I suspect some of the bigger/national ISPs here
regularly watch for torrent traffic, warez sites, etc.)
[The library implements some sort of black/white-listing service
but I suspect it is contracted out as they don't have the skills
or "internet awareness" to know what might be "inappropriate use"]
The question posed is whether or not "every" such AP (coffee shops,
department stores, doctor offices, etc.) has such a MitM proxy
in place, censoring transactions. And, if not, WHY not? (this
seems a social vulnerability)
I have a portable sat on my desk that I need to reset the forgotten/not known admin password for right now. Unable to install the latest network drivers because they don't know what the admin password was set to by someone about 5
I put sticky labels on each of my devices with the UID of the
"priviledged user" along with the password. I figure if someone
has broken into my home, a password is not going to deter them
from taking what they want (I don't encrypt disk drives)
[FBI visited the local library branch some time ago and carted
off a workstation. Apparently, someone had sent a threatening
note using it (so they obviously track traffic and connection
history). Biggest privacy risk, IMHO, is using their printer
as it caches documents on an internal disk...]
years ago. Yes their PCs are quite elderly and run into the ground but plenty good enough for web browsing. For some reason the "L" key consistently seems to wear out fastest to blank - any ideas why?
Followed by S, C, H, N, D & O but they still remain legible (sort of).
I don't "touch type" but my fingers tend to know where the
keys are, regardless of label (though there seems to be
a noted differential in nerve impulse propagation that
leads to "teh" instead of "the", etc.)
I periodically clean the keyboards, removing the keycaps and
soaking them in soapy water. Then, after drying, test my memory
of the keyboard layout by putting them back in place, unaided.
Only the very top left half trace of the vertical for the L remains.
My mice tend to see more wear than the keyboard. Of course,
fewer "keys" involved there.
public APs
Re: public APs