109
Has ethernet become illegitimate? A librarian flipped out after spotting me using ethernet (infosec.pub)
submitted 4 months ago* (last edited 4 months ago) by coffeeClean@infosec.pub to c/cybersecurity@infosec.pub
102 comments fedilink hide all child comments

I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scripts and configs to use clearnet, so the library’s internet is useless to me (unless I bother to try a tor bridge).

I was packing my laptop and a librarian spotted me unplugging my ethernet cable and approached me with big wide open eyes and pannicked angry voice (as if to be addressing a child that did something naughty), and said “you can’t do that!”

I have a lot of reasons for favoring ethernet, like not carrying a mobile phone that can facilitate the SMS verify that the library’s captive portal imposes, not to mention I’m not eager to share my mobile number willy nilly. The reason I actually gave her was that that I run a free software based system and the wifi drivers or firmware are proprietary so my wifi card doesn’t work¹. She was also worried that I was stealing an ethernet cable and I had to explain that I carry an ethernet cable with me, which she struggled to believe for a moment. When I said it didn’t work, she was like “good, I’m not surprised”, or something like that.

¹ In reality, I have whatever proprietary garbage my wifi NIC needs, but have a principled objection to a service financed by public money forcing people to install and execute proprietary non-free software on their own hardware. But there’s little hope for getting through to a librarian in the situation at hand, whereby I might as well have been caught disassembling their PCs.

top 50 comments
sorted by: hot top controversial new old
[-] Album@lemmy.ca 144 points 4 months ago* (last edited 4 months ago)

The reality despite what you or i might do, is that 99% of people don't carry around an ethernet or hardwire in when there is available wifi.

The library might be public, but it's still a good idea to communicate your intent or obtain permission prior to using someone else's network in away they might deem to be unexpected.

"Do you have ethernet or wired internet?" is actually a common library question and the response from whoever works the front desk will likely tell you everything you need to know.

[-] originalfrozenbanana@lemm.ee 104 points 4 months ago

Or, and hear me out, approach everything with hostility \s

[-] Bonesince1997@lemmy.world 14 points 4 months ago

I have been trying this for a while. You end up alone a lot.

[-] Kit 10 points 4 months ago

Instructions unclear. Am friendly 100% of the time irl and still alone.

load more comments (1 replies)
[-] wahming@monyet.cc 22 points 4 months ago

“Do you have ethernet or wired internet?” is actually a common library question and the response from whoever works the front desk will likely tell you everything you need to know.

Would you trust the reply somebody like the librarian in the OP gave you? Seems like the sort of person who would refuse to admit to any lack of knowledge and just bluster.

[-] EssentialCoffee@midwest.social 36 points 4 months ago

Do you trust every one-sided story to be entirely accurate of all details?

And what does trust have to do with it? Can we use Ethernet here? If the person says no, would you just walk around the building until you found a port and plugged in?

[-] wahming@monyet.cc 10 points 4 months ago* (last edited 4 months ago)

Do you trust every one-sided story to be entirely accurate of all details?

No, but for the sake of discussion in this thread, that is the scenario we're all going by. We're not rendering a legal judgement here, we're discussing the situation as described.

In a public library, I would fully expect public-facing ethernet ports, especially in sitting / working areas, to be available for public use. I'm not sure why they would be there otherwise. And if they're no longer meant for public use, it would be on the library IT staff to have disabled those ports.

what does trust have to do with it?

Because I don't trust non-IT-savvy people to even properly understand the question. I've met way too many people with no technical clue who refuse to admit to any sort of lack of knowledge when it's extremely obvious.

[-] Album@lemmy.ca 21 points 4 months ago

If the LIBRARIAN doesn't understand this as a service the library offers - then they don't offer it - or if you think they're wrong you need to have an adult conversation that they do and that it should be ok. It's weird to just assume you can go around sticking your cat5e into other peoples ethernet ports like that.

load more comments (3 replies)
load more comments (4 replies)
[-] CyberSeeker@discuss.tchncs.de 16 points 4 months ago

As far as people I’d trust to not just make shit up, I’d say Librarian, aka, professional fucking researcher is high on the list.

load more comments (1 replies)
[-] PM_Your_Nudes_Please@lemmy.world 11 points 4 months ago

Would you trust the reply somebody like the librarian in the OP gave you?

I mean, if the answer is “no” would you just go around plugging into random Ethernet ports until you found one that works? Just because you don’t “trust” the librarian who gave you the answer? That sounds like a fast track to getting trespassed (or at least banned from using their public internet altogether) for abuse of services.

The library isn’t required to provide free Ethernet. They aren’t even required to provide free wifi. But they choose to do so because they recognize that wifi is a big reason people will come to a library to spend time. Which is sort of the whole point of the library. So providing free wifi goes hand-in-hand with the library’s ultimate mission.

But that wifi is provided on an as-is basis, because they can’t guarantee things like 100% uptime, good speeds, or any kind of troubleshooting. And any potential ethernet connection would also be as-is. And in this case, “as-is” could easily translate to “not available to the public at all.” Because again, the library isn’t required to provide any of it.

[-] Album@lemmy.ca 8 points 4 months ago

It's kind of all that matters though. We don't need to trust her - we need her acceptance of the act for which she is the gatekeeper of. If we don't have it - trust over what she said is irrelevant since we don't even have the basic trust over the act.

load more comments (1 replies)
load more comments (12 replies)
[-] charonn0@startrek.website 73 points 4 months ago

Does the library provide ethernet jacks for patrons to use? If not then I can understand why a librarian would be surprised.

[-] casual_turtle_stew_enjoyer@sh.itjust.works 54 points 4 months ago

yeah OP needs to provide this detail specifically as it changes everything.

If the Ethernet jack was not on a desk, then it wasn't there for them to use. If they unplugged a cable to make it accessible, that is unfortunately enough to be considered tampering.

If an Ethernet jack was not expressly provided, unoccupied, at the technology access station then yes the access to Ethernet information facilities was unauthorized and illegitimate and could carry legal ramifications. Say what you want about proprietary wifi drivers, you get the access you are given and any attempts to gain further access without authorization are defined as intrusion attempts and will more likely than not be treated as such to some degree. Because honestly, the libraries aren't funded enough to have great security and Ethernet security is harder than WiFi security in practice, despite the challenges being characterized by the same principles.

[-] PM_Your_Nudes_Please@lemmy.world 11 points 4 months ago

Yeah, any half decent city IT department will at least be using port filtering for their switches anyways. Unless a port is specifically set up to provide open access to the internet, all OP would be able to do is bonk against the city IT’s MAC address filter until the port was disabled for having an unrecognized device/suspicious activity.

In my building, (and pretty much any city building I’ve ever worked in,) only specific ports were set up to provide open internet access. And usually those ports are in places that need to be unlocked, and which OP wouldn’t have ready access to without a fun little bit of breaking and entering. Because those ports aren’t intended for the general public to use; They’re meant for presenters, speakers, clients who have rented a room for the day, etc… The general public is meant to use the free wifi. Because there’s a different level of service expected if you’re renting a room, vs simply camping out all day in the quiet study area.

When OP tries to bypass that by plugging straight in, the switch will just go “lol git fukd loser” and disable the port. Of fucking course they weren’t able to access anything, because the port isn’t there for OP; It’s for the IT department to be able to use whenever they need to set up a new computer, or book checkout station, or simply to plug their city-owned laptop in to be able to use the city network.

[-] DoomBot5@lemmy.world 72 points 4 months ago

I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scripts and configs to use clearnet, so the library’s internet is useless to me (unless I bother to try a tor bridge).

Yeah... Trying to bypass their security by using ethernet instead of Wi-Fi to use your own stuff that's being blocked is tantamount to abusing the library's services. Someone should let the IT staff know so they can properly block those services on ethernet as well.

[-] deweydecibel@lemmy.world 12 points 4 months ago* (last edited 4 months ago)

They should just be disabling the ports, frankly. The overwhelming majority of visitors will never miss them. If you need to use a computer on an Ethernet connection because you can't/won't use the Wi-Fi, most libraries provide desktop stations for you to use.

Keep some Wi-Fi USB dongles in the drawer at the front desk for people whose Wi-Fi isn't working, or the extreme edge case where somebody has some sort of device that can only use an ethernet connection, and for some reason they brought it to the library.

load more comments (1 replies)
load more comments (4 replies)
[-] MehBlah@lemmy.world 35 points 4 months ago

Good luck with that here. No port you can access will give you a IP If its hot at all. We don't allow patron machines to use Ethernet since it bypasses the QOS setting for the public WiFi. We also don't have any requirements to connect to our WiFi.

The reason for not allowing this is simple. We had several people come in and abuse usage of wired connections. Specifically people with consoles that thought it was okay to come in and kill our Patron vlan to download that fifty gig update for their console.

load more comments (4 replies)
[-] Truck_kun@beehaw.org 34 points 4 months ago* (last edited 4 months ago)

My first reaction is yeah, you don't just plug into random Ethernet.

The wi-fi is likely a visitor network setup for guests to the library. That ethernet port could provide access to their private intranet, and be a security risk to the library. Worst case scenario, it could result in malware, ransomware, and/or millions of dollars in expenses to recover (on a library budget, that could mean permanently shutting down the library even).

After reading your post, I would say, no harm intended, just don't do it again.

After reading your comments about intentionally being vague about 'plugging in' to lead the librarian to think you were asking to plug in a power cord, and not specifically meaning ethernet connection.... yeah, you're clearly in the wrong. Just be up front; if they say no, so be it. They may be able to direct you to a visitor ethernet plug-in, or maybe not. If this were an AITA thread, i'd say yes, YTA in this case.

Asking in an security community.... I would assume some level of technical awareness, and you are likely well aware of network segmentation, and that no IT department would be happy about a guest plugging their laptop into random rj-45 jacks around the building. Maybe it's not well designed, and that actually has access to firewall administration?

load more comments (3 replies)
[-] wahming@monyet.cc 22 points 4 months ago

Sounds like a her problem.

[-] YurkshireLad@lemmy.ca 19 points 4 months ago

I can’t rant against librarians. My friend has been a librarian for many years and she has put up with a hell of a lot of crap from people. So be kind, be patient and be honest with them.

Obviously not all librarians, like any job, are perfect.

load more comments (1 replies)
[-] amio@kbin.social 19 points 4 months ago

It's their network that they are offering as a service, if they say no then no it is.

load more comments (20 replies)
[-] MisshapenDeviate@lemmy.dbzer0.com 16 points 4 months ago

If it was a publicly available Ethernet port, it was likely for public use. The fact that she thought it was malicious speaks to ignorance on her part, not yours.

[-] halcyoncmdr@lemmy.world 16 points 4 months ago

Even ignoring that, if internet via a wired ethernet connection isn't an option they provide for whatever reason... their network infrastructure shouldn't allow the connection anyway. It should be blocked as an unknown device on the network end, regardless if someone plugs into the network.

load more comments (3 replies)
[-] BolexForSoup@kbin.social 15 points 4 months ago

Or you could just ask them to avoid confusion as it takes 5 seconds and they may have a way of doing things that you don't know about? It's respectful and it potentially saves you a lot of hassle if it doesn't work and you need to troubleshoot it.

[-] Icalasari@fedia.io 11 points 4 months ago

Yeah. For all we know, there could be a sign in/out thing at the desk for if you use ethernet - She DID think OP was taking one of the library's cables after all, which implies the public has access, possibly through a sign in/out system

load more comments (1 replies)
[-] lemmyreader@lemmy.ml 14 points 4 months ago
  • Most folks will probably freak out when they see a terminal window ("DOS box") on a computer.
  • Most folks in my country have no idea that there is something else than WhatsApp as alternative to SMS.
  • Whenever I've tried explaining to people that stuff on their website violates privacy or when I try to explain why they are having email delivery problems almost always results in permanent silence or disbelief.

Technology appears to be a scare factor for a lot of people. But in this case the librarian maybe thought that Ethernet was only for their qualified IT department to use.

load more comments (1 replies)
[-] mystik@lemmy.world 12 points 4 months ago

It's uncommon for 'public use' ethernet ports to exist, unless they are clearly labeled. The ethernet ports might grant access to the internal network, which, is easy to accidentally do. A non-profit library with a limited budget might overlook all the extra protections on open ports (enable/disable ports as needed, use 802.11x port-based authentication, internal SSL, etc), that would be necessary to secure it. Or, even better; that RJ45 port might be wired up to an old PBX, and you may have fried their telephone system, or your own hardware.

[-] apotheotic@beehaw.org 10 points 4 months ago

You need to really, deeply consider what your stance is when you're painting libraries and librarians as the bad guys.

load more comments (4 replies)
[-] thelasttoot@lemmy.world 8 points 4 months ago

The wifi is for public use. The Ethernet isn't. How is that so hard to understand?

load more comments (1 replies)
[-] Doom4535@lemmy.sdf.org 7 points 4 months ago* (last edited 4 months ago)

This sounds odd to me, unless you connected to an Ethernet port behind a desk or somehow forced open a network closet… They also might not like it if you disconnected one of the public computers to use its cable/port; otherwise if this was an open and public port, you used it as designed and the librarian probably has watched too many Hollywood hacking movies. I have to admit, I never thought of this as a way to bypass the captive portal (sorta just assumed everyone going through the public network would have to hit it, kinda of the equivalent to having everyone sign a liability waiver).

With that said, I can see some institutions not liking connections that aren’t part of the more traditional/commercial networking (but it doesn’t sound like the library took issue with your traffic, just the librarian didn’t like the PHY link you chose to use). For the SMS thing (I haven’t seen that used in a while, you might be able to use some sort of burner number app if they don’t filter them).

load more comments (1 replies)
load more comments
view more: next ›
this post was submitted on 29 Apr 2024
109 points (100.0% liked)

cybersecurity

3155 readers
6 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
shellsharks@infosec.pub
tweedge@infosec.pub