Captive Wi-Fi
en.wikipedia.orgDo HN readers not know what a Captive Portal is? Confused why this is front page news..
They probably know what it is but are just not familiar with the term.
I find the OS' captive portal detection to sometimes be flaky, so I often just directly visit www.neverssl.com to reliably trigger the captive portal redirect.
The basic workflow at Gateway side is inspecting all HTTP port 80 traffic (with iptables or others), If the URL is about internet detection, reply a 301 redirect to the captive portal URL.
But the URL is too complex among different vendor:
https://captivebehavior.wballiance.com/
I don't know why, even I tracked the URLs, sometimes it still fails (OS refuse connecting to the URL?).
DHCP option 114 (RFC8908) can advertise the URL to client directly, but it is not widely supported:
also http://captive.apple.com and sometimes I'll do http://lobste.rs.
I used to use neverssl, but it's very different for .org and .com and I kept forgetting which was which.
This post reminded me to make a siri shortcut that just opens safari to http://captive.apple.com to trigger the captive portal.
I just like reading random Wikipedia articles. You could farm HN karma off me by posting random ones each day.
Here's a favorite: https://en.wikipedia.org/wiki/Battleshort
Had to do that to my furnace with a paper clip one winter when a sensor went out and I couldn't replace it for a couple days
I bet RFC 8910 is not well known.
The world of software is absolutely enormous. Don't make assumptions about what the "everybody knows" subset is.
I've interacted with these as an end user dozens of times, but in 20 years I never heard the term "captive portal". I tend to use the Apple URL to trigger them, and I never understood why the word "captive" was in that URL. Now I know!
And I still don't really know how they work (I guess I should read this article...).
I think it was 5+ years after first having an ipod touch (i.e. connecting to wifi while out and about) before I encountered the term, and never heard it widely used outside of text on the internet. Doesn't feel like it was commonly used, a la, "Complete your connection to our wifi via the Captive Portal after doing XYZ!"
Was wondering the same, most (even non-tech) people come across captive portals all the time.
This is one of the biggest hacks in software engineering IMHO
That and Bluetooth
It's a shame that within +20yrs of widespread IEEE 802.11, no extension to standardize terms acknowledgement, login flows, etc could make it.
Thus we are left with this captive errnous detection. It feels similarly stupid as NAT in a post-IPv4 world.
I see this every time I connect to my local library Wifi or Costco. I thought Captive was the name of the company providing this service. TIL.
See! To people complaining about this being on the front page - https://xkcd.com/1053/
I hate them.
If they ask for data, I just fill junk. If they don't then it's just a hassle.
I'd ban them. Just give me internet, my man.
I know it’s a minor point, but it bugs me every time this form pops up…
Captive (noun): a person or animal whose ability to move or act freely is limited by being kept in a space; a prisoner, especially a person held by the enemy during a war.
Not an ideal term to use from a user perspective.
Captive Wi-Fi has changed at cafes and businesses. My experience is, Starbucks blocks local hot-spots. You're forced to use their Captive Wi-Fi and only their Wi-Fi. This formerly wasn't an allowed thing.
Are they mining data? Does this promote some ambiance? There's probably 3 different answers, and you'll normally hear 1 is the reason.
It's probably more to do with QOS algorithms. Unless you're not browsing TLS-protected sites there isn't much data to mine. Wifi eavesdropping is mostly a solved problem these days. If starbucks could MITM your wifi connections to mine data we'd have bigger problems.
What’s a local hotspot and how does Starbucks block it? It’s illegal to jam signals (assuming a “local hotspot” is some Wi-Fi network from a neighboring business or center?)
It's using your phone's "hotspot" feature to get your other devices online without signing into the wifi. Modern smart phones have this built into the OS. The phone broadcasts its own SSID and the laptop or other device connects to that, and then the phone acts as a router with its own mini NAT and DHCP stack.
It can be blocked because the wifi equipment at the cafe can see multiple MAC addresses emanating from one client, among other techniques.
That doesn’t make sense. Why do you care about the wifi equipment in the cafe if you’re connecting through your phone? The cafe’s wifi isn’t even in the loop.
What I meant is that I’ve noticed cable-provider hotspots often stop working inside cafes like Starbucks and you can reconnect to them as soon as you step outside.
How do they block them? The only way I can think of would be signal jamming, which is super illegal and would have the FCC on them like brown on coffee beans…