AssholeDesign @lemmy.world lemmingnosis @lemmy.world 4mo ago

'"Walmartwifi" isn't compatible with iCloud Private Relay' | Store demands privacy sacrifice to use internet in their cavernous dead zone of a building

This is after forcing login to a store account:

At least they don’t hide in their ToS that:

“l agree to let Walmart monitor my use of Walmart WiFi, including to:

Determine my presence in Walmart stores
Associate information about me with my Walmart account
Improve products and services
Gather market insights about my in-store purchases and activities”

But that’s not enough, they need to monitor your internet activity further too.

For further reading, some greatest hits (the section headers on Wiki’s Criticism of Walmart):

Local communities
Allegations of predatory pricing and supplier issues
Labor relations
Poorly run and understaffed stores
No AEDs in stores (automated external defibrillators)
Imports and globalization
Product selection
Taxes
Animal welfare
Midtown Walmart
Opioids settlement

117

117 comments

Nah. Their network their rules. Quit your bitching or use 5g.
- privacy sacrifice to use internet in their cavernous dead zone of a building
  
  It was a worthwhile sacrifice, but I’m definitely gonna name & shame! Wouldn’t touch WiFi if it weren’t a dead zone.
  
  Also gave me a chance to complain about some of their other business practices. (Certainly wouldn’t have shopped there if I hadn’t been asked to this one time.)
  
  I’ve never seen this message before so they seem an outlier even in the greedy corporate world. Enough complaints and every once in a while a business changes their practices. Why not whine a little? 🙂
  
  Every public WiFi is like this. iCloud relay doesn’t work on any airport or airplane WiFi. I need to always turn it off and other ‘hide IP’ settings. I have a Target with a dead zone and I’m sure T&C are the same. I just use it when I need it and don’t auto-connect. Walmart needs precise location to pick up from the app. Sam’s club app needs precise location for checkout form the app. Mcd app needs my precise location to give me deals. I wouldn’t say this is asshole design. Our regulation let them design it this way. I turn off my NextDNS and iCloud relay when I’m having issues and then turn back on. Nothing else you can do about it, apart from not using the WiFi or app, unfortunately.
  
  The privacy community and yourself have become the equivalent of windows UAC. It's tiresome and no sane person with an understanding of technology would ever have the expectation of privacy on a public WiFi network. There are legal and compliance obligations.
- Not entirely sure if this is possible but I'm increasingly suspicious that they started jamming outside networks within their warehouse. Of course it makes sense that mobile data doesn't really work inside a giant steel warehouse, so perhaps it's just confirmation bias, but I can't seem to recall not having any mobile data signal at all until my last walmart visit.
  
  I used to keep to myself and look up the location of the item I was looking for online. If they want me to bother a floor person for it though, doing that is highly preferable to giving walmart my email to sell along with any information they can extrapolate from my usage of their network.
  
  Jamming is incredibly illegal so I doubt that. They probably just have a bad roof for reception.
  
  Also remember hanlon's razor.
  
  Yes, Walmart is committing felonies 🙄
- Lol why is this an opinion? If people want to vpn out of my network I don't give a fuuuuuuuuck. Now if you're raw doggin' that traffic or sucking down the bandwidth don't bitch when I filter or throttle, for sure, but surely you can at least empathize with people wanting to use privacy tools, ya tool.
  
  Our society has so much choice in it. So many options, such as not using the internet at walmart, not going to walmart, etc.
- Would you say the same thing if they intercepted HTTPS connections? Or blocked popular ~~DNS~~ (edit: DNS over HTTPS/TLS) resolvers and required you to use the one advertised in DHCP?
  
  I think if you're going to provide WiFi, just do it and stop spying on me.
  
  The reason they want this is probably so they can tie your Walmart account to your position inside the store. And see which other sites you visit to find a better price, etc.
  
  Yes. Their public network. I have no expectations of any privacy on a public network. This is privacy 101.
- Exactly. "Hey, we're gonna let you use our network. But if you do anything illegal or shady on our network, we'd be held liable. So we're gonna track what you do on our network to make sure if you do try something, we can remove you from the network and have proof."
  
  I mean, yeah, they're also gonna collect advertising data, but do you really expect to have an expectation of privacy when using someone else's network? Just like they can film you in the building, they can monitor your network traffic on their network.
  
  If this surprises you, maybe you should do some more research on how a network actually works. And get a VPN. And maybe don't connect to random public networks(you don't even want to know what OTHER PEOPLE can do to you on those networks, nevermind the company).
  
  Also, you pay for your cellphone service, right? Are you paying for the wifi in the store? Nooooooo. They're giving it to you for free. Almost like they're offering you something in return for that data monitoring. Like they're offering you a service with a built in method to recoup costs... A service you voluntarily use and in doing so, agree to their terms.
  
  Or you, you know, don't use it.
  
  but do you really expect to have an expectation of privacy when using someone else's network
  
  That is kind of the concept behind the internet. A bunch of networks passing packets along, using the same protocol, not asking questions about their content.
  
  Fifteen years ago we had a whole battle and everyone other than the evils at the top were against deep packet inspection. This new generation is a bunch of bootlickers.
  
  Also, you pay for your cellphone service, right? Are you paying for the wifi in the store? Nooooooo.
  
  Yes? Indirectly its baked into the cost of service.
  
  The issue being it seems they block VPNs based on the screenshot. At least that's what I am thinking this iCloud thing is
- THEY DONT EVEN LET ME USE DATA THO! Like they force me to use their wifi while inside the store and I HATE IT. I cant even call my mom cus it just murders any kind of single I had going in there.
LOL, "your communication cannot go through our service that we can monitor, so somebody else might be spying on you, black is white, war is peace, freedom is slavery"
Start giving their store one star reviews and mention this
Please just don’t use public WiFi and if you do, assume that your privacy and security are at risk.
- Or use a vpn if you really must. I’ve noticed that most Walmarts have really bad cellular connectivity and this is probably the reason why
  
  I noticed that also. I would never connect to Walmart's wifi unless it was some kind of communication emergency.
  
  So I just don't use my phone in Walmart and that's fine. Human beings don't require a data feed to survive.
  
  They have bad cell signal because it's a giant steel box, big box stores are basically big shitty Faraday cages.
  
  Instead of offering WiFi why don’t they just set up LTE/5G in store? I once complained to my carrier about terrible reception and they sent me a magic box that takes cellular data, puts it in a VPN tunnel back to the carrier and goes on from there.
  
  I thought these things were pretty normal, or am I missing something?
I don't understand why you would need wifi in a supermarket. What are you doing while shopping that mobile data can't handle?
- Large warehouse type buildings make getting a signal difficult ESPECIALLY in a walmart. I prefer using the app to find items I wouldn't otherwise know where to look.
  
  Yeah, I didn't consider those absurdly large US malls, my bad.
- I use it to pull up a recipe that I’m cooking, If I need to double check a detail. Usually, I have everything on a physical list for practicality.
  
  The issue is large warehouses, like Walmart or Costco or whatever often have bad cell reception, so you might need wifi to reach the internet.
- I primarily use it to look up locations of grocery items.
  
  When I’m looking for a niche item, it’s so much faster to find it in the app than to wonder the store figuring out where it is
- Just pulling down a few KB!
- Compare pricing?
Oh this gives me good reason to find a Walmart. I would love to see how it handles VPNs and it would be a fun game to set up a travel router that can obfuscate the VPN tunnel if needed.
- Using OpenVPN or Wireguard should work because they typically use port 443, which you can't block without killing the internet connection altogether.
  
  Wireguard uses UDP which you definitely can block without breaking HTTPS (just QUIC aka HTTP/3). And its default is port 51820, I believe.
  
  I use the websocket tunnel connection mode in Windscribe for those networks that block VPNs.
  
  Wouldn’t UDP on port 443 still be weird though? I can’t remember whether QUIC and modern HTTP servers serve UDP on that port.
  
  If you use tcp
- I use a VPN just fine inside a Walmart. It's annoying you need a Walmart account now to use it.
- Did I hear evil twin in your plans
Murrica lmao
Offering open wifi for the public is a terrifying thought.
Just set up a cheap squid proxy or an http proxy. They often still work
- A wire guard peer would probably be better
  
  Their ToS requirements don't appear to require traffic sniffing, so a tunnel won't save you. Wi-Fi is a digital signal after all
  
  Tunnel is def a good idea though
Looks to me like you just needed to get through the captive portal and could have turned it back on immediately after.
The irony of using Apple products, thinking "Private" means "private".
- Do you think the advertising company’s phone is more private?
  
  Google doesn’t make money when you buy a Samsung Galaxy. Google tracks everything you do on your Galaxy. They then take this data and sell targeted advertisement at you. Google makes money when they sell you to advertisers.
  
  Apple makes money when you buy an iPhone.
  
  Apple appears to be double dipping. I don't use apple products beyond a MacBook. Why for example the laptop has a unique advertiser id (which looks like it can't even be disabled in newer os versions)?
  
  At least on the advertising company's phone, I have the freedom to install a different, more privacy respecting OS like GrapheneOS.
  
  Google offers an easy to use VPN and bountiful security controls.
  
  So yes. Unless you can point out what your actually talking about instead of vague generalities.
- Bruh, can we not do the whole teasing people who prefer one brand's proprietary OS & interface over another?
  
  Bruh, there's no brand whoring from me here. We're all products. Simmer. Bruh.
- That is true of Android as well.
  
  And remember that while iOS is built by a tech company first and foremost, Android is built by an advertisement company first and foremost.
  
  I have tried both, and only Android gives me the feeling that someone is constantly looking over my shoulder.
  
  I know Apple does also, but I don't get the same feeling.
  
  You pay the premium price to feel better about the same thing.
  
  I recently acquired a used iPad and its my first real iOS experience in a decade, and I have to say I have similar feelings from using it.
  
  Many privacy controls are set to their tightest settings by default, many things require the app to ask the user before intruding then give you clear indication if and when they are intruding, and most controls that I might want to change aren't buried 4 layers deep in the settings.
  
  However, I can't install uBlock Origin on Firefox (yet?) and there's quite a few minor customizations I'd really like to change but can't. And honestly Android's openness to sideloading sometimes lets me do things like load an old paid game that hasn't been updated in several years and sometimes does or doesn't work depending on the Android version and specifics of the vendor's implementation, or snag random stuff off Githubor Itch if I really want to.
  
  only Android gives me the feeling that someone is constantly looking over my shoulder.
  
  Aurora Store instead of Play Store, Firefox with UbO and Adguard DNS. I feel Android does look over my shoulder (why do I need to use ADB to disable uninstallable apps or install pre Android 6 apps?!) but not in the context of privacy. I don't know how having GMS enabled w/o being signed in affects being tracked.
  
  I'm sure your feelings are more accurate than thousands of thousand security researchers trying to make a name for themselves.
  
  This is more "Alexa is spying on me" ignorance and paranoia.
  
  This entire thread...
- How do ya compare incentives of Apple/Cloudflare & the big box store in terms of data privacy?
- I'm surprised by how many people here buy into Apple's marketing. I thought people on Lemmy would be more aware.
  
  Yeah... It's genuinely sad. 🤷🏽‍♂️😅

117 comments