Re: public APs

On 04/05/2025 13:31, Don Y wrote:

On 5/4/2025 2:00 AM, Martin Brown wrote:

On 03/05/2025 22:34, Don Y wrote:

I seldom use public wifi.  But, had the occasion to TRY to do so
at a local library branch.
>
Dismayed to find no HTTPS support; they apparently have an
"agent" interposed between all network accesses.
>
Is this common?  I.e., how do people do banking or other
"secure" transactions?  Or, do they just use them to
"check pricing" at other stores?

>
The one in my public library is properly secure. In fact it is so secure that some of the libraries own computers won't talk to it at the moment after a recent upgrade to the Wifi router.

 Oops!  Are the "library's own computers" connected wirelessly to their
network provider?
 Here, the workstations IN the library -- and the computers used by the
librarians -- have wired connections.  The wireless AP is only for
the convenience of people who want to bring their own laptop into
the coverage area *or* (more commonly) their cell phone (to avoid
"data plan" charges as well as homeless people who don't have a
"home" in which to have wired service.

The immovable ones are wired in, but the portables that are brought out and used when it is busy or for schools computing classes are not. They rely on the Wifi - but are chained to the desk for other reasons.

 Bringing your own bit of kit in allows you to avoid any snoop-ware
that may be installed on the "public access" machines on the library's
wired network (there are no options to connect to the wired network
other than using a prewired machine).

The network access password is displayed.

And, the whole point of HTTPS is to safeguard against MitM attacks
and spoofing.  (else, your ISP could just as easily be snooping
your traffic; I suspect some of the bigger/national ISPs here
regularly watch for torrent traffic, warez sites, etc.)
 [The library implements some sort of black/white-listing service
but I suspect it is contracted out as they don't have the skills
or "internet awareness" to know what might be "inappropriate use"]
 The question posed is whether or not "every" such AP (coffee shops,
department stores, doctor offices, etc.) has such a MitM proxy
in place, censoring transactions.  And, if not, WHY not?  (this
seems a social vulnerability)

IDK for sure but I suspect libraries connect to the internet through some national government gateway that blocks most really dodgy sites. Their in house computer expertise is essentially nil.

 

I have a portable sat on my desk that I need to reset the forgotten/not known admin password for right now. Unable to install the latest network drivers because they don't know what the admin password was set to by someone about 5

 I put sticky labels on each of my devices with the UID of the
"priviledged user" along with the password.  I figure if someone
has broken into my home, a password is not going to deter them
from taking what they want (I don't encrypt disk drives)
 [FBI visited the local library branch some time ago and carted
off a workstation.  Apparently, someone had sent a threatening
note using it (so they obviously track traffic and connection
history).  Biggest privacy risk, IMHO, is using their printer
as it caches documents on an internal disk...]

Most printers also leave a hidden signature on every document they print (in very faint yellow dots). Illuminate in pure blue light to see them.

 

years ago. Yes their PCs are quite elderly and run into the ground but plenty good enough for web browsing. For some reason the "L" key consistently seems to wear out fastest to blank - any ideas why?
>
Followed by S, C, H, N, D & O but they still remain legible (sort of).

 I don't "touch type" but my fingers tend to know where the
keys are, regardless of label (though there seems to be
a noted differential in nerve impulse propagation that
leads to "teh" instead of "the", etc.)
 I periodically clean the keyboards, removing the keycaps and
soaking them in soapy water.  Then, after drying, test my memory
of the keyboard layout by putting them back in place, unaided.
 

Only the very top left half trace of the vertical for the L remains.

 My mice tend to see more wear than the keyboard.  Of course,
fewer "keys" involved there.

The mouse buttons gradually develop a high polish. At least with modern optical ones you no longer have to remove the rubber ball the defur it!
--
Martin Brown