Do HN readers not know what a Captive Portal is? Confused why this is front page news..
bogardon 87 days ago [-]
They probably know what it is but are just not familiar with the term.
I find the OS' captive portal detection to sometimes be flaky, so I often just directly visit www.neverssl.com to reliably trigger the captive portal redirect.
ytch 87 days ago [-]
The basic workflow at Gateway side is inspecting all HTTP port 80 traffic (with iptables or others), If the URL is about internet detection, reply a 301 redirect to the captive portal URL.
But the URL is too complex among different vendor:
The world of software is absolutely enormous. Don't make assumptions about what the "everybody knows" subset is.
I've interacted with these as an end user dozens of times, but in 20 years I never heard the term "captive portal". I tend to use the Apple URL to trigger them, and I never understood why the word "captive" was in that URL. Now I know!
And I still don't really know how they work (I guess I should read this article...).
gertlex 87 days ago [-]
I think it was 5+ years after first having an ipod touch (i.e. connecting to wifi while out and about) before I encountered the term, and never heard it widely used outside of text on the internet. Doesn't feel like it was commonly used, a la, "Complete your connection to our wifi via the Captive Portal after doing XYZ!"
dartharva 87 days ago [-]
Was wondering the same, most (even non-tech) people come across captive portals all the time.
pmarreck 87 days ago [-]
This is one of the biggest hacks in software engineering IMHO
That and Bluetooth
ktpsns 87 days ago [-]
It's a shame that within +20yrs of widespread IEEE 802.11, no extension to standardize terms acknowledgement, login flows, etc could make it.
Thus we are left with this captive errnous detection. It feels similarly stupid as NAT in a post-IPv4 world.
oarla 87 days ago [-]
I see this every time I connect to my local library Wifi or Costco. I thought Captive was the name of the company providing this service. TIL.
If they ask for data, I just fill junk.
If they don't then it's just a hassle.
I'd ban them. Just give me internet, my man.
ColinEberhardt 87 days ago [-]
I know it’s a minor point, but it bugs me every time this form pops up…
Captive (noun): a person or animal whose ability to move or act freely is limited by being kept in a space; a prisoner, especially a person held by the enemy during a war.
Not an ideal term to use from a user perspective.
coro_1 87 days ago [-]
Captive Wi-Fi has changed at cafes and businesses. My experience is, Starbucks blocks local hot-spots. You're forced to use their Captive Wi-Fi and only their Wi-Fi. This formerly wasn't an allowed thing.
Are they mining data? Does this promote some ambiance? There's probably 3 different answers, and you'll normally hear 1 is the reason.
stackghost 87 days ago [-]
It's probably more to do with QOS algorithms. Unless you're not browsing TLS-protected sites there isn't much data to mine. Wifi eavesdropping is mostly a solved problem these days. If starbucks could MITM your wifi connections to mine data we'd have bigger problems.
eddythompson80 87 days ago [-]
What’s a local hotspot and how does Starbucks block it? It’s illegal to jam signals (assuming a “local hotspot” is some Wi-Fi network from a neighboring business or center?)
stackghost 87 days ago [-]
It's using your phone's "hotspot" feature to get your other devices online without signing into the wifi. Modern smart phones have this built into the OS. The phone broadcasts its own SSID and the laptop or other device connects to that, and then the phone acts as a router with its own mini NAT and DHCP stack.
It can be blocked because the wifi equipment at the cafe can see multiple MAC addresses emanating from one client, among other techniques.
eddythompson80 87 days ago [-]
That doesn’t make sense. Why do you care about the wifi equipment in the cafe if you’re connecting through your phone? The cafe’s wifi isn’t even in the loop.
coro_1 87 days ago [-]
What I meant is that I’ve noticed cable-provider hotspots often stop working inside cafes like Starbucks and you can reconnect to them as soon as you step outside.
zoky 87 days ago [-]
How do they block them? The only way I can think of would be signal jamming, which is super illegal and would have the FCC on them like brown on coffee beans…
86 days ago [-]
Rendered at 09:11:28 GMT+0000 (UTC) with Wasmer Edge.
I find the OS' captive portal detection to sometimes be flaky, so I often just directly visit www.neverssl.com to reliably trigger the captive portal redirect.
But the URL is too complex among different vendor:
https://captivebehavior.wballiance.com/
I don't know why, even I tracked the URLs, sometimes it still fails (OS refuse connecting to the URL?).
DHCP option 114 (RFC8908) can advertise the URL to client directly, but it is not widely supported:
https://developer.apple.com/news/?id=q78sq5rv
I used to use neverssl, but it's very different for .org and .com and I kept forgetting which was which.
This post reminded me to make a siri shortcut that just opens safari to http://captive.apple.com to trigger the captive portal.
Had to do that to my furnace with a paper clip one winter when a sensor went out and I couldn't replace it for a couple days
https://www.rfc-editor.org/rfc/rfc8910
I've interacted with these as an end user dozens of times, but in 20 years I never heard the term "captive portal". I tend to use the Apple URL to trigger them, and I never understood why the word "captive" was in that URL. Now I know!
And I still don't really know how they work (I guess I should read this article...).
That and Bluetooth
Thus we are left with this captive errnous detection. It feels similarly stupid as NAT in a post-IPv4 world.
If they ask for data, I just fill junk. If they don't then it's just a hassle.
I'd ban them. Just give me internet, my man.
Captive (noun): a person or animal whose ability to move or act freely is limited by being kept in a space; a prisoner, especially a person held by the enemy during a war.
Not an ideal term to use from a user perspective.
Are they mining data? Does this promote some ambiance? There's probably 3 different answers, and you'll normally hear 1 is the reason.
It can be blocked because the wifi equipment at the cafe can see multiple MAC addresses emanating from one client, among other techniques.