I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scripts and configs to use clearnet, so the library’s internet is useless to me (unless I bother to try a tor bridge).
I was packing my laptop and a librarian spotted me unplugging my ethernet cable and approached me with big wide open eyes and pannicked angry voice (as if to be addressing a child that did something naughty), and said “you can’t do that!”
I have a lot of reasons for favoring ethernet, like not carrying a mobile phone that can facilitate the SMS verify that the library’s captive portal imposes, not to mention I’m not eager to share my mobile number willy nilly. The reason I actually gave her was that that I run a free software based system and the wifi drivers or firmware are proprietary so my wifi card doesn’t work¹. She was also worried that I was stealing an ethernet cable and I had to explain that I carry an ethernet cable with me, which she struggled to believe for a moment. When I said it didn’t work, she was like “good, I’m not surprised”, or something like that.
¹ In reality, I have whatever proprietary garbage my wifi NIC needs, but have a principled objection to a service financed by public money forcing people to install and execute proprietary non-free software on their own hardware. But there’s little hope for getting through to a librarian in the situation at hand, whereby I might as well have been caught disassembling their PCs.
The reality despite what you or i might do, is that 99% of people don’t carry around an ethernet or hardwire in when there is available wifi.
The library might be public, but it’s still a good idea to communicate your intent or obtain permission prior to using someone else’s network in away they might deem to be unexpected.
“Do you have ethernet or wired internet?” is actually a common library question and the response from whoever works the front desk will likely tell you everything you need to know.
Or, and hear me out, approach everything with hostility \s
That’s why I carry an ethernet cable and a shillelagh.
Ethernet cable is the best cantrip, shillelagh is a close second
Whip them with the cable while shouting “ELDRITCH BLAST!”
“Do you have ethernet or wired internet?” is actually a common library question and the response from whoever works the front desk will likely tell you everything you need to know.
Would you trust the reply somebody like the librarian in the OP gave you? Seems like the sort of person who would refuse to admit to any lack of knowledge and just bluster.
Do you trust every one-sided story to be entirely accurate of all details?
And what does trust have to do with it? Can we use Ethernet here? If the person says no, would you just walk around the building until you found a port and plugged in?
Do you trust every one-sided story to be entirely accurate of all details?
No, but for the sake of discussion in this thread, that is the scenario we’re all going by. We’re not rendering a legal judgement here, we’re discussing the situation as described.
In a public library, I would fully expect public-facing ethernet ports, especially in sitting / working areas, to be available for public use. I’m not sure why they would be there otherwise. And if they’re no longer meant for public use, it would be on the library IT staff to have disabled those ports.
what does trust have to do with it?
Because I don’t trust non-IT-savvy people to even properly understand the question. I’ve met way too many people with no technical clue who refuse to admit to any sort of lack of knowledge when it’s extremely obvious.
If the LIBRARIAN doesn’t understand this as a service the library offers - then they don’t offer it - or if you think they’re wrong you need to have an adult conversation that they do and that it should be ok. It’s weird to just assume you can go around sticking your cat5e into other peoples ethernet ports like that.
spoiler
asdfasdfsadfasfasdf
We could discuss all sorts of hypotheticals, including where there’s a secret supervillain base under the library and they’re about to assassinate OP for jacking into their network. It’s pointless because we’re not discussing an event we have any way of obtaining any other information about other than what OP has provided.
spoiler
asdfasdfsadfasfasdf
And what does trust have to do with it?
I think they mean trust in the librarian to genuinely know the policy and what should work. They tend not to in this case because ethernet has become obscure enough to be an uncommon question, if ever.
Another library had ethernet ports all down the wall next to desks. They were dead and no one used them. It was obvious that the librarian had no clue about whether the ports were even supposed to function. When I said they are dead and asked to turn them on or find out what’s wrong, they then figured that if the ports don’t work, it must be intentional. So the librarian’s understanding of the policy was derived from the fact that they were dysfunctional. Of course if they were intended to work but needed service, ethernet users are hosed because the librarian’s understanding of policy is guesswork. There is no proper support mechanism.
I asked a librarian at another library: I need to use Tor. Is it blocked? I need to know before I buy a membership. Librarian had no idea. They just wing it. They said test it. Basically, if it works, then it’s acceptable. The functionality becomes the source of policy under the presumption that everything is functioning as it should.
Since ethernet has been phased out, modern devices no longer include an ethernet NIC, and there are places to plug into A/C with no ethernet nearby, the librarians and the public are both conditioned to be unaware of ethernet. So the answer will only be either: no or test and see.
spoiler
asdfasdfsadfasfasdf
OP also wanted to know before “buying a membership”. In what world do you buy a membership to a library?
spoiler
asdfasdfsadfasfasdf
As far as people I’d trust to not just make shit up, I’d say Librarian, aka, professional fucking researcher is high on the list.
That pretty much depends on where in the world you are, FYI. Librarian == professional fucking researcher is not a thing in Asia.
It’s kind of all that matters though. We don’t need to trust her - we need her acceptance of the act for which she is the gatekeeper of. If we don’t have it - trust over what she said is irrelevant since we don’t even have the basic trust over the act.
When I entered I spoke to a different librarian about the locked PC room (due to a holiday or something). They said I could use wifi but need to give a phone number to a captive portal, which I already knew. My phone was not on me so I said: is it okay if I plug in over there by the catalog PCs? They said yes. Revealing what I mean by "plugging in”, well, i was vague for a reason. I know the population has become ethernet-hostile¹ so indeed asking for forgiveness is better than asking for permission in this situation.
¹ Another library in the area has ethernet ports but they are just decoys (dead ports). I asked the librarian what the problem is, why they are disabled, and whether we can turn them on. Librarian was helpless, and said “use wifi”, which didn’t work for me for different reasons than the other library. But the librarian basically said in so many words “not our problem… you can just use wifi.” At another library, I was able to connect but Tor was blocked. I tried to get support from the librarian. They had no clue but were also unwilling to lead me to someone who could give support. The way it works around here is the info systems are outsourced to some unreachable tech giant, and the librarians are rendered helpless. If the SSID does not appear, the librarian can send an email to someone to say it’s down, and that’s about the full extent of their tech capability.
Why didn’t you tell this librarian that you’d asked another librarian and they said it was okay to plug in? Why was none of this included in the original post?
The librarian who said it was okay to plugin (which they likely understood to mean plugin an A/C power cord) was young, not as senior as the edgy librarian. I’m not going to take down a kid and get them in trouble for not picking apart what it means when someone asks if they can “plug-in”.
People like Trump will throw his supporters under the bus when self-defense calls for it. I will not.
What would the point be? I didn’t need a defense. I got scolded and was walking out. Since I was calm, the librarian became calm. Police were not called and I was not detained. And if that had happened, I would have exercised my right to remain silent anyway.
Does the library provide ethernet jacks for patrons to use? If not then I can understand why a librarian would be surprised.
My first reaction is yeah, you don’t just plug into random Ethernet.
The wi-fi is likely a visitor network setup for guests to the library. That ethernet port could provide access to their private intranet, and be a security risk to the library. Worst case scenario, it could result in malware, ransomware, and/or millions of dollars in expenses to recover (on a library budget, that could mean permanently shutting down the library even).
After reading your post, I would say, no harm intended, just don’t do it again.
After reading your comments about intentionally being vague about ‘plugging in’ to lead the librarian to think you were asking to plug in a power cord, and not specifically meaning ethernet connection… yeah, you’re clearly in the wrong. Just be up front; if they say no, so be it. They may be able to direct you to a visitor ethernet plug-in, or maybe not. If this were an AITA thread, i’d say yes, YTA in this case.
Asking in an security community… I would assume some level of technical awareness, and you are likely well aware of network segmentation, and that no IT department would be happy about a guest plugging their laptop into random rj-45 jacks around the building. Maybe it’s not well designed, and that actually has access to firewall administration?
After reading your post, I would say, no harm intended, just don’t do it again.
You may be misunderstanding the thesis. This is not really about staying out of trouble. Or more precisely, as an activist up to my neck in trouble it’s about getting into the right trouble. The thesis is about this trend of marginalising people with either no phone and/or shitty wifi gear/software and a dozen or so demographics of people therein who do not so easily give up their rights. It’s about exclusivity of public services funded with public money. Civil disobedience is an important tool for justice outside of courts.
The security matter is really about competency and cost. The main problem is likely in the requirements specification conveyed to the large tech firms that received the contract. From where I sit, it appears they were simply told “give people wifi”, probably by people who don’t know the difference between wifi and internet. In which case the tech supplier should have been diligent and competent enough to ask “do you want us to exclude segments of the public who have no wifi gear and those without phones?”
spoiler
asdfasdfsadfasfasdf
Also, it is a library… very real possibility they have actual computers you can use/borrow for people that cant use their wifi for whatever reason (such as not having a laptop/tablet/smartphone).
I can’t rant against librarians. My friend has been a librarian for many years and she has put up with a hell of a lot of crap from people. So be kind, be patient and be honest with them.
Obviously not all librarians, like any job, are perfect.
It’s their network that they are offering as a service, if they say no then no it is.
Private libraries are quite rare. I think only one employer I worked for had an on-site private library where the assets are not publicly owned. It’s rare. Most libraries are public.
My post is about public libraries, which were financed with public money. It’s worth noting the Universal Declaration of Human Rights:
Article 21
¶2) Everyone has the right of equal access to public service in his country.That includes public libraries. It’s disgusting that you endorse discriminating against people without mobile phones and private subscriptions in the course of accessing public resources.
It’s disgusting that you endorse discriminating against people
If you’re not trolling - poorly - then you obviously have massive issues. I would encourage you to seek out some help for those.
You have the right to access the internet through WiFi like everyone else. So where’s the problem?
That “right” is exclusively available to people who:
- have a mobile phone
- who carry it with them
- who have working wifi hardware
The Universal Declaration of Human Rights has no such limitation on Article 21.
Bruh it’s library Internet access, not a human rights violation
You need to read Article 21. And as you read it, keep in mind it’s a public library.
(edit) There was a day when black people were denied access to the library. I suppose you would have said “Bruh, denying books is not a human rights violation” without any kind of legal rationale that articulates the meaning of Article 21.
Bizarre that so many here think it’s human-rights compliant to block poor people (those without phones) from public internet; who are in fact the people who need it most as governments are abolishing analog mechanisms of public service. Would be interesting to survey that same crowd on how many of them find it okay to block black people from publicly owned books. People can’t be this obtuse. It’s likely a high density of right-wing conservatives here, who understand human rights law but simply condemn anything they regard as competing with their privilege.
Libraries usually have computers available for use.
You are the one being obtuse.
The UDHR is not a treaty, so it does not create any direct legal bindings. The article you quote may have been excluded, overwritten or rephrased in your jurisdiction.
The UDHR is not a treaty, so it does not create any direct legal bindings.
Sure, but where are you going with this? Legal binding only matters in situations of legal action and orthogonal to its application in a discussion in a forum. Human rights violations are rampant and they rarely go to The Hague (though that frequency is increasing). Human rights law is symbolic and carries weight in the court of public opinion. Human rights law and violations thereof get penalized to some extent simply by widespread condemnation by the public. So of course it’s useful to spotlight HR violations in a pubic forum. It doesn’t require a court’s involvement.
The judge who presided over the merits of the Israel genocide situation explained this quite well in a recent interview. If you expect an international court to single-handedly remedy cases before it, your expectations are off. The international court renders judgements that are mostly symbolic. But it’s not useless. It’s just a small part of the overall role of international law.
The article you quote may have been excluded, overwritten or rephrased in your jurisdiction.
I doubt it. It’s been a while since I read the exemptions of the various rights but I do not recall any mods to Article 21. The modifications do not generally wholly exclude an article outright. They typically make some slight modification, such as some signatories limiting free assembly (Art.20 IIRC) to /safe/ gatherings so unsafe gatherings can be broken up. I would not expect to see libraries excluded from the provision that people are entitled to equal access to public services considering there is also Article 27:
“Everyone has the right freely to participate in the cultural life of the community, to enjoy the arts and to share in scientific advancement and its benefits.”
The European HR convocations take that even further iirc.
You are still citing the UDHR as it was law. It is not, so nobody needs to modify Article 21 to violate it as long as established law doesn’t recognize it.
If you really want to argue about general guidelines, the UDHR is inadequate because it’s just a draft. What you want is the International Covenant on Civil and Political Rights, which is its main successor, and is at least a treaty and also ratified by most countries in the world.
Still, ratifying a treaty still doesn’t make it established law, it’s just an obligation to implement the treaty as best as is possible into your domestic jurisdiction. Failure to do so will be met with finger-waggling at the next UN meeting, so it’s more of an apparatus of peer pressure than anything else.
I have to say I didn’t downvote you as you’ve been civil and informative so far. But I’m not sure how to cite/quote from the UDHR as though it’s not law. I named the article and pasted the text. For me whether the enforcement machinery is in force doesn’t matter w.r.t to the merits of the discussion. From where I sit, many nations signed the UDHR because it has a baseline of principles worthy of being held in high regard. When the principles are violated outside the context of an enforcement body, the relevance of legal actionability is a separate matter. We are in a forum where we can say: here is a great idea for how to treat human beings with dignity and equality, and here that principle is being violated. There is no court in the loop. Finger wagging manifests from public support and that energy can make corrections in countless ways. Even direct consumer actions like boycotts. Israel is not being held to account for Gaza but people are boycotting Israel.
I guess I’m not grasping your thesis. Are you saying that if a solidly codified national law was not breached, then it’s not worthwhile to spotlight acts that undermine the UDHR principles we hold in high regard?
You can use it but on their terms. Your privacy doesnt mean anything to them, they are protecting themselves. Captive portal is likely making you agree to not abuse the service.
Also you’re choosing not to participate which is fair but they don’t need to support that.
You can use it but on their terms.
Not without a phone.
Captive portal is likely making you agree to not abuse the service.
Have you forgotten that an agreement can be made on paper?
Nothing about a captive portal requires wifi. There are many ways to get that agreement. Neglecting to make the agreement part of the ToS when you become a member is just reckless.
Their terms require a phone so yes, on their terms. Why would they make an exception for anyone?
Their captive portal requires wifi and thats all that matters. And why would they want to deal with paper agreements for WiFi?
You don’t have to be a member to use WiFi, someone else could have given you the password if there even is one, so ya even if you did agree when signing up it would make sense to still require that.
I implement these kind of setups including a couple libraries and while I would have Ethernet ports available if within budget, I would not allow you to bypass captive portal, the agreement, or traffic filtering. I don’t care what you are doing but I am required to try not to allow easy access to questionable content. If someone is doing something illegal it’s gonna involve the library if you get caught (that’s why the phone number but maybe they are just being shitty with it). Not worth the risk. Also a lot of those decisions are made by a board so being upset with the staff won’t accomplish anything. Wifi is cheap, pulling cable can be very costly in comparison and depending on building type can be hard, damaging or, not feasible. Those ports could also be broken because people don’t respect shit, that could also be the reason for their reaction.
This is all I got for you, good luck but if you want your privacy you’re likely going to have to go somewhere else.
Their terms require a phone so yes, on their terms.
I keep a copy of everything I sign. The ToS I signed on one library do not require a mobile phone. It’s an ad hoc implementation that was certainly not thought out to the extent of mirroring the demand for a mobile phone number into the agreement. And since it’s not in the agreement, this unwritten policy likely evaded the lawyer’s eyes (who likely drafted or reviewed the ToS).
Why would they make an exception for anyone?
Because their charter is not: “to provide internet service exclusively for residents who have mobile phones”.
And why would they want to deal with paper agreements for WiFi?
Paper agreements:
- do not discriminate (you cannot be a party to a captive portal agreement that you cannot reach)
- are more likely to actually be read (almost no one reads a tickbox agreement)
- inherently (or at least easily) give the non-drafting party a copy of the agreement for their records. A large volume of text on a tiny screen is unlikely to even be opened and even less likely to save it. Not having a personal copy reduces the chance of adherence to the terms.
- provide a higher standard of evidence whenever the agreement is litigated over
You don’t have to be a member to use WiFi, someone else could have given you the password if there even is one
That’s not how it works. The captive portal demands a phone number. After supplying it, an SMS verification code is sent. It’s bizarre that you would suggest asking a stranger in a library for their login info. In the case at hand, someone would have to share their mobile number, and then worry that something naughty would be done under their phone number, and possibly also put that other person at risk for helping someone circumvent the authentication (which also could be easily detected when the same phone number is used for two parallel sessions).
If someone is doing something illegal it’s gonna involve the library if you get caught (that’s why the phone number but maybe they are just being shitty with it). Not worth the risk.
Exactly what makes it awkward to ask someone else to use their phone.
Then go sue them over their lack of Your Particular Setup-compatible wifi, I guess.
Sounds like a her problem.
- Most folks will probably freak out when they see a terminal window (“DOS box”) on a computer.
- Most folks in my country have no idea that there is something else than WhatsApp as alternative to SMS.
- Whenever I’ve tried explaining to people that stuff on their website violates privacy or when I try to explain why they are having email delivery problems almost always results in permanent silence or disbelief.
Technology appears to be a scare factor for a lot of people. But in this case the librarian maybe thought that Ethernet was only for their qualified IT department to use.
Most folks will probably freak out when they see a terminal window (“DOS box”) on a computer.
Many many moons ago I was working at a small mom and pop operation that used ancient PCs to run their registers. The entirety of the front end ran on a 3.5" floppy. One night after closing, I exited to the CLI and opened edit. I typed in “HELP, STEVE BROKE ME” and went to the back to count my drawer. The shift manager had a proper shit fit.
“What are you editing?!? If you break this machine the boss is going to have your head, it’ll cost thousands to have someone come out and fix it!”
I calmly exited back to CLI and ran the front end exe. ¯\_(ツ)_/¯
You need to really, deeply consider what your stance is when you’re painting libraries and librarians as the bad guys.
You’ll have to quote me on that because I do not recall calling them baddies. I have spotlighted an irresponsible policy and flawed implementation. It’s more likely a competency issue and unlikely a case of malice (as it’s unclear whether the administration is even aware that they are excluding people).
If they are knowingly and willfully discriminating against people without mobile phones, then it could be malice. But we don’t know that so they of course have the benefit of any doubt. They likely operate on the erroneous assumption that every single patron has a mobile phone and functional wifi.
You have, throughout your comments, repeatedly spoken down toward librarians and libraries. You might not be painting them as malicious, but you’re certainly not painting them as “trying their best” or “worth having an adult conversation with instead of misrepresenting my situation intentionally”.
You have, throughout your comments, repeatedly spoken down toward librarians and libraries.
Again, you’re not quoting. You’ve already been told it’s not the case. You need to quote. You replied to the wrong message.
but you’re certainly not painting them as “trying their best”
There are many librarians with varying degrees of motivation. I spoke to one yesterday that genuinely made an effort to the best of their ability. I cannot say the same for all librarians. When I describe a problem of being unable to connect, some librarians cannot be bothered to reach out to tech support, or even so much as report upstream that someone was unable to connect.
“worth having an adult conversation with instead of misrepresenting my situation intentionally”
This is a matter of being able to read people. I don’t just bluntly blurt out a request. I start the conversation with baby steps (borderline small talk) describing the issue to assess from their words, mood, and body language the degree to which they are likely to be accommodating whatever request I am building up to. Different people get a different conversation depending on the vibe I get from them. Even the day of week is a factor. People tend to be in their best mood on Fridays and far from that on Mondays.
I’m not writing a research paper, if you’re unable to identify the things you’ve said which align with the things I’ve described then that’s fair enough and perhaps we can end this interaction here.
If it was a publicly available Ethernet port, it was likely for public use. The fact that she thought it was malicious speaks to ignorance on her part, not yours.
Or you could just ask them to avoid confusion as it takes 5 seconds and they may have a way of doing things that you don’t know about? It’s respectful and it potentially saves you a lot of hassle if it doesn’t work and you need to troubleshoot it.
Yeah. For all we know, there could be a sign in/out thing at the desk for if you use ethernet - She DID think OP was taking one of the library’s cables after all, which implies the public has access, possibly through a sign in/out system
I’ve asked librarians a full range of tech questions about what works, what’s blocked, what’s allowed… they /never/ have a clue because of outsourcing. Their guess is as good as mine. In the 90s, I would say you are spot on. Librarians should have answers. Things have evolved to where the policy is decided non-transparently, it’s outsourced to an unreachable company, and librarians are simply as uninformed as the public. Trial and error. If you read the AUPs it never says Tor is banned at libraries, for example, but they simply block it. Experimentation is the way people get answers in my area.
So knowing that librarians don’t have deep tech info, or even basic tech info, and that they also cannot escalate questions, talking to them is really where time is wasted.
I’m not surprised. I know people who don’t even know what an ethernet cable is. I’ve worked enough IT to realize that a tangled mess of 6 cables can be as horrifying as a Predator to people. It doesn’t help that everything is slowly going to POE, POE+ and even ++ now so it’s doubling as power as well. In analog video days I could look at the back of a random device and instantly figure out it’s purpose. That’s rapidly becoming a rarity. For a worrisome section of the population, plugging in an ethernet cable is the equivalent of building a table or performing a back flip.
And when it comes to hacking, good god nobody knows anything. I remember we had a dozen students in high school (around 2000ish?) get suspended for “hacking” and really it was just that a section of the student body found a network storage location without any password protection and were using it as a flash drive on school grounds. Literally they just suspended anybody who signed their name on the homework assignments stored there.
The real crime was that drive had lunch pins for all the accounts in plain text to run their system, without a password!
10+ years ago you had to bring your own ethernet cable to the University library because the WiFi couldn’t handle all the students at peak times. Wo der if it’s still the case.
This sounds odd to me, unless you connected to an Ethernet port behind a desk or somehow forced open a network closet… They also might not like it if you disconnected one of the public computers to use its cable/port; otherwise if this was an open and public port, you used it as designed and the librarian probably has watched too many Hollywood hacking movies. I have to admit, I never thought of this as a way to bypass the captive portal (sorta just assumed everyone going through the public network would have to hit it, kinda of the equivalent to having everyone sign a liability waiver).
With that said, I can see some institutions not liking connections that aren’t part of the more traditional/commercial networking (but it doesn’t sound like the library took issue with your traffic, just the librarian didn’t like the PHY link you chose to use). For the SMS thing (I haven’t seen that used in a while, you might be able to use some sort of burner number app if they don’t filter them).
have a principled objection to a service financed by public money forcing people to install and execute proprietary non-free software on their own hardware
You are on spot there, but sadly even legislators are far from understanding the reasons why this matters so much, let alone the general public.
Whatever security policy they have, it shouldn’t require you installing a random executable to your system. And it was flawed enough that it didn’t care to give your device access.
And by the way, it’s so awesome you carry an ethernet cable around!!
it’s clearly there to be used, a lot of places have ethernet jacks for that…
the librarian is just a luddite and you probably had a black hoodie and a terminal open so she assumed you were selling fentanyl to pedophile ransomware communists…I mean, I asked at a library if I could plug into the Ethernet because my laptop had an RJ45 port and I needed to download something sizable for work and the WiFi was dropping it. They let me hook up on one of the library computer ports and I left it the way I found it.
Yeah I’ve done the same in one case. Librarian green lit me plugging into the rj45 but it turned out to be a dead port. I might have been able to get permission to hijack an occupied port to an unoccupied machine but just opted to bounce instead.