this post was submitted on 24 Jul 2024
297 points (100.0% liked)

AssholeDesign

8318 readers
108 users here now

This is a community for designs specifically crafted to make the experience worse for the user. This can be due to greed, apathy, laziness or just downright scumbaggery.

founded 2 years ago
MODERATORS
[email protected]
297
'"Walmartwifi" isn't compatible with iCloud Private Relay' | Store demands privacy sacrifice to use internet in their cavernous dead zone of a building (lemmy.world)
submitted 8 months ago* (last edited 8 months ago) by [email protected] to c/[email protected]
116 comments fedilink hide all child comments
 

This is after forcing login to a store account:

At least they don’t hide in their ToS that:

“l agree to let Walmart monitor my use of Walmart WiFi, including to:

  • Determine my presence in Walmart stores
  • Associate information about me with my Walmart account
  • Improve products and services
  • Gather market insights about my in-store purchases and activities”

But that’s not enough, they need to monitor your internet activity further too.

For further reading, some greatest hits (the section headers on Wiki’s Criticism of Walmart):

  • Local communities
  • Allegations of predatory pricing and supplier issues
  • Labor relations
  • Poorly run and understaffed stores
  • No AEDs in stores (automated external defibrillators)
  • Imports and globalization
  • Product selection
  • Taxes
  • Animal welfare
  • Midtown Walmart
  • Opioids settlement
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 97 points 8 months ago (6 children)

Nah. Their network their rules. Quit your bitching or use 5g.

[–] [email protected] 39 points 8 months ago (2 children)

privacy sacrifice to use internet in their cavernous dead zone of a building

It was a worthwhile sacrifice, but I’m definitely gonna name & shame! Wouldn’t touch WiFi if it weren’t a dead zone.

Also gave me a chance to complain about some of their other business practices. (Certainly wouldn’t have shopped there if I hadn’t been asked to this one time.)

I’ve never seen this message before so they seem an outlier even in the greedy corporate world. Enough complaints and every once in a while a business changes their practices. Why not whine a little? 🙂

[–] [email protected] 8 points 8 months ago* (last edited 8 months ago) (5 children)

The privacy community and yourself have become the equivalent of windows UAC. It's tiresome and no sane person with an understanding of technology would ever have the expectation of privacy on a public WiFi network. There are legal and compliance obligations.

[–] [email protected] 9 points 8 months ago (2 children)

complaining about a lack of privacy on a public wifi node is like complaining that people are perverts for looking at your genitals when you run down the street naked.

[–] [email protected] 14 points 8 months ago (1 children)

More like "calling your neighbor a pervert when they offer you a place to shower when yours is out and you find out they're taking videos" but okay

[–] [email protected] 8 points 8 months ago* (last edited 8 months ago) (9 children)

No, cause you have an expectation of privacy in a shower. You don't have an expectation of privacy in public.

No reasonable person has an expectation of privacy on a public wifi, hell most people wont even connect to a public wifi because they dont want to take the unnecessary risk. Especially with a public wifi provided by such stellar companies like Walmart.

Which is why the entire argument is as stupid as getting angry at people looking at your junk when you're running around naked in public.

[–] [email protected] 7 points 8 months ago

I have an expectation of privacy in my motor home when showering, even if I’m using water that’s coming from some private entity’s pipes.

Just the same way that on my own phone I have an expectation of privacy, even if I’m using connectivity coming from some private entity’s pipes.

load more comments (8 replies)
load more comments (1 replies)
[–] [email protected] 6 points 8 months ago (1 children)

Dude, I understand technolgy enough to know that when I use the HTTPS protocol, I have privacy on my packets.

You keep trying to associate the expectation of privacy with a lack of technical knowledge, but I have technical knowledge and you’re wrong.

load more comments (1 replies)
load more comments (3 replies)
load more comments (1 replies)
[–] [email protected] 15 points 8 months ago* (last edited 8 months ago) (1 children)

Would you say the same thing if they intercepted HTTPS connections? Or blocked popular ~~DNS~~ (edit: DNS over HTTPS/TLS) resolvers and required you to use the one advertised in DHCP?

I think if you're going to provide WiFi, just do it and stop spying on me.

The reason they want this is probably so they can tie your Walmart account to your position inside the store. And see which other sites you visit to find a better price, etc.

[–] [email protected] 16 points 8 months ago (2 children)

Yes. Their public network. I have no expectations of any privacy on a public network. This is privacy 101.

[–] [email protected] 10 points 8 months ago* (last edited 8 months ago) (1 children)

You're conflating the individual practice of having a pessimistic threat model with a corporation's entitlement to behave badly.

Of course I assume the worst from Walmart or any other public network — I just think they should have some class and provide a public good to their customers without creepy privacy invasion. Somehow they manage to provide free water in fountains without requiring me to scan my driver's license.

If they published a white paper explaining the Differential Privacy properties of their customer analysis tech, I might revise my opinion.

[–] [email protected] 7 points 8 months ago* (last edited 8 months ago) (3 children)

They aren't invading the privacy here. They are preventing a malicious actor from running an attack via VPN and ssh tunneling in addition to IP address, device, etc. At worst they are associating IP with browsing at competing stores. Preventing the VPN was likely required by a lawyer and auditor and a risky attack vector for a billion dollar company.

If Walmart was breaking https and inserting man in the middle games it would be in their policy. Other commentators went off into fantasy land edge cases where traffic is being decrypted. And it still doesn't change my expectation of privacy on a public hotspot.

[–] [email protected] 7 points 8 months ago

They aren't invading the privacy here.

Yes they are, they're forcing you to disable Private Relay.

They are preventing a malicious actor from running an attack via VPN and ssh tunneling in addition to IP address, device, etc.

This makes no sense. I could walk outside the store and do any of those things on my 5G connection. Private Relay does not enable these attacks and blocking it doesn't prevent them.

At worst they are associating IP with browsing at competing stores.

Wut? They are the ones assigning IP addresses. Not sure what you mean.

At worst, they're using your IP address to join your walmart.com session cookie with complete time series data on your store position, data from store cameras, etc. to build a creepy profile without consent.

Preventing the VPN was likely required by a lawyer and auditor and a risky attack vector for a billion dollar company.

It's not a problem for Starbucks. As long as the public facing network is separate from the internal store network, e.g. with a VLAN, what is the concern?

If Walmart was breaking https and inserting man in the middle games it would be in their policy.

Regardless, it would be shitty behavior.

If they were cracking crypto schemes and were decrypting your traffic, it's entirely possible this violates a "hacking" law in the US.

Other commentators went off into fantasy land edge cases where traffic is being decrypted. And it still doesn't change my expectation of privacy on a public hotspot.

It was a hypothetical to explore the extent of your "their house, their rules" viewpoint.

load more comments (2 replies)
load more comments (1 replies)
[–] [email protected] 12 points 8 months ago* (last edited 8 months ago) (11 children)

Exactly. "Hey, we're gonna let you use our network. But if you do anything illegal or shady on our network, we'd be held liable. So we're gonna track what you do on our network to make sure if you do try something, we can remove you from the network and have proof."

I mean, yeah, they're also gonna collect advertising data, but do you really expect to have an expectation of privacy when using someone else's network? Just like they can film you in the building, they can monitor your network traffic on their network.

If this surprises you, maybe you should do some more research on how a network actually works. And get a VPN. And maybe don't connect to random public networks(you don't even want to know what OTHER PEOPLE can do to you on those networks, nevermind the company).

Also, you pay for your cellphone service, right? Are you paying for the wifi in the store? Nooooooo. They're giving it to you for free. Almost like they're offering you something in return for that data monitoring. Like they're offering you a service with a built in method to recoup costs... A service you voluntarily use and in doing so, agree to their terms.

Or you, you know, don't use it.

[–] [email protected] 9 points 8 months ago (4 children)

but do you really expect to have an expectation of privacy when using someone else's network

That is kind of the concept behind the internet. A bunch of networks passing packets along, using the same protocol, not asking questions about their content.

Fifteen years ago we had a whole battle and everyone other than the evils at the top were against deep packet inspection. This new generation is a bunch of bootlickers.

[–] [email protected] 5 points 8 months ago

Yeah, wtf is going on here? You're allowed to say corporations shouldn't do things, even if they're technically legal.

Are these people such fierce libertarians that they support Eli Lilly's right to price gouge diabetics for their insulin?

load more comments (3 replies)
load more comments (10 replies)
[–] [email protected] 12 points 8 months ago (4 children)

Not entirely sure if this is possible but I'm increasingly suspicious that they started jamming outside networks within their warehouse. Of course it makes sense that mobile data doesn't really work inside a giant steel warehouse, so perhaps it's just confirmation bias, but I can't seem to recall not having any mobile data signal at all until my last walmart visit.

I used to keep to myself and look up the location of the item I was looking for online. If they want me to bother a floor person for it though, doing that is highly preferable to giving walmart my email to sell along with any information they can extrapolate from my usage of their network.

[–] [email protected] 13 points 8 months ago* (last edited 8 months ago) (1 children)

Jamming is incredibly illegal so I doubt that. They probably just have a bad roof for reception.

Also remember hanlon's razor.

load more comments (1 replies)
load more comments (3 replies)
[–] [email protected] 11 points 8 months ago (2 children)

Lol why is this an opinion? If people want to vpn out of my network I don't give a fuuuuuuuuck. Now if you're raw doggin' that traffic or sucking down the bandwidth don't bitch when I filter or throttle, for sure, but surely you can at least empathize with people wanting to use privacy tools, ya tool.

load more comments (2 replies)
load more comments (1 replies)
[–] [email protected] 44 points 8 months ago

LOL, "your communication cannot go through our service that we can monitor, so somebody else might be spying on you, black is white, war is peace, freedom is slavery"

[–] [email protected] 28 points 8 months ago

Start giving their store one star reviews and mention this

[–] [email protected] 26 points 8 months ago (1 children)

Please just don’t use public WiFi and if you do, assume that your privacy and security are at risk.

[–] [email protected] 7 points 7 months ago (11 children)

Or use a vpn if you really must. I’ve noticed that most Walmarts have really bad cellular connectivity and this is probably the reason why

load more comments (11 replies)
[–] [email protected] 23 points 8 months ago (5 children)

I don't understand why you would need wifi in a supermarket. What are you doing while shopping that mobile data can't handle?

[–] [email protected] 35 points 8 months ago (1 children)

Large warehouse type buildings make getting a signal difficult ESPECIALLY in a walmart. I prefer using the app to find items I wouldn't otherwise know where to look.

[–] [email protected] 14 points 8 months ago (1 children)

Yeah, I didn't consider those absurdly large US malls, my bad.

load more comments (1 replies)
load more comments (4 replies)
[–] [email protected] 20 points 8 months ago (6 children)

The irony of using Apple products, thinking "Private" means "private".

[–] [email protected] 39 points 8 months ago (5 children)

Do you think the advertising company’s phone is more private?

Google doesn’t make money when you buy a Samsung Galaxy. Google tracks everything you do on your Galaxy. They then take this data and sell targeted advertisement at you. Google makes money when they sell you to advertisers.

Apple makes money when you buy an iPhone.

[–] [email protected] 10 points 8 months ago (2 children)

Apple appears to be double dipping. I don't use apple products beyond a MacBook. Why for example the laptop has a unique advertiser id (which looks like it can't even be disabled in newer os versions)?

[–] [email protected] 6 points 8 months ago

All OS have advertising ID. Windows does, macOS does (TIL from you), Android and iOS do. Linux doesn't for obvious reasons.

[–] [email protected] 5 points 8 months ago* (last edited 8 months ago)

A lot of the things stored in iCloud are end to end encrypted. That includes all of your messages and attachments in iMessage and all of your bookmarks in Safari. Apple simply can’t use those things to advertise at you.

As far as other targeted advertising, Apple doesn’t track you across apps. In other words, searching for something in the App Store won’t result in different ads in Apple News. And doing anything in any third party app won’t affect any targeted ads in any Apple app. (https://support.apple.com/guide/iphone/control-how-apple-delivers-advertising-to-you-iphf60a6a256/ios)

You will still see targeted ads on iOS in third party apps, because Google still tracks you in an app if it uses AdMob.

[–] [email protected] 6 points 8 months ago

At least on the advertising company's phone, I have the freedom to install a different, more privacy respecting OS like GrapheneOS.

load more comments (3 replies)
[–] [email protected] 11 points 8 months ago (4 children)

That is true of Android as well.

And remember that while iOS is built by a tech company first and foremost, Android is built by an advertisement company first and foremost.

I have tried both, and only Android gives me the feeling that someone is constantly looking over my shoulder.

I know Apple does also, but I don't get the same feeling.

[–] [email protected] 18 points 8 months ago (2 children)

You pay the premium price to feel better about the same thing.

[–] [email protected] 6 points 8 months ago

Quite possible

load more comments (1 replies)
[–] [email protected] 5 points 8 months ago (1 children)

I'm sure your feelings are more accurate than thousands of thousand security researchers trying to make a name for themselves.

This is more "Alexa is spying on me" ignorance and paranoia.

This entire thread...

[–] [email protected] 11 points 8 months ago (8 children)

Since there are so many security researchers agreeing with you, why didn't you link a few reports to support your claim?

load more comments (8 replies)
load more comments (2 replies)
[–] [email protected] 6 points 8 months ago

How do ya compare incentives of Apple/Cloudflare & the big box store in terms of data privacy?

[–] [email protected] 6 points 8 months ago* (last edited 8 months ago) (1 children)

Bruh, can we not do the whole teasing people who prefer one brand's proprietary OS & interface over another?

load more comments (1 replies)
load more comments (2 replies)
[–] [email protected] 18 points 8 months ago

Murrica lmao

[–] [email protected] 14 points 8 months ago (3 children)

Oh this gives me good reason to find a Walmart. I would love to see how it handles VPNs and it would be a fun game to set up a travel router that can obfuscate the VPN tunnel if needed.

[–] [email protected] 9 points 8 months ago (5 children)

Using OpenVPN or Wireguard should work because they typically use port 443, which you can't block without killing the internet connection altogether.

load more comments (5 replies)
[–] [email protected] 5 points 8 months ago

I use a VPN just fine inside a Walmart. It's annoying you need a Walmart account now to use it.

load more comments (1 replies)
[–] [email protected] 10 points 8 months ago

Offering open wifi for the public is a terrifying thought.

[–] [email protected] 6 points 8 months ago (3 children)

Just set up a cheap squid proxy or an http proxy. They often still work

load more comments (3 replies)
load more comments
view more: next ›