I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scripts and configs to use clearnet, so the library’s internet is useless to me (unless I bother to try a tor bridge).

I was packing my laptop and a librarian spotted me unplugging my ethernet cable and approached me with big wide open eyes and pannicked angry voice (as if to be addressing a child that did something naughty), and said “you can’t do that!”

I have a lot of reasons for favoring ethernet, like not carrying a mobile phone that can facilitate the SMS verify that the library’s captive portal imposes, not to mention I’m not eager to share my mobile number willy nilly. The reason I actually gave her was that that I run a free software based system and the wifi drivers or firmware are proprietary so my wifi card doesn’t work¹. She was also worried that I was stealing an ethernet cable and I had to explain that I carry an ethernet cable with me, which she struggled to believe for a moment. When I said it didn’t work, she was like “good, I’m not surprised”, or something like that.

¹ In reality, I have whatever proprietary garbage my wifi NIC needs, but have a principled objection to a service financed by public money forcing people to install and execute proprietary non-free software on their own hardware. But there’s little hope for getting through to a librarian in the situation at hand, whereby I might as well have been caught disassembling their PCs.

  • DoomBot5@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 months ago

    I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scripts and configs to use clearnet, so the library’s internet is useless to me (unless I bother to try a tor bridge).

    Yeah… Trying to bypass their security by using ethernet instead of Wi-Fi to use your own stuff that’s being blocked is tantamount to abusing the library’s services. Someone should let the IT staff know so they can properly block those services on ethernet as well.

  • Album@lemmy.ca
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    7 months ago

    The reality despite what you or i might do, is that 99% of people don’t carry around an ethernet or hardwire in when there is available wifi.

    The library might be public, but it’s still a good idea to communicate your intent or obtain permission prior to using someone else’s network in away they might deem to be unexpected.

    “Do you have ethernet or wired internet?” is actually a common library question and the response from whoever works the front desk will likely tell you everything you need to know.

    • coffeeClean@infosec.pubOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      7 months ago

      When I entered I spoke to a different librarian about the locked PC room (due to a holiday or something). They said I could use wifi but need to give a phone number to a captive portal, which I already knew. My phone was not on me so I said: is it okay if I plug in over there by the catalog PCs? They said yes. Revealing what I mean by "plugging in”, well, i was vague for a reason. I know the population has become ethernet-hostile¹ so indeed asking for forgiveness is better than asking for permission in this situation.

      ¹ Another library in the area has ethernet ports but they are just decoys (dead ports). I asked the librarian what the problem is, why they are disabled, and whether we can turn them on. Librarian was helpless, and said “use wifi”, which didn’t work for me for different reasons than the other library. But the librarian basically said in so many words “not our problem… you can just use wifi.” At another library, I was able to connect but Tor was blocked. I tried to get support from the librarian. They had no clue but were also unwilling to lead me to someone who could give support. The way it works around here is the info systems are outsourced to some unreachable tech giant, and the librarians are rendered helpless. If the SSID does not appear, the librarian can send an email to someone to say it’s down, and that’s about the full extent of their tech capability.

      • mark3748@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        Another library in the area has ethernet ports but they are just decoys (dead ports). I asked the librarian what the problem is, why they are disabled, and whether we can turn them on.

        They’re not decoys, they’re just not patched. Because we don’t generally patch anything that’s not going to be in use. Also because some rando will probably attempt to plug their nasty ass laptop into it, which is also why we block port intrusions.

      • EssentialCoffee@midwest.social
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        Why didn’t you tell this librarian that you’d asked another librarian and they said it was okay to plug in? Why was none of this included in the original post?

        • coffeeClean@infosec.pubOP
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          7 months ago

          The librarian who said it was okay to plugin (which they likely understood to mean plugin an A/C power cord) was young, not as senior as the edgy librarian. I’m not going to take down a kid and get them in trouble for not picking apart what it means when someone asks if they can “plug-in”.

          People like Trump will throw his supporters under the bus when self-defense calls for it. I will not.

          What would the point be? I didn’t need a defense. I got scolded and was walking out. Since I was calm, the librarian became calm. Police were not called and I was not detained. And if that had happened, I would have exercised my right to remain silent anyway.

          • Twinklebreeze @lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            7 months ago

            You sound insufferable. You used vague wording to justify not using your phone to get internet, and act like child when you get caught. They’re not hostile to Ethernet, they’re hostile to you and your behaviour.

            • coffeeClean@infosec.pubOP
              link
              fedilink
              English
              arrow-up
              0
              ·
              edit-2
              7 months ago

              You set a great example of getting mad at a bitch eating crackers.

              I merely tried to get online using an ethernet cable. I didn’t get hostile. I was calm. And because I was calm, the librarian became calm. The only hostility was in the librarian’s single opening comment to me, and what you see in this thread.

              • null@slrpnk.net
                link
                fedilink
                English
                arrow-up
                1
                ·
                7 months ago

                Could I be in the wrong? No, it must be literally everyone else in this entire thread / national library network.

                Grow up. You set out to get in trouble, you got yourself in trouble, no one is impressed.

                • coffeeClean@infosec.pubOP
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  edit-2
                  6 months ago

                  Could I be in the wrong? No, it must be literally everyone else in this entire thread / national library network.

                  Is your position so weak that you need to resort to a bandwagon fallacy?

                  Grow up.

                  and an ad hominem?

                  You demonstrate being a grown up by avoiding ad hominems in favor of logically sound reasoning.

    • wahming@monyet.cc
      link
      fedilink
      English
      arrow-up
      0
      arrow-down
      1
      ·
      7 months ago

      “Do you have ethernet or wired internet?” is actually a common library question and the response from whoever works the front desk will likely tell you everything you need to know.

      Would you trust the reply somebody like the librarian in the OP gave you? Seems like the sort of person who would refuse to admit to any lack of knowledge and just bluster.

      • EssentialCoffee@midwest.social
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        Do you trust every one-sided story to be entirely accurate of all details?

        And what does trust have to do with it? Can we use Ethernet here? If the person says no, would you just walk around the building until you found a port and plugged in?

        • coffeeClean@infosec.pubOP
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          7 months ago

          And what does trust have to do with it?

          I think they mean trust in the librarian to genuinely know the policy and what should work. They tend not to in this case because ethernet has become obscure enough to be an uncommon question, if ever.

          Another library had ethernet ports all down the wall next to desks. They were dead and no one used them. It was obvious that the librarian had no clue about whether the ports were even supposed to function. When I said they are dead and asked to turn them on or find out what’s wrong, they then figured that if the ports don’t work, it must be intentional. So the librarian’s understanding of the policy was derived from the fact that they were dysfunctional. Of course if they were intended to work but needed service, ethernet users are hosed because the librarian’s understanding of policy is guesswork. There is no proper support mechanism.

          I asked a librarian at another library: I need to use Tor. Is it blocked? I need to know before I buy a membership. Librarian had no idea. They just wing it. They said test it. Basically, if it works, then it’s acceptable. The functionality becomes the source of policy under the presumption that everything is functioning as it should.

          Since ethernet has been phased out, modern devices no longer include an ethernet NIC, and there are places to plug into A/C with no ethernet nearby, the librarians and the public are both conditioned to be unaware of ethernet. So the answer will only be either: no or test and see.

        • wahming@monyet.cc
          link
          fedilink
          English
          arrow-up
          0
          arrow-down
          1
          ·
          edit-2
          7 months ago

          Do you trust every one-sided story to be entirely accurate of all details?

          No, but for the sake of discussion in this thread, that is the scenario we’re all going by. We’re not rendering a legal judgement here, we’re discussing the situation as described.

          In a public library, I would fully expect public-facing ethernet ports, especially in sitting / working areas, to be available for public use. I’m not sure why they would be there otherwise. And if they’re no longer meant for public use, it would be on the library IT staff to have disabled those ports.

          what does trust have to do with it?

          Because I don’t trust non-IT-savvy people to even properly understand the question. I’ve met way too many people with no technical clue who refuse to admit to any sort of lack of knowledge when it’s extremely obvious.

            • wahming@monyet.cc
              link
              fedilink
              English
              arrow-up
              0
              ·
              7 months ago

              We could discuss all sorts of hypotheticals, including where there’s a secret supervillain base under the library and they’re about to assassinate OP for jacking into their network. It’s pointless because we’re not discussing an event we have any way of obtaining any other information about other than what OP has provided.

  • Truck_kun@beehaw.org
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    7 months ago

    My first reaction is yeah, you don’t just plug into random Ethernet.

    The wi-fi is likely a visitor network setup for guests to the library. That ethernet port could provide access to their private intranet, and be a security risk to the library. Worst case scenario, it could result in malware, ransomware, and/or millions of dollars in expenses to recover (on a library budget, that could mean permanently shutting down the library even).

    After reading your post, I would say, no harm intended, just don’t do it again.

    After reading your comments about intentionally being vague about ‘plugging in’ to lead the librarian to think you were asking to plug in a power cord, and not specifically meaning ethernet connection… yeah, you’re clearly in the wrong. Just be up front; if they say no, so be it. They may be able to direct you to a visitor ethernet plug-in, or maybe not. If this were an AITA thread, i’d say yes, YTA in this case.

    Asking in an security community… I would assume some level of technical awareness, and you are likely well aware of network segmentation, and that no IT department would be happy about a guest plugging their laptop into random rj-45 jacks around the building. Maybe it’s not well designed, and that actually has access to firewall administration?

    • coffeeClean@infosec.pubOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      6 months ago

      After reading your post, I would say, no harm intended, just don’t do it again.

      You may be misunderstanding the thesis. This is not really about staying out of trouble. Or more precisely, as an activist up to my neck in trouble it’s about getting into the right trouble. The thesis is about this trend of marginalising people with either no phone and/or shitty wifi gear/software and a dozen or so demographics of people therein who do not so easily give up their rights. It’s about exclusivity of public services funded with public money. Civil disobedience is an important tool for justice outside of courts.

      The security matter is really about competency and cost. The main problem is likely in the requirements specification conveyed to the large tech firms that received the contract. From where I sit, it appears they were simply told “give people wifi”, probably by people who don’t know the difference between wifi and internet. In which case the tech supplier should have been diligent and competent enough to ask “do you want us to exclude segments of the public who have no wifi gear and those without phones?”

  • MisshapenDeviate@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    0
    ·
    7 months ago

    If it was a publicly available Ethernet port, it was likely for public use. The fact that she thought it was malicious speaks to ignorance on her part, not yours.

    • halcyoncmdr@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      7 months ago

      Even ignoring that, if internet via a wired ethernet connection isn’t an option they provide for whatever reason… their network infrastructure shouldn’t allow the connection anyway. It should be blocked as an unknown device on the network end, regardless if someone plugs into the network.

      • DoomBot5@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        1
        ·
        7 months ago

        Yeah, having services blocked on Wi-Fi and not ethernet just tells me that their IT staff didn’t properly configure the network in public areas properly. That ethernet port should have been disabled, physically locked, or properly configured to use the public network like the Wi-Fi does.

        • halcyoncmdr@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          7 months ago

          Exactly, and let’s give them the benefit of the doubt since we don’t know. The librarian or assistant helping OP probably just doesn’t know much about the IT stuff other than how to help people get on the wifi. And it is entirely possible that they’re NEVER seen anyone even try the port before, that’s not common at all. Actually managing the IT infrastructure at that level is almost surely NOT part of their job.

          WiFi has been included in essentially everything for over a decade. I mean even ignoring laptops having Wifi way before mobile devices, even going back to the origin of smartphones for the masses, the original iPhone had Wifi back in 2007, that’s 17 years ago.

          • DoomBot5@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            arrow-down
            1
            ·
            7 months ago

            Oh I’ve got nothing against how the librarians handled it. I’m more concerned that their IT staff failed to properly shield the library from liabilities like OP.

  • MehBlah@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    7 months ago

    Good luck with that here. No port you can access will give you a IP If its hot at all. We don’t allow patron machines to use Ethernet since it bypasses the QOS setting for the public WiFi. We also don’t have any requirements to connect to our WiFi.

    The reason for not allowing this is simple. We had several people come in and abuse usage of wired connections. Specifically people with consoles that thought it was okay to come in and kill our Patron vlan to download that fifty gig update for their console.

    • r00ty@kbin.life
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      7 months ago

      Meh. So my point of view is that qos for Internet is better done at layer 3. Layer 2 qos has its place, but layer 3 is going to let you prioritise services better.

      Moreso, if you do it at layer 3 you don’t need to worry about people using ethernet. Every person using ethernet is one less using the extremely finite resources WiFi has. Every active station puts a load on WiFi, less so with the latest versions but they still exhibit a lot of the same problems that mean many workstations can kill WiFi performance.

      If you setup your network right (you can actually, although I’ve not seen it too often, setup guests networks on ethernet before WiFi, such that stations cannot see eachother directly) there’s no reason at all to fear ethernet.

  • verassol@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    arrow-down
    1
    ·
    7 months ago

    have a principled objection to a service financed by public money forcing people to install and execute proprietary non-free software on their own hardware

    You are on spot there, but sadly even legislators are far from understanding the reasons why this matters so much, let alone the general public.

    Whatever security policy they have, it shouldn’t require you installing a random executable to your system. And it was flawed enough that it didn’t care to give your device access.

    And by the way, it’s so awesome you carry an ethernet cable around!!