Wikipedia:Reference desk/Archives/Computing/2022 January 3

Computing desk
< January 2	<< Dec | January | Feb >>	Current desk >

Welcome to the Wikipedia Computing Reference Desk Archives
The page you are currently viewing is a transcluded archive page. While you can leave answers for any questions shown below, please ask new questions on one of the current reference desk pages.

January 3

Does LineageOS broadcast known SSIDs?

According to Wi-Fi PrivacyPolice from 2017, Android devices ask for all the SSIDs they know whenever they try to connect to any Wifi network. This can be used to profile devices. Wi-Fi PrivacyPolice limited this behavior. Since the app is no longer developed, I wonder if modern Android systems, LineageOS especially, still broadcast their known SSIDs. Can you tell me? Thanks. — Preceding unsigned comment added by Error (talk • contribs) 00:11, 3 January 2022 (UTC)[reply]

From what I read in discussions like [1] [2], from stock Android 9, Android will only broadcast the SSID of any hotspots specifically marked as hidden. I have no idea if this feature is present in LineageOS. You can probably check and see if you have the option to mark a hotspot as hidden. While this doesn't guarantee it's not broadcasting other SSIDs, it probably a lot less likely. Note that this setting may only be shown when adding a hotspot, it's possible you might not be able to change an existing SSID [3] [4].

If you don't have the option, then your device may be broadcasting all SSIDs, or maybe it just doesn't support hidden networks, if you have sufficient control over a hotspot you could make it hidden and see if your device can auto connect to it. (My EMUI 11 Huawei device which is based on Android 10 doesn't seem to have an option for hidden networks. I suspect it just always broadcasts SSIDs or at least of manually added ones, but I haven't checked.) Of course you could also use a scanner device to see exactly what your device is broadcasting.

Note if you do want to connect to a hidden network, AFAIK there is no way to do so without broadcasting its SSID. You should ask the operator of the SSID to reconsider hiding the SSID, outside of a few specific use cases where it may make sense (and not really for security), it's generally considered a dumb idea which doesn't actually help anything. If you can't convince the operator to disable hiding the SSID, you could disable auto connecting to the hotspot and manually connect when you know it's nearby. (I mean technically your device could decide whether to broadcast based on its known location but I think this is too much work for something that is fairly silly that it's unlikely it'll be a stock feature in a major device.)

Since Android 10, stock Android also has MAC address randomisation on by default [5]. If you're using MAC address randomisation for the SSID, any devices paying attention to what is being broadcast will know a device is looking for those SSIDs, it won't know which device, although if the specific set of SSIDs is unique enough it might be enough to guess it's the same device everytime it appears.

Nil Einne (talk) 07:10, 3 January 2022 (UTC)[reply]

I finally realized that the option to mark a hotspot as hidden is not visible for visible hotspots, it appears when I add a new one starting from scratch. I also hid my router and the LineageOS device could not connect to it. After reading your links, I understand that LineageOS is not broadcasting all the hotspots I ever connected to. Thanks. --Error (talk) 23:25, 3 January 2022 (UTC)[reply]

Domain name privacy

According to this article from 2005[6] and this 2020 blog post[7] anyone using a .us domain name must publicly post their street address, phone number, and email address.

Has anyone challenged this in court? Is that 2005 article still valid? There are deaf people who have no phone. There are homeless people who access the Internet through a library computer but don't have a mailing address or who get mail from a PO box or a friend. There are people who live in recreational vehicles and get their mail through general delivery. There are people who are hiding from stalkers. Are these people really not allowed to own a .us domain? 05:43, 3 January 2022 (UTC)2600:1700:D0A0:21B0:3D1A:8C93:93FF:7F53 (talk)

What the article actually says is "People who own Internet addresses ending in .us", not "anyone using a .us domain name". Just like the owners of a company, the owner presumably needs to be traceable for legal reasons, e.g. if they owe money or are doing something illegal. It doesn't have to be their private address.--Shantavira|^{feed me} 11:20, 3 January 2022 (UTC)[reply]

...because nobody has ever done anything illegal using a .com address, right? Nothing about .com private proxy registration prevents law enforcement from getting the information it needs. Registrars place the true contact information for domain owners in an escrow account, which law enforcement officials can obtain with a subpoena. See Domain Owners Lose Privacy.

So are you suggesting that our homeless person logging in at a library tell a lie and claim to be a corporation? Or are you suggesting that they create a corporation just to be able to own a .us domain name? Is it even possible to create a corporation when the person who owns it is homeless and has no telephone number or mailing address?

From https://v2.about.us/faqs

"The usTLD has an ongoing interest in ensuring that its top-level domain is administered in a secure manner and that the information contained within the authoritative database is reliable, accurate, and up-to date. One of the mechanisms to ensure the integrity of the .US namespace is the through the collection of true registrant information. The usTLD Registry employs an algorithm to detect the inadvertent or intentional registration of proxy, anonymous and/or private domain name registrations, and enforces a registrar’s obligation to not offer such services to .US domain name registrants."

The "information contained within the authoritative [WHOIS] database" includes listing whether you are an individual or a corporation, and your legal name name, postal address, e-mail address, voice telephone number, and (where available) fax number.[8] 12:29, 3 January 2022 (UTC)2600:1700:D0A0:21B0:C9B4:16C8:BA00:32B7 (talk)

The whois info for library.arlingtonva.us gives the organization as "Registry Services, LLC", that is, GoDaddy. So it is the info of the domain name's registrar, not its owner's. I don't think registrars generally require a street address, but they'll need a way to establish contact with the owner. Confronted with a law enforcement request, they'll most likely disclose the information they have to the requesting agency.  --Lambiam 13:54, 3 January 2022 (UTC)[reply]

Look at the .us rules carefully. They have different requirements for organizations and individuals. 22:35, 3 January 2022 (UTC)2600:1700:D0A0:21B0:C9B4:16C8:BA00:32B7 (talk)

As far as I could figure out the requirement has not yet been challenged in court, which may be due to its not being actively enforced, but also to it not being as stringent as suggested. I see no requirement that the "true" contact information contain a street address or an email address that is exclusively of the (hopeful) owner of the domain name. Also, although the First Amendment protects the right to anonymous speech, one may find it difficult to obtain legal recourse against a violation of that right while remaining anonymous.  --Lambiam 14:27, 3 January 2022 (UTC)[reply]

Why would people who are homeless or hiding want a domain name? Unless things are very different in the USA from the UK you would only need your own domain if you were setting up a website, email is delivered through your ISP. Martin of Sheffield (talk) 14:48, 3 January 2022 (UTC)[reply]

There are many fine things one can do with one's own website. It's a dignifying and humanizing thing for a person to have, and potentially an escape from persecution or from whatever meatspace complexities are denying that person a proper home.  Card Zero  (talk) 15:02, 3 January 2022 (UTC)[reply]

Martin of Sheffield, please try to imagine what it is like being poor and homeless. You were able to barely scrape together the funds for a cheap domain name and hosting, but "your phone" is a payphone at the shelter, "your ISP" is one of the public computers at the library, and your home address is "under a bridge". You have no ISP to give you an email address. You could sign up for a free email address from gmail, but they require that you receive a text message on your cell phone before they give you the email account.

None of the above matters for a .com website. You can set up everything on that library computer, and you can use it to create your website. You might even make a small profit if what you write is interesting enough to get visitors and generate ad revenue.

But you notice that yourname.us is available but yourname.com is taken. Too bad! You aren't allowed to have a .us website because you are homeless.

Now imagine that you are an abused woman who isn't particularly keen on the idea of publishing your street address and phone number where your abuser can find it. Again, yourname.us is available but yourname.com is taken. Sucks to be you - you cant have a .us website.

What is especially infuriating is that this is a United States government agency doing this. The Supreme Court has ruled repeatedly that the right to anonymous free speech is protected by the First Amendment. See https://www.eff.org/issues/anonymity

But back to my original question; is anyone challenging this in court? 22:35, 3 January 2022 (UTC)2600:1700:D0A0:21B0:C9B4:16C8:BA00:32B7 (talk)

The .com would be obscenely expensive compared to the .us, which might be a more immediate consideration: and if I wanted to undermine the whole question, (which I don't really,) I might suggest that an obscure TLD such as .space, .info or .party would be even more economical, and would presumably permit anonymity (except from authorities). Certainly domains like .is or .ro would. However, sticking to the point: I don't know.  Card Zero  (talk) 01:41, 4 January 2022 (UTC)[reply]

I think you'll find it a lot more difficult to find a registrar who lets you get a .com domain without any email address than you seem to think Nil Einne (talk) 05:14, 5 January 2022 (UTC)[reply]

To initiate a lawsuit you need an injured party. Have there been instances of refusals based on the lack of a street address or whatever the precise requirements are?  --Lambiam 23:48, 5 January 2022 (UTC)[reply]

Problem with Thunderbird

Hi there, I have this Thunderbird email browser in my computer. It serves as a dumping ground because I placed there a single email account, Microsoft account that ends as ****@live.com. I give this email address to people and organizations that I know will dump a lot of spam in this account that I will never read. I have a password for this account stored in my reliable database.

A day or two ago I noticed that the password does not work. Thunderbird is a weird system. That password is needed to sign in and apparently for this purpose my password is stored in the Thunderbird itself and used internally. My God, then why the Thunderbird needs a password at all? Once my password that the system stored in itself many years ago when I first downloaded and installed the Thunderbird, failed (first time yesterday) it gives me a window with my masked password and with a note that my password has failed and I need to either try it again (can you imagine that? It has already failed and the PW was provided by the Thunderbird itself!) or provide a new PW or Cancel. You have to Cancel twice for this window to disappear.

There is no PW recovery mechanism. At least I cannot find any. What shall I do? Delete and reinstall the Thunderbird. I have a hundred incoming emails waiting for me to take a look at least at their headings. Of course it is all Viagra type messages but still I what to know what they are.

Also I want to know how I can increase the size of the font for "Editing Wikipedia Reference Desk" or, simpler saying, for typing any messages to you. I barely see what I am typing at my age which is quite advance. Thanks AboutFace 22 (talk) 14:55, 3 January 2022 (UTC)[reply]

I have been using Thunderbird for several decades, and as far as I know, it does not require a password to use it. Of course, it does require you to enter the password for the SMTP or POP email server that you are trying to access. If I understand your situation correctly, in your case that would be your live.com account. You could try going to https://account.live.com/acsr to reset your password. CodeTalker (talk) 18:14, 3 January 2022 (UTC)[reply]

A word of warning about Thunderbird. They have recently withdrawn support for local mail delivery on *nix machines which has upset many people running both small systems and supercomputers. After around 2 decades I've had to look for alternatives. Evolution still gives this support and may be a safer bet. See bugzilla for details. Martin of Sheffield (talk) 20:13, 3 January 2022 (UTC)[reply]

Many thanks to both of you. Great suggestions! AboutFace 22 (talk) 01:53, 4 January 2022 (UTC)[reply]

In case you haven't solved it yet, the cause of this is that Thunderbird can't connect to your Live.com account. Either the password has been changed (live.com may have disabled/deleted your account!) or live.com changed something in their sign-in mechanism, like requiring OAUTH or requiring a second password for non-webmail logins (Gmail does this). Usually logging in to your webmail and then re-entering the correct password in Thunderbird (and completing any extra login windows that might popup) will solve the problem.

Do not delete Thunderbird before backing up its storage folder in %AppData%\Roaming because you might lose all your saved e-mails. If your live.com account was deleted then what you have on your PC is the only copy (this is why I refuse to use webmail BTW).

Regarding the font size, in Pale Moon and presumably other Firefox-based browsers you can go to Preferences > Content and change default font size. Default monospace font size is under "Advanced...". 78.1.180.112 (talk) 12:17, 5 January 2022 (UTC)[reply]