Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "public wifi"
Started sniffing the packets on a public wifi hotspot. Found someone was reading TheHackerNews and got excited.😲 Later realised it was myself. 😯9
Dear public transport,
please don't advertise your fucking free wifi if you don't give enough bandwidth to even load freaking Google.
So my actual job is being a nurse at the local hospital, with coding being just a hobby. However, the way some IT–Related things are treated here are just mind-blowing. Here are some examples:
Issue: Printer is not recognized by network anymore due to not being properly plugged in
Solution: Someone has to tell the house technician, if the house technician is currently not available, ask his assistant who only works part time and like twice a week. House technician took the printer (God knows why), came back 2 days later and plugged it back in.
Issue: Printer 1 of 2 on ICU has run out of ink and since all computers default to printer 1, nobody can print.
Solution: Call the house technician, blah blah, house technician comes, takes ink cartridge of printer 2 and puts it into printer 1.
Issue: Public WiFi is broken, can be connected to but internet access is missing. Probably config issue as a result of a recent blackout.
Solution: Buy a new router, spend 5 days configuring it and complain about how hard networking is.
Issue: Computer is broken, needs to be exchanged with a new one, but how do we transfer the data?
Solution: Instead of just keeping the old hard drive, make a 182GB backup, upload it to the main file server and then download it again on the new computer.
Issue: Nurse returns from vacation, forgot the password to her network account.
Solution: Call the technician who then proceeds to open a new account, copies all the files from the old one and tells her to pick an easier password this time. She chooses "121213".12
This is kind of a horror story, with a happing ending. It contains a lot of gore images, and some porn. Very long story.
TL;DR Network upgrade
Once upon a time, there were two companies HA and HP, both owned by HC. Many years went by and the two companies worked along side each one another, but sometimes there were trouble, because they weren't sure who was supposed to bill the client for projects HA and HP had worked on together.
At HA there was an IT guy, an imbecile of such. He's very slow at doing his job, doesn't exactly understand what he's doing, nor security principles.
The IT guy at HA also did some IT work for HP from time to time when needed. But he was not in charge of the infrastructure for HP, that was the jobb for one developer who didn't really know what he was doing either.
Whenever a new server was set up at HP, the developer tried many solutions, until he landed on one, but he never removed the other tested solutions, and the config is scattered all around. And no documentation!!
Same goes with network, when something new was added, the old was never removed or reconfigured to something else.
One dark winter, a knight arrived at HP. He had many skills. Networking, server management, development, design and generally a fucking awesome viking.
This genius would often try to cleanse the network and servers, and begged his boss to let him buy new equipment to replace the old, to no prevail.
Whenever he would look in the server room, he would get shivers down his back.
One and a half year later, the powerful owners in HA, HP and HC decided it was finally time to merge HA and HP together to HS. The knight thought this was his moment, he should ask CEO if he could be in charge of migrating the network, and do a complete overhault so they could get 1Gb interwebz speeds.
The knight had to come up with a plan and some price estimates, as the IT guy also would do this.
The IT guy proposed his solution, a Sonicwall gateway to 22 000 NOK, and using a 3rd party company to manage it for 3000 NOK/month.
"This is absurd", said the knight to the CEO and CXO, "I can come up with a better solution that is a complete upgrade. And it will be super easy to manage."
The CEO and CXO gave the knight a thumbs up. The race was on. We're moving in 2 months, I got to have the equipment by then, so I need a plan by the end of the week.
He roamed the wide internet, looked at many solutions, and ended up with going for Ubiquiti's Unifi series. Cheap, reliable and pretty nice to look at.
The CXO had mentioned the WiFi at HA was pretty bad, as there was WLAN for each meeting room, and one for the desks, so the phone would constantly jump between networks.
So the knight ended up with this solution:
2x Unifi Securtiy Gateway Pro 4
2x Unifi 48port
1x Unifi 10G 16port
5x Unifi AP-AC-Lite
12x pairs of 10G unifi fibre modules
All with a price tag around the one Sonicwall for 22 000 NOK, not including patch cables, POE injectors and fibre cables.
The knight presented this to the CXO, whom is not very fond of the IT guy, and the CXO thought this was a great solution.
But the IT guy had to have a say at this too, so he was sent the solution and had 2 weeks to dispute the soltion.
Time went by, CXO started to get tired of the waiting, so he called in a meeting with the knight and the IT guy, this was the IT guys chance to dispute the solution.
All he had to say was he was familiar with the Sonicwall solution, and having a 3rd party company managing it is great.
He was given another 2 weeks to dispute the solution, yet nothing happened.
The CXO gave the thumbs up, and the knight orders the equipment.
At this time, the knight asks the IT guy for access to the server room at HA, and a key (which would take 2 months to get sorted, because IT guys is a slow imbecile)
The horrors, Oh the horrors, the knight had never seen anything like this before.
What are all these for, why is there a fan ductaped to on of the servers.
WHAT IS THIS!
Why are there cables tied in a knot.
These are questions we never will know the answers too.
The knight needs access to the servers, and sonicwall to see how this is configured.
After 1.5 month he gains access to the sonicwall and one of the xserve.
What the knight discovers baffles him.
All ports are open, sonicwall is basically in bridge mode and handing out public IPs to every device connected to it.
No VLANs, everything, just open...12
"Your complementary internet access has expired please pay for.."
"Welcome to blablabla public wifi please enjoy 1 hour of complementary internet access"
I love this tool14
On the train's public WiFi while traveling and want to use a VPN connection to one of my own VPN servers.
I'm now just realizing that the openvpn port is probably not an allowed one on this network and I set the port to the default openvpn one 😥
Fuck me sideways right now.7
HO. LY. SHIT.
So this gig I got myself into, they have a whitelist of IP addresses that are allowed to access their web server. It's work-at-home. We just got a new internet provider, and it looks like I get a different public IP address everytime I disconnect and connect to the WIFI. And since it looks like the way they work on their codebase is that you either edit the files right on the server or you download the files that you need to work on, make the changes, and then re-upload the file back to the server and refresh the website to see the changes, now I can't access the server because I get different IP addresses. And it's highly inconvenient to keep emailing them to add IP addresses to the whitelist.
No source control, just straight-up download/upload from/to the server. Like, srsly. So that also means debugging is extremely hard for me because one, they use ColdFusion and I've never used that shit before and two, how the hell do you debug with this style of work?
I just started this last Tuesday, and I already want to call it quits. This is just a pain in the ass and not worth my time. I'll be glad to just go back to driving Lyft/Uber to make money while I look for a full-time, PROPER job.
By the way, can I do that to a contracting job? Just call it quits when you haven't even finished your first task? How does this work?17
The time when I've felt like a badass, was when I was bored at a Birthday party at restaurant.
I didn't want to use my mobile data, so I tried to use the wifi of the restaurant. I didn't want to ask the password of the wifi, so I tried to get access by guessing. At first try I got it by entering "nameOfRestaurantCurrentYear".
Then I was browsing Play Store and there was a recommendation of an app (forgot the name) that analyses which the device is connected to wifi. So that got me interested that I installed on my phone.
So I played a little with and discover several Samsungs and iPhones connected to it (Some of the them had their real name next to the brand. It would be funny to yell their name out loud and they would be looking around.)
But there was one device that I didn't recognized. I searched on the web but found nothing. So later as I go to pay my part, I noticed that the credit card device had a wifi icon on it. So I looked over to the cash register and saw the name of the brand. It was the brand I didn't know of.
So basically they were using transfer payments over a public wifi.11
When I say I'm a a software developer in public. :/
"Hey can you hack a Facebook account",
"Can you fix my wifi "] ;9
Random guy messages me on Facebook
"Hey, I saw you use XYZ provider. Would you mind sharing your username and password so that I can login to public wifi networks? Many thanks."5
It seems every public business wifi in my city requires an email address to login.
Funny thing is they never verify them. I guess they think if you're dumb enough to put in your real email you'll be a sucker for whatever marketing scheme they'll send you.
I do feel bad for firstname.lastname@example.org though10
Just as all the citizens are advised to use Public Transports so that there's less traffic and its convenient for everyone,
Similarly, everyone it is advisable to use Public WiFis, so that there's less Internet Traffic and everyone gets faster and better Internet services.
An active cooperation is expected from the citizens.
Thank you and have a nice day :)
I haven't ranted for today, but I figured that I'd post a summary.
A public diary of sorts.. devRant is amazing, it even allows me to post the stuff that I'd otherwise put on a piece of paper and probably discard over time. And with keyboard support at that <3
Today has been a productive day for me. Laptop got restored with a "pacman -Syu" over a Bluetooth mobile data tethering from my phone, said phone got upgraded to an unofficial Android 9 (Pie) thanks to a comment from @undef, etc.
I've also made myself a reliable USB extension cord to be able to extend the 20-30cm USB-A male to USB-C male cord that Huawei delivered with my Nexus 6P. The USB-C to USB-C cord that allows for fast charging is unreliable.. ordered some USB-C plugs for that, in order to make some high power wire with that when they arrive.
So that plug I've made.. USB-A male to USB-A female, in which my short USB-C to USB-A wire can plug in. It's a 1M wire, with 18AWG wire for its power lines and 28AWG wires for its data lines. The 18AWG power lines can carry up to 10A of current, while the 28AWG lines can carry up to 1A. All wires were made into 1M pieces. These resulted in a very low impedance path for all of them, my multimeter measured no more than 200 milliohms across them, though I'll have to verify and finetune that on my oscilloscope with 4-wire measurement.
So the wire was good. Easy too, I just had to look up the pinout and replicate that on the male part.
That's where the rant part comes in.. in fact I've got quite uncomfortable with sentences that don't include at least one swear word at this point. All hail to devRant for allowing me to put them out there without guilt.. it changed my very mind <3
I've tried to plug my DIY extension cord into it, and plugged my phone and some USB stick into it of which I've completely forgot the filesystem. Windows certainly doesn't support it.. turns out that it was LUKS. More about that later.
Windows returned that it didn't support either of them, due to "malfunctioning at the USB device". So I went ahead and plugged in my phone directly.. works without a problem. Then I went ahead and troubleshooted the wire I've just made with a multimeter, to check for shorts.. none at all.
At that point I suspected that WanBLowS was the issue, so I booted up my (at the time) problematic Arch laptop and did the exact same thing there, testing that USB stick and my phone there by plugging it through the extension wire. Shit just worked like that. The USB stick was a LUKS medium and apparently a clone of my SanDisk rootfs that I'm storing my Arch Linux on my laptop at at the time.. an unfinished migration project (SanDisk is unstable, my other DM sticks are quite stable). The USB stick consumed about 20mA so no big deal for any USB controller. The phone consumed about 500mA (which is standard USB 2.0 so no surprise) and worked fine as well.. although the HP laptop dropped the voltage to ~4.8V like that, unlike 5.1V which is nominal for USB. Still worked without a problem.
So clearly Windows is the problem here, and this provides me one more reason to hate that piece of shit OS. Windows lovers may say that it's an issue with my particular hardware, which maybe it is. I've done the Windows plugging solely through a USB 3.0 hub, which was plugged into a USB 3.0 port on the host. Now USB 3.0 is supposed to be able to carry up to 1A rather than 500mA, so I expect all the components in there to be beefier. I've also tested the hub as part of a review, and it can carry about 1A no problem, although it seems like its supply lines aren't shorted to VCC on the host, like a sensible hub would. Instead I suspect that it's going through the hub's controller.
Regardless, this is clearly a bad design. One of the USB data lines is biased to ~3.3V if memory serves me right, while the other is biased to 300mV. The latter could impose a problem.. but again, the current path was of a very low impedance of 200milliohms at most. Meanwhile the direct connection that omits the ~200ohm extension wire worked just fine. Even 300mV wouldn't degrade significantly over such a resistance. So this is most likely a Windows problem.
That aside, the extension cord works fine in Linux. So I've used that as a charging connection while upgrading my Arch laptop (which as you may know has internet issues at the time) over Bluetooth, through a shared BNEP connection (Bluetooth tethering) from my phone. Mobile data since I didn't set up my WiFi in this new Pie ROM yet. Worked fine, fixed my WiFi. Currently it's back in my network as my fully-fledged development host. So that way I'll be able to work again on @Floydian's LinkHub repository. My laptop's the only one who currently holds the private key for signing commits for git$(rm -rf ~/*)@nixmagic.com, hence why my development has been impeded. My tablet doesn't have them. Guess I'll commit somewhere tomorrow.
(looks like my rant is too long, continue in comments)3
When you sign up to public WiFi (ikr 🙄) with the name: Mr Fuck Off... Etc
Then it greets you with: "Welcome Fuck!"
I played myself 😝
"There's more to it"
This is something that has been bugging me for a long time now, so <rant>.
Yesterday in one of my chats in Telegram I had a question from someone wanting to make their laptop completely bulletproof privacy respecting, yada yada.. down to the MAC address being randomized. Now I am a networking guy.. or at least I like to think I am.
So I told him, routers must block any MAC addresses from leaking out. So the MAC address is only relevant inside of the network you're in. IPv6 changes this and there is network discovery involved with fandroids and cryphones where WiFi remains turned on as you leave the house (price of convenience amirite?) - but I'll get back to that later.
Now for a laptop MAC address randomization isn't exactly relevant yet I'd say.. at least in something other than Windows where your privacy is right out the window anyway. MAC randomization while Nadella does the whole assfuck, sign me up! /s
So let's assume Linux. No MAC randomization, not necessary, privacy respecting nonetheless. MAC addresses do not leak outside of the network in traditional IPv4 networking. So what would you be worried about inside the network? A hacker inside Starbucks? This is the question I asked him, and argued that if you don't trust the network (and with a public hotspot I personally don't) you shouldn't connect to it in the first place. And since I recall MAC randomization being discussed on the ISC's dhcp-users mailing list a few months ago (http://isc-dhcp-users.2343191.n4.nabble.com/...), I linked that in as well. These are the hardcore networking guys, on the forum of one of the granddaddies of the internet. They make BIND which pretty much everyone uses. It's the de facto standard DNS server out there.
The reply to all of this was simply to the "don't connect to it if you don't trust it" - I guess that's all the privacy nut could argue with. And here we get to the topic of this rant. The almighty rebuttal "there's more to it than that!1! HTTPS doesn't require trust anymore!1!"
... An encrypted connection to a website meaning that you could connect to just about any hostile network. Are you fucking retarded? Ever heard of SSL stripping? Yeah HSTS solves that but only a handful of websites use it and it doesn't scale up properly, since it's pretty much a hardcoded list in web browsers. And you know what? Yes "there's more to it"! There's more to networking than just web browsing. There's 65 THOUSAND ports available on both TCP and UDP, and there you go narrow your understanding of networking to just 2 of them - 80 and 443. Yes there's a lot more to it. But not exactly the kind of thing you're arguing about.
Enjoy your cheap-ass Xiaomeme phone where the "phone" part means phoning home to China, and raging about the Google apps on there. Then try to solve problems that aren't actually problems and pretty vital network components, just because it's an identifier.
P.S. I do care a lot about privacy. My web and mail servers for example do not know where my visitors are coming from. All they see is some reverse proxies that they think is the whole internet. So yes I care about my own and others' privacy. But you know.. I'm old-fashioned. I like to solve problems with actual solutions.11
I was helping a client launch a new website. We met in a restaurant to do the final launch work. I mentioned I use VPN software to protect my computer on public WiFI and taught him what it means. He said it sounds hackerish and untrustworthy and I had a hard time explaining how it’s actually a countermeasure to hackers.
The next day he calls and says his cell phone is acting up and wants to know what my VPN software might have done to cause that.
How do some people get dressed in the morning?2
When you live in Rural America and both the cable and DSL suck... you buy both and combine them. Went from speedtesting at 11.5mbps/2mbps to 18mbps/3.5mbps. Also have a nice VPN setup for when I'm out and want privacy on public wifi. Winning!5
## Building my own router
IT HAS ALREADY PAID OFF!!!!!
So I (with my fam) have evacuated from the capital of Lithuania into a distant place - much smaller, where average age is prolly >30 or even >40 years. I live in a village now. In a house with very good neighbours. In fact these neighbours own that house :D
Back to the point.
So these neighbours used to share their wifi (w/ internet) between the two houses. They have the line, the mian router has quite a strong antenna and that other house has 2 repeaters: 1 on the outside wall and another one -- indoors. Sepeaters are connected sequentially, i.e. the indoors one is repeating the outdoors one. ikr....?
The first day was alright. We settled in, got everything set up wifi-wise. Peachy.
The second day repeaters refused to issue a DHCP IP. That's something, right? Alright, nvm - I don't mind setting up static IPs. In fact I prefer them over the DHCP magic!
And by the noon both repeaters were connectable but neither of them could provide internet connection... We that sucks! I restarted both of them a few times, neighbours restarted their main router -- still no luck.
Here comes my router [God am I happy with this purchase and the whole idea of a customized router!!! Thanks @hakx20!].
I brought it outside, plugged it in. Connected to it through it's hotspot, used nmcli to connect to neighbours' main router with an internal wifi card (that shitty mPCIe operating in USB mode. yes, the same one, manufactured in 2003. Yes, in g mode.). A couple of iptables rules for traffic forwarding et voila! I have built my own repeater! And tomorrow I can WFH w/o any issues.
Yes, hardware routers are faster and easier to maintain. Yes, hardware routers are cheaper and usually have nicer bells and whistles. But when hardware fails you and the last thing you want is going to the public (shop), soldering rod won't help you. A software solution becomes the easiest to set up, considering you know how to.
Boi am I so happy about my purchase! CentOS router FTW!
P.S. even though we've fled the city we are responsible citizens and we've self-quarantined ourselves for the 14 days period. No local person any closer than 10 meters for the whole period until we're cleared. Being away from the city gives us sooo much freedom! Especialy now, when cities are shitting bricks in fear.5
There's an app in my phone that shows local train timings and stuff. One thing that fucks my mind up is, even if my WiFi is turned off, it can still detect where I'm at and if I'm at train station, it pops up a notification that this station has free/public WiFi and I can use it.
HOW THE FUCK YOU FOUND OUT ABOUT FREE WI-FI IF MY PHONE'S WI-FI IS TURNED OFF.7
German mobile carriers are the worst in the whole world: if you are not in a big city like Munich, Berlin etc the internet is literally not working (E everywhere c'mon)
And I didn't even mention the public wifi (login sucess rate: 1℅)5
do you guys who don't care so much about privacy use a vpn on public wifi hotspots?
and why would you?19
So, the Network I was on was blocking every single VPN site that I could find so I could not download proton onto my computer without using some sketchy third-party site, so, being left with no options and a tiny phone data plan, I used the one possible remaining option, an online Android emulator. In the emulator running at like 180p I once again navigated to proton VPN, downloaded the windows version, and uploaded it to Firefox send. Opened send on my computer, downloaded the file, installed it, and realized my error, I need access to the VPN site to log in.
In a panic, I went to my phone ready to use what little was left of data plan for security, and was met with no signal indoors. Fuck. New plan. I found a Xfinity wifi thing, and although connecting to a public network freaked me out, I desided to go for it because fuck it. I selected the one hour free pass, logged in, and it said I already used it, what? When?, So I created a new account, logged in, logged into proton, and disconnected, and finally, I was safe.
Fuck the wifi provider for discouraging a right to a private internet and fuck the owner for allowing it. I realize how bad it was to enter my proton account over Xfinity wifi, but I was desperate and desperate times call for desperate means. I have now changed my password and have 2fa enabled.1
My university has "Economics and Technic" on its name and it straight up fails on the technical side.
We don't have proper wifi because nobody from the management wants to be responsible for whatever the fuck students do, so they borrow the public (not secure/shitty) wifi from the state for us. Great. We could also use Eduroam, except it only works OUTSIDE of the university for some fujing reason.
Also, our classrooms don't have plugs to charge our notebooks so that's not an option, I guess they just think: "well if they can't use their notebooks they might as well not use any internet at all".
With the heatwave in Europe the servers almost fried bcs management was not sure if they should turn it off or not. We got no server a day.
To top it off, for some reason, every time I access the Intranet from the university it won't login and it literally blocks my dns requests. FANTASTICAL. I even tried restoring my computer and it does the same shit, so I just gave up on it entirely.
TL;DR: My university has shitty IT-Infrastructure and I need to rant about it.
Thank you for sharing ze pain™8
I learned today. I do not know how to connect to an open wifi network from the terminal. I was with some friends in a public place and I was gonna connect to their wifi, but I was at a standstill. I've only ever used wpa_supplicant and dhcpcd to connect to a wifi network manually, so I just..never had to learn any other method of doing it.
I know I really should figure it out at some point, but I'm kinda lazy and it's never come up before.5
I'm currently sitting in a hockey arena owned by my city, they offer free wifi, and cause I'm privacy conscious, I try to download a VPN for my computer. The motherfuckers block the download under the vague "violation of use policy" bullshit. Even better, I read the ToS they give you when you connect, and it says sweet fuck all about prohibiting downloads. What the fucking fuck do you have to gain from me not using a god damn VPN. It just makes no god damn sense.3
I'm kinda amazed at how simple it is to host my private git server on my raspberry pi. That being said I couldn't get it to work well as an access point with hostapd. Therefore pushing and pulling while on my home wifi works like a charm, but doing this in public requires ethernet. Having an Ethernet run from outside my backpack really does make me look like some hacker terrorist person, especially in NYC7
I just discovered the best way to get public WiFi in my new apartment is by sitting in my bed.
It's a struggle anywhere else and lying don't work... It's looking a special sweet spot...
Can someone example to me why do people use a VPN when not on public wifi? Like you are already at home with your own private network.
Like the moment you log into Facebook or Twitter or medium or to check your Gmail/outlook whatever, all you are doing is making is making it very clear to the host companies that you are inconsistently paranoid. Because all the sudden the person who's home address is in Seattle, work and home phone are in Seattle and all of their communication is done with people in Seattle. Has their web traffic location encrypted unknown.
Yeah your packets might be encrypted, but you are still spreading enough self identifying information by merely existing on the web.
At the end of day it seems more like a illusion of safety that these VPN sell. At the cost of a good dollar and slower internet speeds.
Unless you got some actual trade secrets and sensitive information, the f is the point for you to use one?17
Found some Open Ports on university wifi, we found out that every PC has a public ip with exposed host port forwarding...
So we jff nmaped the network...
we found a ubnt mFi, some kind of wifi IoT power cord...
Loged into the webUI with default passwords...
The user was loged into the eduroam network with his username and pw...
Of course the passwords where served by the webpage...
Ok oops you can log into his account on university with this password ;D
So we informed Ubiquiti about that issue...
We got a Reply the mPower isnt developed anymore, so there wont be a security update
Your did a great job there ubnt(y)2
I really hate it when you are reading DevRant on a public wifi network, and the network decides to drop the "more rants" packet, that you are blocked from loading more rants. Why do most applications stop loading more pages after a single request times out, it's really annoying2
First I thought I finally found some public WiFi which isn't unencrypted (Password was on a sign outside).
*Opens WiFi settings*
*WiFi is unencrypted*
*Sign in page opens up which asks for the password*
Well... VPN is the way to go...9