cross-posted from: https://slrpnk.net/post/25779751
The intative promises to be privacy-friendly with no tracking. Stating:
Your privacy is important. The WiFi4EU app ensures a private online experience with no tracking or data collection. Simply connect and enjoy free public Wi-Fi without concerns.
Source: https://digital-strategy.ec.europa.eu/en/policies/wifi4eu-citizens
Will be interesting to see how this spans and plays out in reality. Looks promising too, did a quick scan of their builtin permissions and trackers and looks good too. (Scanning tool is called Exodus)
Well I don’t know if that’s a good use of EU money. I’d rather see investments in large and difficult infrastructure, rail, software, datacenters, industrial sectors we’re currently lacking, grid investments - stuff like that.
End user internet access is more like thousands of small decentralised projects. The coordination might make it easier to use compared to if everyone did their own free wifi project, but that’s such a small benefit…
I’m sure we could invest in all of them and money wouldn’t be the problem.
I think this is mostly for non-EU tourists. You don’t pay for roaming in EU anymore so you don’t really need WiFi when traveling.
Recently mobile phone operators introduced a “fair use policy”, so it’s not really a”roam like at home” anymore, but data volumes can be limited to a fraction of what you are entitled to in your home country.
This is a point where WiFi might get more important again when traveling.
Free Wireless ISP, you say?
cheapskate romanian sounds
Germans are gonna start getting out their old cantennas or nanostations and point it at the closest hotspot
Of course I would never do such a thing, being half german, living in Germany. Certainly didn’t live off a nearby restaurants wifi hotspot for almost 2 years.
Classic European flavored racism. Are you aware that you are promoting racism or not? I think mindfulness is key here. People should consider their own internal biases and adjust to help make a better world.
Pretty sure they are themselves Romanian.
Can you even be racist against yourself?
Yes you can.
Yes, I live in Romania.
It was a joke, but also true.
I don’t see the racist part, but please excuse me if I’ve offended you.
descurcăreț - someone who makes use of the flaws in rulings. It’s not even a negative term.
Honestly nowadays data plans are cheap on most mobile carriers and they’re obligated to have them work accross EU, so you no longer really need Wi-Fi when traveling.
Also, I can see this being easily and constantly exploited via Wi-Fi attacks where hackers set up fake Hotspots with the same name as the closest legit one.
Meanwhile Czech carrier cartel:
BTW free Wi-Fi exploits are overrated with widespread HSTS
I’m sure non-EU visitors will like it
Getting their credentials stolen thru WiFi attack?
Cries in Brexit
~£2 a day data charge on most UK networks
Isn’t Lebara less than that per month and includes roaming?
No taking on EU -run wifi? Those f’rs want to read our private encrypted chats. Why would anyone connect to this?
The EU is not a singular entity. It is possible for it to do good and evil simultaneously.
Because people know about HTTPS.
They want to be able to read all the communications. So whether you transport your data via https or not has nothing to do with this.
-
Not all internet traffic is chats
-
If they have backdoor access to chats it doesn’t matter if you use their WiFi or not.
To be fair (op seems tech illiterate but he might have a point) you could track MAC addresses. My phone randomise my MAC but maybe every phone doesn’t ?
What will tracking MACs give them? They will now that such and such MAC address connected to such and such WiFi router. What will they do with it? What is the risk here?
I wouldn’t be concern about the MAC addresses but about the app mentioned in the article. Why do you need an app for this? What data will it collect about you?
AFAIK every semi-modern phone does mac address randomisation now
-
deleted by creator
Why Wi-Fi? All the expense, none of the coverage.
Good luck trying to break through the mobile cartels.
oh dude, they promised to be privacy friendly! maybe I’m just to american to believe in promises.
The EU is almost just as bad, I know the bar is high compared to the US, but still.
There are tons of things the EU is doing well, dude.
From resisting the technocapitalist rethoric of the US, to standing up against imperial bullies like Russia.
I’m not saying it is perfect, nothing is. But sometimes it feels like the EU is the only reasonable beacon in a sea of corruption.
LOL ‘dude’
The EU just bent over to get fucked by US tarrifs.
They shouldn’t worry about Russia as much as they should about US imperialism that causes all the trouble.
But these sell outs will gladly suffer as good obedient vasals. 🤡The EU only cares about blocking the private sector from getting their citizen’s data. They actively harm privacy when it’s about government access
You don’t have to trust them any more than you trust your local Starbucks WiFi. We’re at the point where your traffic should no longer be vulnerable just because you’re on the wrong WiFi network.
Been that way since https became common
My traffic is not vulnerable, but my device might be.
When you connect to public WiFi, you also share it with others, and maybe someone on that network wants to test out their new hacker skills ?
Maybe not as much of a problem for phones, but that juicy developer laptop running unauthenticated MongoDB with a dump of the production database… yup, that now “mine”.
Ideally all those services should be listening on 127.0.0.1 / ::1, but everybody makes mistakes. Maybe the service comes preconfigured to listen on 0.0.0.0.
Just keep your firewall set to public network and you will most likely be fine.
Anything can be hacked, even on your private home network.
Again, people make mistakes, so they may think the firewall is on, but that one time 3 weeks ago when they were debugging something and they turned off the firewall for it, yeah, we never got around to enabling it again.
Also, my home network is a lot more secure by default than shared public WiFi. At home I have decent control over who and what connects. Sure, people could in theory crack my WiFi password, but the risk of that is low compared to sitting on public WiFi.
I feel like the OP you’re responding to. Explain how I should be comfortable? The idea creeps me out, but I admit I haven’t delved into security for a few years.
HTTPS is used on virtually every site out there these days. That is used to encrypt your traffic from the get go. So specifics of the traffic/request won’t be obvious/known. The EU could be big enough to force manufacturers to inject their certificates into devices… could be a man in the middle attack. But you can always just remove certs you don’t trust from your devices.
DNS by default is often plaintext. You can setup your device to use DoH or other encrypted versions of DNS.
That leaves just the raw connection analysis… eg, that your device is sending traffic to some known IP… many site share hosts so that can be hard to determine though often not really… Proxy or VPN services can make it impossible to do this type of analysis… but then those services will be able to tell.
Ultimately being able to say that “Shalafi sent some packets to an IP that google owns and received a bunch back” could be email… could be youtube… could be any number of things… at some point it become educated guess at best. And what specifically happened (ex: Watched a video about tying shoes) is simply unknown. It would take a bunch of external additional data to actually tie you to anything directly, eg server logs or other sources… which usually means more than one party is already working together against you. At that point you’ve got bigger issues usually.
You don’t HAVE to be comfortable. But if you use any sort of public WiFi, this is no riskier than any of those networks. They can grab some metadata unless you use a VPN, but likely less than what your ISP already has on you anyway. Basically, there’s no reason this should be putting up any major red flags. We’re past the days when a malicious access point could MitM most connections due to lack of encryption.
That’s why audits exist
It’s mind-blowing how at the same time some EU government guys pushing stuff like DSA while other do something like this (which is nice, and a complete opposite, if it’s not honeypot anyways).
What’s the problem with the Digital Services Act?
Indeed from their history of constantly wanting more control and invasive measures, always sold in the name of security, protection of minors, etc… I’m highly sceptical and always asume the worst.
But those are all publicly available pieces of legislation. It’s quite a leap to go from that to just assuming they’ll secretly and illegally spy on you through public wifi networks, without any law allowing them to do so. Besides, if they have no problem doing that, why would internet through your European ISP be any safer?
Never said the rest is safer, doesn’t mean they are ‘privacy friendly’, they aren’t.
It’s quite a leap to go from that to just assuming they’ll secretly and illegally spy on you
Plenty of stuff like this or this or this
And they did as much against Pegasus as they do against israel.
Some words and recommendations.22 EU clients, at least, have acquired it.
quite a leap to go from that to just assuming they will not spy on you as a collective, more than is already ‘publicly available’.
Organisations that spy usually don’t advertise their practices.Plenty of stuff like this or this or this
Again, those are all pushes for legislation. None of which are implemented at this point. The EU is, for better and for worse, a bureaucratic monster. Anything it does has to go through a long process involving multiple oversight comittees, the commission, the parliament etc. It really doesn’t have the option for much secrecy. National governments are quite a different story.
Damn, this is so cool.
We could have had this in the States too, but, well, you all know.This would be cool 20 years ago. Now it’s just a stunt.
Better late than never though
This will never be possible in the States. We still have areas with no cellular.
Surely that’s unrelated to the billions of dollars that the telecom companies stole from the taxpayer after promising to build out infrastructure?
Ironically enough there’s basically a private version of this through Comcast turning their rented CPEs into their own unlicensed wifi mesh, they call it WiFi Pass – they at least have the courtesy to give it to you gratis if you’re already paying for residential service.
It shows you are american and not familiar with the EU.
‘privacy friendly’ is a euphemistic PR term, not unlike making the horrible Patriot Act worse and renaming it the ‘Freedom Act’.
That’s cool. Here in the US, we’re this close to banning vaccines. *sad trombone sound
Having a union-wide regulatory framework for soda bottle caps, or mandatory categorization of cucumbers seems a lot less like a government overreach in comparison. Thanks, I guess… 🥲
I hope you’re joking.
‘privacy-friendly’ from the EU? 😂
they’ll read your messages, but they’re friendly about it.
Well they have to check for our own good OC, what if Khammaaaz mails you a terrorist!
If this does what it says on the box its huge
Do you need that app to connect to a WiFi network?
No, the app is just a map of the hotspots.
To add to the other comment, you can see the map here.
More Europeans than ever can watch the live-streamed genocide that we’ve been arming and encouraging!
And have to walk on eggshells if they protest against it or get arrested for ‘supporting terrorism’.
Through various deliberately InterPol-managed servers that track your telemetry.
Thanks to EU roaming rules…
Not quite. I’ve come across a few plans that don’t offer EU roaming, and also those where there’s far less data offered than the regulation requires, or found a loophole.
Let’s go for the examples of no EU roaming data:
T-Mobile CZ Twist IoT CR - IoT card, but it offers up to 500GB of data paid once a year (78 EUR), only usable in Czech Republic.
T-Mobile CZ 100GB edition - regular SIM, but also CR-only
Vodafone CZ GIGA 100 + 50 GB - also a regular prepaid, but no roaming
Swan Mobile (4ka) Sloboda Data - 300GB in Slovakia, but 0.144 EUR per MB in EU.For the last example, they’re also the same example that breaches the regulation with other packages. When I did the calculations, they exactly checked out for other 3 MNOs, so I guess I did them right, but they didn’t for Swan.
Further confirming this is the fact that they have already received at least 2 (as far as I could find) fines for breaching these RLAH regulations, that is 15,000 and 90,000 EUR, but I suppose that just ends up being cheaper for them, as it still isn’t fixed.Anyway, perhaps they did in fact fix this, with a loophole.
For example, take Sloboda Nekonecno+ for 25EUR/month with “unlimited” (300GB) data. 8.25GB of EU roaming does not look right there.
So what is going on?
On paper, it’s split up into base and additional package. Base package is 20EUR, and only has 2GB of data. Additional package with unlimited data is 5EUR/month, and as you could guess, cannot be purchased separately.So, for base package, you get full allowance, thus 2GB. Additional package is calculated separately, (4.06504065041 / 1.30) * 2 is 6.25. And thus 8.25GB instead of 31.27GB was born.
