European Commission has a "Wifi4EU" initative, provides 93k high-speed private access points across the EU, free of charge.
Technology
144
Beiträge
83
Kommentatoren
0
Aufrufe
-
What will tracking MACs give them? They will now that such and such MAC address connected to such and such WiFi router. What will they do with it? What is the risk here?
Your MAC is unique to your *physical" device so there's that, also you could track movement globally. I guess there are other things I'm not thinking about but 2 just on top of my head is clearly 2 too many IMO.
-
How do we know intelligence agencies are not in collusion with certificate authorities though? What if they actually have access to ROOT CA private keys and can just automatically strip https from most of the traffic in their mass surveillance software? This is something I found with a very quick search: https://en.wikipedia.org/wiki/DigiNotar
Yeah sure but defending against nation state intelligence agencies is a thread model few people have. It's also not really realistic unless you go to paranoia level mitigations.
-
Title is wrong. It's an old initiative, not even funded anymore. Ran from 2018 to 2020 with 120 Million EUR.
A bit offtopic about a pet peeve of mine, but this is why it'd be super nice if social media that end up getting screenshot had absolute timestamps. Thank you for letting us know.
-
Because it's border free travel for EU citizens. It's still another country you enter, as of course, there are rules.
They stop you to check. You obviously pass through.
Also, there's still illegal import rules.
It's still schengen rules, so if you take a train the likelihood of being stopped at the border is pretty low. Austria may have border agents board the train and verify passports, but that's still pretty uncommon in Europe.
-
Your MAC is unique to your *physical" device so there's that, also you could track movement globally. I guess there are other things I'm not thinking about but 2 just on top of my head is clearly 2 too many IMO.
I get that but what the European Commission would do with this info? They would be able to tell that you visited Berlin in May or that you went to Portugal in June. And... what? They will not sell this data to advertisers because that would be just stupid. Would they share this data with police? For what purpose? Would Ursula von der Leyen use it to track her political opponents? See where they went on holiday? What would be the point?
-
you wouldn't be happy with that. i looked up how the Wifi routers are distributed, and (in Austria at least) small towns have 1-2 routers placed in the municipal buildings they have, servicing the town square. Which means you would have to sit around inside or outside of city hall all day.
Yes, it's not like poor people or children with abusive parents need library wifi to do anything important like looking up how to deal with life's shit when their parents never taught them how. </sarcasm>
-
Free Wireless ISP, you say?
cheapskate romanian sounds
Oh, sure. That's fair. Just like how the US kicked the Natives off of their land. </sarcasm>
-
Yes, I live in Romania.
It was a joke, but also true.
I don't see the racist part, but please excuse me if I've offended you.
descurcăreț - someone who makes use of the flaws in rulings. It's not even a negative term.
<sincerity> Sorry about the other response I made being accusatory. I get the difference between self-deprecating humor about one's family, and actual boomerang racism. Thanks for clearing things up. </sincerity>
-
Nothing we can do to prevent that, unless we want to turn all laptops into walled gardens. PEBKAC is not the fault of the WiFi network.
I mean, we could switch to Linux distros (so that you can fine-tune DNS and VPN settings without corporate BS), but the intricacies that introduces to connecting to the WiFi safely are not casual in scope. Most people are better off buying a lightly-used Mac (or not, it's been a while since people have been happy with Apple) or replacing their laptop with a Fairphone or Graphene OS phone than switching to Linux from Windows 10.
Windows 11+ however... is another story. Anything but letting the IngSoc Smart TV become the OS. The issue is that computers come bundled with Windows and so they use "Secure Boot" to trap you. You can't use Secure Boot without Windows, and you can't play many online games if you do not have Secure Boot (even if the excuse as to why is a filthy lie) so if you're gaming you basically have to hope that Steam OS triumphs.
Best option is to just go to places where the wifi service is affordable but not free so that the operator needs to keep tabs on whether users are doing something other than browsing the internet or playing games (i.e. stealing people's info or putting malware on their machine). Unfortunately, there doesn't seem to be any great demand for internet cafes anymore in my location.
-
. Anything it does has to go through a long process involving multiple oversight comittees, the commission, the parliament etc. It really doesn’t have the option for much secrecy.
Oh my sweet summer child.
When a German MEP Patrick Breyer asked the EU to release the names of the people who were a part of the so called High Level Group that wrote this proposal, they replied with a list with all names blacked out. Here is Patrick Breyer’s own blog post on the subject.
According to Edri ”The HLG has kept its work sessions closed, by strictly controlling which stakeholders got invited and effectively shutting down civil society participation.”.
And that's why I trust no one! Oh, wait. I'm lonely and miserable.
-
And that's why I trust no one! Oh, wait. I'm lonely and miserable.
Saddest man indeed
-
my bad! I misread the context and had not heard of it before - yet living in the EU. I will change the title. I got confused as I saw their post on LinkedIn, and it was posted recently: https://www.linkedin.com/posts/european-commission_wifi4eu-activity-7359136374895046656-oXYi
It's still active as in, they maintain the hotspots. But I just had a look at the map, and it looks like there's spotty service mostly clustered around tiny villages, rather than providing coverage to areas that actual get significant tourism or other visitors.
-
Yes, it's not like poor people or children with abusive parents need library wifi to do anything important like looking up how to deal with life's shit when their parents never taught them how. </sarcasm>
bro, i never said anything about people in bad situations; it's clear that they profit from that and that's a great thing. but cancelling your cell service to use this instead is not a smart move.
-
cross-posted from: https://slrpnk.net/post/25779751
The intative promises to be privacy-friendly with no tracking. Stating:
Your privacy is important. The WiFi4EU app ensures a private online experience with no tracking or data collection. Simply connect and enjoy free public Wi-Fi without concerns.
Source: https://digital-strategy.ec.europa.eu/en/policies/wifi4eu-citizens
Will be interesting to see how this spans and plays out in reality. Looks promising too, did a quick scan of their builtin permissions and trackers and looks good too. (Scanning tool is called Exodus)
Leaving the EU is one of the stupidest self harming things we ever did.
-
That's the point, you don't have to. The system works on the assumption that the AP is untrusted.
except when not. HTTPS helps with security, but there's privacy leaks all around all kinds of network traffic. apps and services you use, websites you visit (DNS, SNI), when do you do something, like arrive or receive a voip call, ...
-
Every site uses HTTPS which encrypts your data in transit. Even if they sniff the packets, they would spend literal decades trying to decrypt it.
Just be wary of visiting sites or sending traffic not over HTTPS. Its rare, but it does happen.
HTTPS does not protect against everything. there's many other protocols that apps can use for whatever use case, and even HTTPS traffic leaks lots of information directly or indirectly, like the websites you visit (because of DNS, and TLS SNI)
-
HTTPS is used on virtually every site out there these days. That is used to encrypt your traffic from the get go. So specifics of the traffic/request won't be obvious/known. The EU could be big enough to force manufacturers to inject their certificates into devices... could be a man in the middle attack. But you can always just remove certs you don't trust from your devices.
DNS by default is often plaintext. You can setup your device to use DoH or other encrypted versions of DNS.
That leaves just the raw connection analysis... eg, that your device is sending traffic to some known IP... many site share hosts so that can be hard to determine though often not really... Proxy or VPN services can make it impossible to do this type of analysis... but then those services will be able to tell.
Ultimately being able to say that "Shalafi sent some packets to an IP that google owns and received a bunch back" could be email... could be youtube... could be any number of things... at some point it become educated guess at best. And what specifically happened (ex: Watched a video about tying shoes) is simply unknown. It would take a bunch of external additional data to actually tie you to anything directly, eg server logs or other sources... which usually means more than one party is already working together against you. At that point you've got bigger issues usually.
this is such an oversimplification. maybe it's hard to distinguish between google services, but if you play some online game, chat over whatsapp or signal, or have a voip call, that's an entirely different story. these can probably be told apart by DNS requests or active connections, and in the case of communications, messaging and voice calling is obvious to tell apart because of the difference in the volume of data. when having a voip call, through a service that supports peer to peer calls (most do, and it's default on), an observer may even be able to deduct something about who you are speaking with, like what general area they live at.
then what if you have apps that try to establish connections to services at home. like smb or nfs, https services. your smb/nfs client may leak your credentials, I think even linux does not encrypt smb communication unless you request it in a mount option, and with HTTPS you leak your internal domain names because of TLS SNI.
