cross-posted from: https://slrpnk.net/post/25779751

The intative promises to be privacy-friendly with no tracking. Stating:

Your privacy is important. The WiFi4EU app ensures a private online experience with no tracking or data collection. Simply connect and enjoy free public Wi-Fi without concerns.

Source: https://digital-strategy.ec.europa.eu/en/policies/wifi4eu-citizens

Will be interesting to see how this spans and plays out in reality. Looks promising too, did a quick scan of their builtin permissions and trackers and looks good too. (Scanning tool is called Exodus)

  • Kazumara@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    1
    ·
    57 minutes ago

    Title is wrong. It’s an old initiative, not even funded anymore. Ran from 2018 to 2020 with 120 Million EUR.

  • PieMePlenty@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    1
    ·
    3 hours ago

    Ahh yes, border free travel… wait a minute, why are the Austrian police on the border here? Wait a minute, why are they stopping us…

  • Arcane2077@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    6
    ·
    edit-2
    4 hours ago

    So, if I live in the EU, what’s stopping me from cancelling my home plan and making the wifi experience worse for everyone?

    • herrvogel@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      2 hours ago

      Limiting the bandwidth use of individual devices is pretty easy, and basically standard procedure for public networks. Even cheap consumer routers that come with ISP subscriptions can do that.

    • Blackmist@feddit.uk
      link
      fedilink
      English
      arrow-up
      29
      ·
      4 hours ago

      The fact that there’s 93k access points and that’s not very many when you consider the size of the EU and the average range and speed of an access point.

  • Kazumara@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    32
    arrow-down
    3
    ·
    8 hours ago

    Well I don’t know if that’s a good use of EU money. I’d rather see investments in large and difficult infrastructure, rail, software, datacenters, industrial sectors we’re currently lacking, grid investments - stuff like that.

    End user internet access is more like thousands of small decentralised projects. The coordination might make it easier to use compared to if everyone did their own free wifi project, but that’s such a small benefit…

    • iglou@programming.dev
      link
      fedilink
      English
      arrow-up
      6
      ·
      edit-2
      2 hours ago

      As always, it’s not like both aren’t possible. As a matter of fact, there is a lot of railway projects ongoing at the same time.l, to only quote one of your examples.

      A government can take care of more than one issue at a time, luckily.

      It may be a small benefit for you (I assume you are german based on your server), but not every european country or citizen has the same access to internet. This is a good initiative, but obviously not primarily intended for the richer citizens/countries of the union.

      • Kazumara@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        59 minutes ago

        I would say it’s a small benefit for anyone. It’s not like people will walk to the town square, or the park or the hospital to use some free EU Wifi.

        The title is also very wrong I found out. It’s not being launched. It’s not even funded any more.

        Wifi4EU ran from 2018 to 2020 with a funding of 120 million EUR. They paid up to 15 thousand EUR for equipment and installation per municipality, the local municipalities had to pay for the internet service and maintenance.

        This is the result: https://wifi4eu.ec.europa.eu/#/list-accesspoints

        Still looks like a pointless exercise to me.

    • Baleine@jlai.lu
      link
      fedilink
      English
      arrow-up
      15
      ·
      7 hours ago

      I’m sure we could invest in all of them and money wouldn’t be the problem.

  • ExLisper@lemmy.curiana.net
    link
    fedilink
    English
    arrow-up
    25
    arrow-down
    1
    ·
    9 hours ago

    I think this is mostly for non-EU tourists. You don’t pay for roaming in EU anymore so you don’t really need WiFi when traveling.

    • ook@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      4
      ·
      4 hours ago

      Well, speak for yourself. I don’t have a running phone contract because I don’t really use my phone much for calling or stick to open WiFi when I need to be online. Just got top-up mobile data for the times when there is no WiFi.

      I definitely do want WiFi when travelling.

    • HiTekRedNek@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      3 hours ago

      If I had this in the US, I’d be cancelling my cellular service entirely, I’d still keep my home service though, to VPN into it for a bit more security when using a public wifi connection.

      I would also just transfer my phone number to one of those cheap voip providers, then just use voip from my phone everywhere.

      • A Wild Mimic appears!@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 hour ago

        you wouldn’t be happy with that. i looked up how the Wifi routers are distributed, and (in Austria at least) small towns have 1-2 routers placed in the municipal buildings they have, servicing the town square. Which means you would have to sit around inside or outside of city hall all day.

      • prole@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        2 hours ago

        Ehhh… I would maybe cancel the data part of my plan, but I dunno how comfortable I would be relying on notoriously spotty and insecure public Wi-Fi services to make or receive phone calls.

        • HiTekRedNek@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 hour ago

          In my case, it’d be fine. I already mainly use data for phone calls, and I also have 2 phones, one of which is work-provided, so I’ll still have communications…

    • TheProtagonist@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      7 hours ago

      Recently mobile phone operators introduced a “fair use policy”, so it’s not really a”roam like at home” anymore, but data volumes can be limited to a fraction of what you are entitled to in your home country.

      This is a point where WiFi might get more important again when traveling.

    • lmuel@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      8 hours ago

      Germans are gonna start getting out their old cantennas or nanostations and point it at the closest hotspot

      Of course I would never do such a thing, being half german, living in Germany. Certainly didn’t live off a nearby restaurants wifi hotspot for almost 2 years.

    • mholiv@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      20
      ·
      edit-2
      7 hours ago

      Classic European flavored racism. Are you aware that you are promoting racism or not? I think mindfulness is key here. People should consider their own internal biases and adjust to help make a better world.

      • Kazumara@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 hours ago

        If Hule wants to make cheapskate Romanian sounds he’s allowed to. It’s his goddamn choice whether he wants to be a cheapskate or not.

      • Honytawk@feddit.nl
        link
        fedilink
        English
        arrow-up
        12
        arrow-down
        1
        ·
        7 hours ago

        Pretty sure they are themselves Romanian.

        Can you even be racist against yourself?

          • Hule@lemmy.world
            link
            fedilink
            English
            arrow-up
            7
            ·
            7 hours ago

            Yes, I live in Romania.

            It was a joke, but also true.

            I don’t see the racist part, but please excuse me if I’ve offended you.

            descurcăreț - someone who makes use of the flaws in rulings. It’s not even a negative term.

  • Zer0_F0x@lemmy.world
    link
    fedilink
    English
    arrow-up
    19
    arrow-down
    2
    ·
    10 hours ago

    Honestly nowadays data plans are cheap on most mobile carriers and they’re obligated to have them work accross EU, so you no longer really need Wi-Fi when traveling.

    Also, I can see this being easily and constantly exploited via Wi-Fi attacks where hackers set up fake Hotspots with the same name as the closest legit one.

        • ChaoticNeutralCzech@feddit.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          4 hours ago

          I have a free 1 MiB/day plan. I only pay €8/year to top up the prepaid SIM. This would be AMAZING in 2005 but now the number of webpages that work on my 2G feature phone via Opera Mini is shrinking. Not to mention, there is no privacy because of the transcoding server. A stock-firmware 4G smartphone would eat through this data in a minute just with background apps calling home.

          With the right software (rooted Android, custom clients, transcoding server at home) one could theoretically get all day of use of text- and sparsely image-based services such as email, RSS, SSH, timetables, Lemmy… I’d need at least a data blocker for backhround apps, a kiB meter in the notification bar and a confirmation pop-up for every transaction above 10 kiB (this can be estimated by content length).

        • loudwhisper@infosec.pub
          link
          fedilink
          English
          arrow-up
          3
          ·
          3 hours ago

          This is not really a common or easy attack, especially for any meaningful service (that is probably in preloaded HSTS lists).

          It’s not like this is the only shared network. In airports millions of people everyday connect to the same network.

  • giacomo@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    52
    arrow-down
    4
    ·
    edit-2
    2 hours ago

    oh dude, they promised to be privacy friendly! maybe I’m just too american to believe in promises.

    • AwesomeLowlander@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      41
      ·
      14 hours ago

      You don’t have to trust them any more than you trust your local Starbucks WiFi. We’re at the point where your traffic should no longer be vulnerable just because you’re on the wrong WiFi network.

      • prole@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 hour ago

        You don’t have to trust them any more than you trust your local Starbucks WiFi

        I don’t really trust that either

        • hisao@ani.social
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 hour ago

          How do we know intelligence agencies are not in collusion with certificate authorities though? What if they actually have access to ROOT CA private keys and can just automatically strip https from most of the traffic in their mass surveillance software? This is something I found with a very quick search: https://en.wikipedia.org/wiki/DigiNotar

      • shalafi@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        11 hours ago

        I feel like the OP you’re responding to. Explain how I should be comfortable? The idea creeps me out, but I admit I haven’t delved into security for a few years.

        • Ontimp@feddit.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 hours ago

          What the others said. If you want a practical example of this working, have a look at eduroam. It’s the joint WiFi of all European universities and I cannot recall that there ever were any privacy issues.

        • neukenindekeuken@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          3
          ·
          4 hours ago

          Every site uses HTTPS which encrypts your data in transit. Even if they sniff the packets, they would spend literal decades trying to decrypt it.

          Just be wary of visiting sites or sending traffic not over HTTPS. Its rare, but it does happen.

        • Saik0@lemmy.saik0.com
          link
          fedilink
          English
          arrow-up
          21
          ·
          10 hours ago

          HTTPS is used on virtually every site out there these days. That is used to encrypt your traffic from the get go. So specifics of the traffic/request won’t be obvious/known. The EU could be big enough to force manufacturers to inject their certificates into devices… could be a man in the middle attack. But you can always just remove certs you don’t trust from your devices.

          DNS by default is often plaintext. You can setup your device to use DoH or other encrypted versions of DNS.

          That leaves just the raw connection analysis… eg, that your device is sending traffic to some known IP… many site share hosts so that can be hard to determine though often not really… Proxy or VPN services can make it impossible to do this type of analysis… but then those services will be able to tell.

          Ultimately being able to say that “Shalafi sent some packets to an IP that google owns and received a bunch back” could be email… could be youtube… could be any number of things… at some point it become educated guess at best. And what specifically happened (ex: Watched a video about tying shoes) is simply unknown. It would take a bunch of external additional data to actually tie you to anything directly, eg server logs or other sources… which usually means more than one party is already working together against you. At that point you’ve got bigger issues usually.

        • AwesomeLowlander@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          8
          ·
          10 hours ago

          You don’t HAVE to be comfortable. But if you use any sort of public WiFi, this is no riskier than any of those networks. They can grab some metadata unless you use a VPN, but likely less than what your ISP already has on you anyway. Basically, there’s no reason this should be putting up any major red flags. We’re past the days when a malicious access point could MitM most connections due to lack of encryption.

      • 8fingerlouie@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        2
        ·
        9 hours ago

        My traffic is not vulnerable, but my device might be.

        When you connect to public WiFi, you also share it with others, and maybe someone on that network wants to test out their new hacker skills ?

        Maybe not as much of a problem for phones, but that juicy developer laptop running unauthenticated MongoDB with a dump of the production database… yup, that now “mine”.

        Ideally all those services should be listening on 127.0.0.1 / ::1, but everybody makes mistakes. Maybe the service comes preconfigured to listen on 0.0.0.0.

        • loudwhisper@infosec.pub
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          1 hour ago

          Someone runs MongoDB unauthenticated, bound on 0.0.0.0 with production data, on a computer without a VPN, and the problem is the WiFi?

          Like I get what you are saying, but this sounds like saying that we should ban speedbumps because imagine there is a guy with a loaded gun pointed at a kid with no safe, finger on the trigger, and high on coke, if the car hits the speedbump the toddler is gone. Yeah, but I would hardly say the speedump is the issue.

        • Honytawk@feddit.nl
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          7 hours ago

          Just keep your firewall set to public network and you will most likely be fine.

          Anything can be hacked, even on your private home network.

          • 8fingerlouie@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            2
            ·
            7 hours ago

            Again, people make mistakes, so they may think the firewall is on, but that one time 3 weeks ago when they were debugging something and they turned off the firewall for it, yeah, we never got around to enabling it again.

            Also, my home network is a lot more secure by default than shared public WiFi. At home I have decent control over who and what connects. Sure, people could in theory crack my WiFi password, but the risk of that is low compared to sitting on public WiFi.

            • AwesomeLowlander@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              1
              ·
              3 hours ago

              Nothing we can do to prevent that, unless we want to turn all laptops into walled gardens. PEBKAC is not the fault of the WiFi network.

    • Bloomcole@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      9 hours ago

      The EU is almost just as bad, I know the bar is high compared to the US, but still.

      • Honytawk@feddit.nl
        link
        fedilink
        English
        arrow-up
        8
        arrow-down
        3
        ·
        7 hours ago

        There are tons of things the EU is doing well, dude.

        From resisting the technocapitalist rethoric of the US, to standing up against imperial bullies like Russia.

        I’m not saying it is perfect, nothing is. But sometimes it feels like the EU is the only reasonable beacon in a sea of corruption.

        • Bloomcole@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          3
          ·
          7 hours ago

          LOL ‘dude’
          The EU just bent over to get fucked by US tarrifs.
          They shouldn’t worry about Russia as much as they should about US imperialism that causes all the trouble.
          But these sell outs will gladly suffer as good obedient vasals. 🤡

        • qweertz (they/she)@programming.dev
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          7 hours ago

          The EU only cares about blocking the private sector from getting their citizen’s data. They actively harm privacy when it’s about government access

  • hisao@ani.social
    link
    fedilink
    English
    arrow-up
    89
    arrow-down
    1
    ·
    edit-2
    17 hours ago

    It’s mind-blowing how at the same time some EU government guys pushing stuff like DSA while other do something like this (which is nice, and a complete opposite, if it’s not honeypot anyways).

      • hisao@ani.social
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        2 hours ago

        They tried to push it to the point of stripping encryption from internet altogether and when that didn’t work they tried demanding chat apps to be able to scan people messages before they send them. Maybe I’m confusing multiple entirely different things here, but I kinda heard that mostly with the abbreviation DSA flying around so I assumed it was sorta umbrella for all those things.

      • rmuk@feddit.uk
        link
        fedilink
        English
        arrow-up
        6
        ·
        5 hours ago

        Yeah, of all the things to criticise the EU for the DSA is a bizarre pick. Challenging techbro dominance with simple and technically-sensible demands on the gatekeepers is a win for the average person in my book.

    • Bloomcole@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      9 hours ago

      Indeed from their history of constantly wanting more control and invasive measures, always sold in the name of security, protection of minors, etc… I’m highly sceptical and always asume the worst.

      • PonyOfWar@pawb.social
        link
        fedilink
        English
        arrow-up
        4
        ·
        9 hours ago

        But those are all publicly available pieces of legislation. It’s quite a leap to go from that to just assuming they’ll secretly and illegally spy on you through public wifi networks, without any law allowing them to do so. Besides, if they have no problem doing that, why would internet through your European ISP be any safer?

        • Bloomcole@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          edit-2
          3 hours ago

          Never said the rest is safer, doesn’t mean they are ‘privacy friendly’, they aren’t.

          It’s quite a leap to go from that to just assuming they’ll secretly and illegally spy on you

          Plenty of stuff like this or this or this

          And they did as much against Pegasus as they do against israel.
          Some words and recommendations.

          22 EU clients, at least, have acquired it.
          quite a leap to go from that to just assuming they will not spy on you as a collective, more than is already ‘publicly available’.
          Organisations that spy usually don’t advertise their practices.

  • REDACTED@infosec.pub
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    8
    ·
    5 hours ago

    This seems a bit wasteful. Everyone already has a phone with network connection, most having infinite data, and statistics are rapidly improving. I don’t remember the last time I had to use public wifi, feels a bit outdated and insecure.

    • iglou@programming.dev
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      2 hours ago

      Just because you have the option and can afford it does not mean every european citizen can have it or afford it.

      EU policies aren’t just for the privileged.

    • brennesel@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 hours ago

      most having infinite data

      That’s a bold claim. Do you have some official figures to back that up? Where I live, I don’t know of anyone with truly unlimited mobile internet.

      The cheaper unlimited tariffs cost around €30, but have at least one of the following restrictions:

      • Speed limit after x volume used
      • Poor network coverage
      • <15MBit/s speed
      • Significantly increased costs after 2 years of contract term
      • Cancellation by provider if consumption is too high
      • only a few Gb at full speed included in EU roaming

      Genuine unlimited contracts with stable network coverage and 300 Mbit/s usually cost around €80-100 per month here. And unlimited EU roaming is still not included by default.

      • xav@programming.dev
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 hours ago

        Here in France we have “Free” (which is not free, costs 20€/month) which is not unlimited but something like 250GB/month last time I looked, and frequently increasing. I never ran out of data.

      • REDACTED@infosec.pub
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        6
        ·
        3 hours ago

        What do you mean by this? It’s literally a thing. As soon as I cross a country border, I even get a message saying “Keep enjoying unlimited data abroad”, while torrenting nearly terabyte a month. Paying 26€ per month.

            • AwesomeLowlander@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              3
              ·
              2 hours ago
              1. Not everybody in the EU is living in the EU.
              2. I didn’t mention roaming. Not everybody has the same unlimited data for cheap package
              3. From my understanding, the no-roaming charge law is being ignored pretty widely, in spirit if not in letter (different quota if at home vs roaming).
            • iglou@programming.dev
              link
              fedilink
              English
              arrow-up
              2
              ·
              2 hours ago

              Not charging roaming does not mean that your unlimited plan carries over abroad. It just means you can’t be charged more for using your plan abroad.

              It is still legal and widely done to have different limits abroad vs domestic.

            • PlutoniumAcid@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              ·
              2 hours ago

              They don’t charge roaming, but they are allowed to sell limited-data plans. Those plans are also limited abroad. This is okay.

              Sure you can get unlimited plans but they axe extremely expensive and not worth it for normal people. I don’t stream terabytes on my phone. I use my unlimited home DSL for that.

            • Rbnsft@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              2 hours ago

              Roaming not but there might not be the same price and package somehwere Else in the EU…

  • Mac@mander.xyz
    link
    fedilink
    English
    arrow-up
    18
    arrow-down
    3
    ·
    14 hours ago

    Damn, this is so cool.
    We could have had this in the States too, but, well, you all know.

      • Mac@mander.xyz
        link
        fedilink
        English
        arrow-up
        12
        arrow-down
        1
        ·
        11 hours ago

        Surely that’s unrelated to the billions of dollars that the telecom companies stole from the taxpayer after promising to build out infrastructure?

      • Glitchvid@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        11 hours ago

        Ironically enough there’s basically a private version of this through Comcast turning their rented CPEs into their own unlicensed wifi mesh, they call it WiFi Pass – they at least have the courtesy to give it to you gratis if you’re already paying for residential service.

    • Bloomcole@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      6
      ·
      9 hours ago

      It shows you are american and not familiar with the EU.
      ‘privacy friendly’ is a euphemistic PR term, not unlike making the horrible Patriot Act worse and renaming it the ‘Freedom Act’.

      • sem@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        2
        ·
        5 hours ago

        Do you have other examples? I am really curious when they said privacy friendly and ended up snooping.

        • Bloomcole@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          3 hours ago

          I’ll copy my answer to an EU fanboy:

          Never said the rest is safer, doesn’t mean they are ‘privacy friendly’, they aren’t.

          It’s quite a leap to go from that to just assuming they’ll secretly and illegally spy on you
          

          Plenty of stuff like this or this or this

          And they did as much against Pegasus as they do against israel. Some words and recommendations.

          22 EU clients, at least, have acquired it. quite a leap to go from that to just assuming they will not spy on you as a collective, more than is already ‘publicly available’. Organisations that spy usually don’t advertise their practices.

  • Kokesh@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    8
    ·
    9 hours ago

    No taking on EU -run wifi? Those f’rs want to read our private encrypted chats. Why would anyone connect to this?

      • Kokesh@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        3
        ·
        8 hours ago

        They want to be able to read all the communications. So whether you transport your data via https or not has nothing to do with this.

        • ExLisper@lemmy.curiana.net
          link
          fedilink
          English
          arrow-up
          9
          ·
          8 hours ago
          • Not all internet traffic is chats

          • If they have backdoor access to chats it doesn’t matter if you use their WiFi or not.

          • Valmond@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            7 hours ago

            To be fair (op seems tech illiterate but he might have a point) you could track MAC addresses. My phone randomise my MAC but maybe every phone doesn’t ?

            • ExLisper@lemmy.curiana.net
              link
              fedilink
              English
              arrow-up
              1
              ·
              7 hours ago

              What will tracking MACs give them? They will now that such and such MAC address connected to such and such WiFi router. What will they do with it? What is the risk here?

            • DreamlandLividity@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              7 hours ago

              I wouldn’t be concern about the MAC addresses but about the app mentioned in the article. Why do you need an app for this? What data will it collect about you?