Brian writes:
On Sun 13 Feb 2022 at 16:02:53 +0100, tomas@tuxteam.de wrote: > On Sun, Feb 13, 2022 at 02:41:31PM +0100, Linux-Fan wrote: > > Brian writes:
[...]
> > > Could the process to replace them on, say, public transport be > > > outlined?
[...]
> > * RFC8910 - Captive-Portal Identification in DHCP and Router > > Advertisements (RAs). I never never heard of it before searching > > for “Alternatives to captive portals wifi” online :) > > * Joining a local initiative providing free connectivity (and, of > course, lobbying your local policy makers that this be legal; > the very idea of providing free stuff tends to be suspect). > > Freifunk [...] is one successful example. Interesting. Captive portals provide free connectivity. What's the problem?
[...]I do not use Wifi with captive portals very often so I have only experienced a limited subset of problems, but I can think of at least the following issues:
- Security: Intercepting requests to arbitrary pages and replying with some other content is quite similar to a MITM adversary. Hence, users following the recommended “prefer HTTPS” usage will get certificate errors instead. The RFC explains this much better than I could do under section “5. Security Considerations”. Also, I think the OP's problem is caused exactly by this. For captive portals to work in a HTTPS-preferring browser quirks like those implemented by Firefox are needed i.e. try to detect the Internet connectivity by connecting to the vendor's URL... not good for privacy and only a heursitics. - Browser requirements: Captive portals often require a JS-capable browser to accept their terms etc. This is probably acceptable for Notebooks and “Smartphones”, but any other type of device will often be unable to access a captive-portal-protected Wifi. I have not tested it but I would imagine that it be tough to join such a network for the purpose of playing with a handheld console (e.g. Nintendo 2DS or such) on a train given that the device's webbrowser is very limited. - Acutally, not all captive portals provide ”free” connectivity. At least not in the freedom sense. IIRC in Italy, they request your tax number before allowing you to use the Wifi on the trains? You pay with your data... According to [1] I seem to misremember this: They want your phone number or credit card number instead. It seems that on some lines they have eliminated this need for registration (not sure if that means there is no longer any captive portal at all).It might only be anecdotical but here is another counter-intuitive problem caused by captive portals [2].
[1] https://www.trenitalia.com/it/offerte_e_servizi/portale-frecce/come-accedere-al-portale-frecce.html [2] https://ttboj.wordpress.com/2014/11/27/captive-web-portals-are-considered-harmful/ HTH and YMMV Linux-Fan öö
Attachment:
pgpFZH9WbPEgw.pgp
Description: PGP signature