Re: [Captive-portals] Any other existing detection methods?
Dan Wing <danwing@gmail.com> Mon, 01 April 2019 21:42 UTC
Return-Path: <danwing@gmail.com>
X-Original-To: captive-portals@ietfa.amsl.com
Delivered-To: captive-portals@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55C3912001B for <captive-portals@ietfa.amsl.com>; Mon, 1 Apr 2019 14:42:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jdm0f7VWjDiX for <captive-portals@ietfa.amsl.com>; Mon, 1 Apr 2019 14:42:17 -0700 (PDT)
Received: from mail-pl1-x633.google.com (mail-pl1-x633.google.com [IPv6:2607:f8b0:4864:20::633]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24F3A12000E for <captive-portals@ietf.org>; Mon, 1 Apr 2019 14:42:17 -0700 (PDT)
Received: by mail-pl1-x633.google.com with SMTP id ck15so3931485plb.3 for <captive-portals@ietf.org>; Mon, 01 Apr 2019 14:42:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=K2KfcO+IdOxFHbXaBRieXwnX65X6R+8KaJcmBj+nPOA=; b=rquRfOV98tMI8Uau5eviHGIOb1Ny6wnzEm2ZYP6QAJ7KFNyabiRX/kYli/XXqCIja7 pF/ORCHO4e5+FhZt/Pm42rPB7O5JLt+w5E4q+FYyjvpSZ8wDF0NDe1RXuXZhAlYKwXVi OWKuQilTrmjXI5/oeFE98rD2T133TyQCKMSLJuplA7mfCO1XgXFLLjrqOcCqEZZSHQK1 7JLgMQ9HFw25ehEd4M8cTy9H2xaes++a92+xMWPNY6HnfEqtAtw7FdrmGhyE/OEyAhBc 349BkQk7nOWxtevREhdKCHBA6THhVRzyO9kvc2vl+YS6e+fIb2+mQmcmEB9kE1aMc4CS 2I7w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=K2KfcO+IdOxFHbXaBRieXwnX65X6R+8KaJcmBj+nPOA=; b=cxA1JZtbNp+a3k6iU2bSdZG6UDAQpkJ48qglg8GfDrwlWokS3lDWG/jIkWyk9dTOda wZuCOJGM2Yehjf0Wa+7IeF6aV7yco90reXoyw/XbuwlhNKB6XlFZ716oM7eD9NzENFa0 ZLkgXYAdtLMivCPL29KmTB6e3iNbORo2IiuyIy8SvUQGAhqzokaLvnkTiwyJhRuT0Fat lqrVwqUragxhjvYOvf2K2t/ZKbnzFtS3WEoqxjpEZMGYc0MklKIATQgMjDY23dHrywpY zug813oeoJepezZMZSiPgPzTmcY6G1WWoEl/0Pra6k+GONQiHXJv/ZP4Fd5utGz1acQX J9ZA==
X-Gm-Message-State: APjAAAWQTrSumqhghU0UFKjCMfn2h1WeuMJp6lS5hKW5lc6G576EmXlw WRS2Q9AlROkYcHjtCwxRV0A=
X-Google-Smtp-Source: APXvYqzz0qzdlRQn4z8fUiHQLCC2ys7nT2I2BwsRBNpRb7vNf+fgCDrLc/Xgg2i4xRcRwEMMkb8SaQ==
X-Received: by 2002:a17:902:2bc9:: with SMTP id l67mr66253116plb.102.1554154936441; Mon, 01 Apr 2019 14:42:16 -0700 (PDT)
Received: from sjcldanwi.lan ([75.111.84.113]) by smtp.gmail.com with ESMTPSA id j24sm16110776pgl.58.2019.04.01.14.42.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 01 Apr 2019 14:42:15 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
From: Dan Wing <danwing@gmail.com>
In-Reply-To: <fc21fb49-1408-9169-6c71-dc57c273b824@gmail.com>
Date: Mon, 01 Apr 2019 14:42:14 -0700
Cc: captive-portals@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <221D6FA1-BBE6-4954-80D6-B3B549079A1F@gmail.com>
References: <fc21fb49-1408-9169-6c71-dc57c273b824@gmail.com>
To: Thomas Peterson <hidinginthebbc@gmail.com>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/5qLUCEwGhd-vOt6ZaeWv9boijVk>
Subject: Re: [Captive-portals] Any other existing detection methods?
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2019 21:42:19 -0000
Text in the PR is unclear if it intends to be normative ("This check should not be secured with TLS") or is discussing why TLS isn't used. In my view, the hostname mismatch is a strong indicator the captive portal is intercepting the connection; in fact, that's exactly what my mail user agent complains about when my OS fails to detect the captive portal. This failure occurs because captive portals purposefully return the "expected text", in order to fool the OS into displaying a WiFi "connected" indicator (the "pie") in the hopes the user will launch a non-restricted browser and view an un-encrypted HTTP page. Which is a faint hope in 2019 with nearly every page being HTTPS and with non-browser applications that may launch first (e.g., mail user agent, Facebook, Instagram, WhatsApp, etc.).
-d
> On Apr 1, 2019, at 8:52 AM, Thomas Peterson <hidinginthebbc@gmail.com> wrote:
>
> A recent pull request[0] for the architecture document contains a new appendix describing known methods devices may use to detect a captive portal. Two of the ways I have found are DNS and HTTP based.
>
> Are the any other means that clients use to detect captive portal presence besides what I have described? Wikipedia lists ICMP redirect[1] as a means, but I have been unable to find documentation from a vendor to support this.
>
>
> Regards
>
>
> 0: https://github.com/capport-wg/architecture/pull/26
>
> 1: https://en.wikipedia.org/wiki/Captive_portal#ICMP_redirect
>
> _______________________________________________
> Captive-portals mailing list
> Captive-portals@ietf.org
> https://www.ietf.org/mailman/listinfo/captive-portals
- [Captive-portals] Any other existing detection me… Thomas Peterson
- Re: [Captive-portals] Any other existing detectio… Dan Wing
- Re: [Captive-portals] Any other existing detectio… Thomas Peterson