This is after forcing login to a store account:
At least they don’t hide in their ToS that:
“l agree to let Walmart monitor my use of Walmart WiFi, including to:
- Determine my presence in Walmart stores
- Associate information about me with my Walmart account
- Improve products and services
- Gather market insights about my in-store purchases and activities”
But that’s not enough, they need to monitor your internet activity further too.
For further reading, some greatest hits (the section headers on Wiki’s Criticism of Walmart):
- Local communities
- Allegations of predatory pricing and supplier issues
- Labor relations
- Poorly run and understaffed stores
- No AEDs in stores (automated external defibrillators)
- Imports and globalization
- Product selection
- Taxes
- Animal welfare
- Midtown Walmart
- Opioids settlement
Nah. Their network their rules. Quit your bitching or use 5g.
privacy sacrifice to use internet in their cavernous dead zone of a building
It was a worthwhile sacrifice, but I’m definitely gonna name & shame! Wouldn’t touch WiFi if it weren’t a dead zone.
Also gave me a chance to complain about some of their other business practices. (Certainly wouldn’t have shopped there if I hadn’t been asked to this one time.)
I’ve never seen this message before so they seem an outlier even in the greedy corporate world. Enough complaints and every once in a while a business changes their practices. Why not whine a little? 🙂
Every public WiFi is like this. iCloud relay doesn’t work on any airport or airplane WiFi. I need to always turn it off and other ‘hide IP’ settings. I have a Target with a dead zone and I’m sure T&C are the same. I just use it when I need it and don’t auto-connect. Walmart needs precise location to pick up from the app. Sam’s club app needs precise location for checkout form the app. Mcd app needs my precise location to give me deals. I wouldn’t say this is asshole design. Our regulation let them design it this way. I turn off my NextDNS and iCloud relay when I’m having issues and then turn back on. Nothing else you can do about it, apart from not using the WiFi or app, unfortunately.
The privacy community and yourself have become the equivalent of windows UAC. It’s tiresome and no sane person with an understanding of technology would ever have the expectation of privacy on a public WiFi network. There are legal and compliance obligations.
Dude, I understand technolgy enough to know that when I use the HTTPS protocol, I have privacy on my packets.
You keep trying to associate the expectation of privacy with a lack of technical knowledge, but I have technical knowledge and you’re wrong.
Why because you know what https means?
It’s the legal and compliance part the downvotes don’t understand.
As a business, I would never operate an open-to-the-public network. The liability is too great.
And what y’all legal and compliance people don’t understand is that we make the rules. Life is not just about complying with rules. It’s about making them too.
How is allowing people to use a VPN a legal/compliance issue? If anything the traffic is exiting to the internet elsewhere and because it’s encrypted you can’t see what’s happening, essentially offloading responsibility to someone else while still providing access.
complaining about a lack of privacy on a public wifi node is like complaining that people are perverts for looking at your genitals when you run down the street naked.
More like “calling your neighbor a pervert when they offer you a place to shower when yours is out and you find out they’re taking videos” but okay
No, cause you have an expectation of privacy in a shower. You don’t have an expectation of privacy in public.
No reasonable person has an expectation of privacy on a public wifi, hell most people wont even connect to a public wifi because they dont want to take the unnecessary risk. Especially with a public wifi provided by such stellar companies like Walmart.
Which is why the entire argument is as stupid as getting angry at people looking at your junk when you’re running around naked in public.
I have an expectation of privacy in my motor home when showering, even if I’m using water that’s coming from some private entity’s pipes.
Just the same way that on my own phone I have an expectation of privacy, even if I’m using connectivity coming from some private entity’s pipes.
It’s more like calling your neighbor a pervert when they force you to undress in front of them prior to showering, or force you to go out naked in public. There’s no legitimate reason to block vpn tools aside from bathwidth or tracking issues, the former can be handled by QoS and the latter isn’t an issue unless you’re using your “free Wi-Fi” to harvest data.
Removed by mod
More like calling them perverts when they tell you that you can’t come into their store with your clothes on.
Not entirely sure if this is possible but I’m increasingly suspicious that they started jamming outside networks within their warehouse. Of course it makes sense that mobile data doesn’t really work inside a giant steel warehouse, so perhaps it’s just confirmation bias, but I can’t seem to recall not having any mobile data signal at all until my last walmart visit.
I used to keep to myself and look up the location of the item I was looking for online. If they want me to bother a floor person for it though, doing that is highly preferable to giving walmart my email to sell along with any information they can extrapolate from my usage of their network.
Jamming is incredibly illegal so I doubt that. They probably just have a bad roof for reception.
Also remember hanlon’s razor.
Multiple big-box stores in my area have poor cell reception in-house. I blame the giant metal roof overhead, which is probably acting like some kind of Faraday cage or RF filter.
Yes, Walmart is committing felonies 🙄
Excuse me for not knowing the precise legal landscape involved in covertly blocking the use of outside networks inside of a private warehouse department store
For future reference, jamming radio equipment is illegal essentially everywhere on earth because it’s banned by the ITU rules, which every country on earth has adopted with the sole exception of Palau. Palau isn’t an exception here though, because they’ve also also adopted those rules in a roundabout “not-actually-joining the ITU” way.
Lol why is this an opinion? If people want to vpn out of my network I don’t give a fuuuuuuuuck. Now if you’re raw doggin’ that traffic or sucking down the bandwidth don’t bitch when I filter or throttle, for sure, but surely you can at least empathize with people wanting to use privacy tools, ya tool.
Our society has so much choice in it. So many options, such as not using the internet at walmart, not going to walmart, etc.
Ah, the falicy of choice. A very privileged position to have. I hope you continue to have the privilege to have such choice, but I also hope you develop the empathy to see the disparity in removing it from others.
Would you say the same thing if they intercepted HTTPS connections? Or blocked popular
DNS(edit: DNS over HTTPS/TLS) resolvers and required you to use the one advertised in DHCP?I think if you’re going to provide WiFi, just do it and stop spying on me.
The reason they want this is probably so they can tie your Walmart account to your position inside the store. And see which other sites you visit to find a better price, etc.
Yes. Their public network. I have no expectations of any privacy on a public network. This is privacy 101.
You’re conflating the individual practice of having a pessimistic threat model with a corporation’s entitlement to behave badly.
Of course I assume the worst from Walmart or any other public network — I just think they should have some class and provide a public good to their customers without creepy privacy invasion. Somehow they manage to provide free water in fountains without requiring me to scan my driver’s license.
If they published a white paper explaining the Differential Privacy properties of their customer analysis tech, I might revise my opinion.
They aren’t invading the privacy here. They are preventing a malicious actor from running an attack via VPN and ssh tunneling in addition to IP address, device, etc. At worst they are associating IP with browsing at competing stores. Preventing the VPN was likely required by a lawyer and auditor and a risky attack vector for a billion dollar company.
If Walmart was breaking https and inserting man in the middle games it would be in their policy. Other commentators went off into fantasy land edge cases where traffic is being decrypted. And it still doesn’t change my expectation of privacy on a public hotspot.
Are you okay with this for every hop on all your routes? I mean I’m sure very few of them are publicly-owned servers.
They aren’t invading the privacy here.
Yes they are, they’re forcing you to disable Private Relay.
They are preventing a malicious actor from running an attack via VPN and ssh tunneling in addition to IP address, device, etc.
This makes no sense. I could walk outside the store and do any of those things on my 5G connection. Private Relay does not enable these attacks and blocking it doesn’t prevent them.
At worst they are associating IP with browsing at competing stores.
Wut? They are the ones assigning IP addresses. Not sure what you mean.
At worst, they’re using your IP address to join your walmart.com session cookie with complete time series data on your store position, data from store cameras, etc. to build a creepy profile without consent.
Preventing the VPN was likely required by a lawyer and auditor and a risky attack vector for a billion dollar company.
It’s not a problem for Starbucks. As long as the public facing network is separate from the internal store network, e.g. with a VLAN, what is the concern?
If Walmart was breaking https and inserting man in the middle games it would be in their policy.
Regardless, it would be shitty behavior.
If they were cracking crypto schemes and were decrypting your traffic, it’s entirely possible this violates a “hacking” law in the US.
Other commentators went off into fantasy land edge cases where traffic is being decrypted. And it still doesn’t change my expectation of privacy on a public hotspot.
It was a hypothetical to explore the extent of your “their house, their rules” viewpoint.
They aren’t invading the privacy here. They are preventing a malicious actor from running an attack via VPN and ssh tunneling in addition to IP address, device, etc. At worst they are associating IP with browsing at competing stores. Preventing the VPN was likely required by a lawyer and auditor and a risky attack vector for a billion dollar company.
Then why do their ToS say they use this data for advertising purposes? If they really need to be able to track you to prevent malicious actors, they can do so without using the data for advertising.
Dude. End to end encryption. That is network privacy 101.
Exactly. “Hey, we’re gonna let you use our network. But if you do anything illegal or shady on our network, we’d be held liable. So we’re gonna track what you do on our network to make sure if you do try something, we can remove you from the network and have proof.”
I mean, yeah, they’re also gonna collect advertising data, but do you really expect to have an expectation of privacy when using someone else’s network? Just like they can film you in the building, they can monitor your network traffic on their network.
If this surprises you, maybe you should do some more research on how a network actually works. And get a VPN. And maybe don’t connect to random public networks(you don’t even want to know what OTHER PEOPLE can do to you on those networks, nevermind the company).
Also, you pay for your cellphone service, right? Are you paying for the wifi in the store? Nooooooo. They’re giving it to you for free. Almost like they’re offering you something in return for that data monitoring. Like they’re offering you a service with a built in method to recoup costs… A service you voluntarily use and in doing so, agree to their terms.
Or you, you know, don’t use it.
but do you really expect to have an expectation of privacy when using someone else’s network
That is kind of the concept behind the internet. A bunch of networks passing packets along, using the same protocol, not asking questions about their content.
Fifteen years ago we had a whole battle and everyone other than the evils at the top were against deep packet inspection. This new generation is a bunch of bootlickers.
Yeah, wtf is going on here? You’re allowed to say corporations shouldn’t do things, even if they’re technically legal.
Are these people such fierce libertarians that they support Eli Lilly’s right to price gouge diabetics for their insulin?
Do you miss the part where you’re not paying to use that network and it’s offered as a free service? I’m old too dumbass. I remember before wifi even existed. Do you also go to Walmart and expect to be able to charge your batteries for free off their power? Or use their phones for free?
You’re confusing free as in beer and free as in speech. No one is forcing you to use their FREE service. Use your own cellular network jackass. The network that you DO pay to use.
What’s next, going to someones house and demanding their Wi-Fi password because “the Internet is free man!”
I mean, with that logic you might as well argue that this whole community is pointless because no one is forced to use any of the products or services that use an asshole design, free or not.
The purpose of this community, as I see it, is to point out anti-consumer practices used in existing products and services. While it could be intended to get the attention of someone who can change it, realistically it’s an asshole design because they likely knew it wouldn’t be well-liked from the start.
The purpose of this community as I see it is:
- To vent or discuss anti-features.
- To warn potential or current users that they might prefer to avoid the service or product.
- To warn naive designers that it’s not a feature without controversy, if they are inclined to think, “oh, these other guys do this so no one will care if I also do it”.
Walmart isn’t obligated to offer wifi, but sometimes you can have a shit deal even when the price is 0.
Check this post out Buddah
Note the significant spittin’ of fax between the top and bottom rows of pixels
There were maybe one or two comments I think posted early on that made me think “wait, did I post this on CorporateJerk or HailSamWalton by mistake” 😀
Wal-Mart sux, public WiFi is not ideal, yeah duh now lemme poop on a particularly poor example of Fortune 50 behavior pls 😉
(Hmm by which I mean Fortune 1)
The issue being it seems they block VPNs based on the screenshot. At least that’s what I am thinking this iCloud thing is
Which is still their right, with it being their network. The cost of using their bandwidth is letting them watch what you do with it. Don’t like it? Don’t use it.
deleted by creator
Also, you pay for your cellphone service, right? Are you paying for the wifi in the store? Nooooooo.
Yes? Indirectly its baked into the cost of service.
While I get the sentiment, I can’t help but picture the complaining customer “I PAY your wages” from that statement.
Because it is. The customer isn’t paying for the hardware, electricity, or bandwidth. Dude above is a nonce.
Woosh…
What service? It’s baked into the cost of collecting data. That’s literally the exact reason they give it to you FOR FREE.
You really need to learn the difference between free speech and free beer. You’re asking for free beer.
Correction, cost of goods is what I meant. I’m not going to Walmart just for the WiFi.
My comment was also meant to be sarcastic. Free WiFi while I spend my earnings, which I’d expect prices to reflect the cost of this service, in a giant metal box seems fair to me. Trading privacy as an extra cost I’m not okay with, so I won’t use it.
Thanks :)
Not only is it baked into the cost of goods and offered as one of their services to attract customers (like “free” pick up), it reduces labor costs by showing customers which shelves to peruse to find their comic books and their chocolate milk. Their captive portal also serves as an ad for digital payment & their scan + mobile checkout offerings (coincidentally both enabled by Internet service like their Wi-Fi), which may increase retention and reduce labor costs respectively.
LOL, “your communication cannot go through our service that we can monitor, so somebody else might be spying on you, black is white, war is peace, freedom is slavery”
Start giving their store one star reviews and mention this
Please just don’t use public WiFi and if you do, assume that your privacy and security are at risk.
Or use a vpn if you really must. I’ve noticed that most Walmarts have really bad cellular connectivity and this is probably the reason why
I noticed that also. I would never connect to Walmart’s wifi unless it was some kind of communication emergency.
So I just don’t use my phone in Walmart and that’s fine. Human beings don’t require a data feed to survive.
Human beings don’t require a data feed to survive.
The hell I don’t. I am NOT putting up with reality for that long, ESPECIALLY in a Walmart.
I’m not sure Walmart counts as reality.
Sounds like a personal problem. I’d recommend learning to focus on reality in the moment, and be present enough to appreciate the nice things that exist around us. Smartphones and the internet are fun but using them as a crutch to feed all your dopamine is a dead-end road.
This is bad advice inside a Walmart
They have bad cell signal because it’s a giant steel box, big box stores are basically big shitty Faraday cages.
Instead of offering WiFi why don’t they just set up LTE/5G in store? I once complained to my carrier about terrible reception and they sent me a magic box that takes cellular data, puts it in a VPN tunnel back to the carrier and goes on from there.
I thought these things were pretty normal, or am I missing something?
The problem is that you don’t get LTE/5G reception in the store from your phone, so why would a box that does the same thing solve the problem?
The box routes the traffic over the Internet typically via Ethernet. The magic box opens a VPN tunnel to the carrier where the traffic is handled the same way it would be if you were using “real” LTE/5G.
That would be good for the customer. I think the whole point of it is to monitor customer traffic, so even if it’s a better solution, I doubt they would do it lol.
Saaaaaaaame though
I don’t understand why you would need wifi in a supermarket. What are you doing while shopping that mobile data can’t handle?
Large warehouse type buildings make getting a signal difficult ESPECIALLY in a walmart. I prefer using the app to find items I wouldn’t otherwise know where to look.
Yeah, I didn’t consider those absurdly large US malls, my bad.
Mall?
TIL a single building like Walmart is a mall.
I primarily use it to look up locations of grocery items.
When I’m looking for a niche item, it’s so much faster to find it in the app than to wonder the store figuring out where it is
I use it to pull up a recipe that I’m cooking, If I need to double check a detail. Usually, I have everything on a physical list for practicality.
The issue is large warehouses, like Walmart or Costco or whatever often have bad cell reception, so you might need wifi to reach the internet.
Compare pricing?
Oh this gives me good reason to find a Walmart. I would love to see how it handles VPNs and it would be a fun game to set up a travel router that can obfuscate the VPN tunnel if needed.
Using OpenVPN or Wireguard should work because they typically use port 443, which you can’t block without killing the internet connection altogether.
Wireguard uses UDP which you definitely can block without breaking HTTPS (just QUIC aka HTTP/3). And its default is port 51820, I believe.
You read my mind.
I use the websocket tunnel connection mode in Windscribe for those networks that block VPNs.
Wouldn’t UDP on port 443 still be weird though? I can’t remember whether QUIC and modern HTTP servers serve UDP on that port.
If you use tcp
I use a VPN just fine inside a Walmart. It’s annoying you need a Walmart account now to use it.
Did I hear evil twin in your plans
Murrica lmao
Offering open wifi for the public is a terrifying thought.
Just set up a cheap squid proxy or an http proxy. They often still work
A wire guard peer would probably be better
Their ToS requirements don’t appear to require traffic sniffing, so a tunnel won’t save you. Wi-Fi is a digital signal after all
Tunnel is def a good idea though
Wireguard tunnels encrypt traffic, and you can add a pre shared key for additional security, no?
Looks to me like you just needed to get through the captive portal and could have turned it back on immediately after.
The irony of using Apple products, thinking “Private” means “private”.
Do you think the advertising company’s phone is more private?
Google doesn’t make money when you buy a Samsung Galaxy. Google tracks everything you do on your Galaxy. They then take this data and sell targeted advertisement at you. Google makes money when they sell you to advertisers.
Apple makes money when you buy an iPhone.
Apple appears to be double dipping. I don’t use apple products beyond a MacBook. Why for example the laptop has a unique advertiser id (which looks like it can’t even be disabled in newer os versions)?
All OS have advertising ID. Windows does, macOS does (TIL from you), Android and iOS do. Linux doesn’t for obvious reasons.
A lot of the things stored in iCloud are end to end encrypted. That includes all of your messages and attachments in iMessage and all of your bookmarks in Safari. Apple simply can’t use those things to advertise at you.
As far as other targeted advertising, Apple doesn’t track you across apps. In other words, searching for something in the App Store won’t result in different ads in Apple News. And doing anything in any third party app won’t affect any targeted ads in any Apple app. (https://support.apple.com/guide/iphone/control-how-apple-delivers-advertising-to-you-iphf60a6a256/ios)
You will still see targeted ads on iOS in third party apps, because Google still tracks you in an app if it uses AdMob.
At least on the advertising company’s phone, I have the freedom to install a different, more privacy respecting OS like GrapheneOS.
Google offers an easy to use VPN and bountiful security controls.
So yes. Unless you can point out what your actually talking about instead of vague generalities.
Google offers a VPN?
Damn, that is one of the last VPN services I would ever use, VPN services are in general idiotic with regards to privacy.
Google VPN is now a member of Google Graveyard.
Bruh, can we not do the whole teasing people who prefer one brand’s proprietary OS & interface over another?
Bruh, there’s no brand whoring from me here. We’re all products. Simmer. Bruh.
That is true of Android as well.
And remember that while iOS is built by a tech company first and foremost, Android is built by an advertisement company first and foremost.
I have tried both, and only Android gives me the feeling that someone is constantly looking over my shoulder.
I know Apple does also, but I don’t get the same feeling.
You pay the premium price to feel better about the same thing.
Quite possible
You can literally sniff the fucking traffic and see that’s not true. You understand there are laws of physics at play here and the devices can’t sneak data/etc past them, right? Default android devices send significantly more data back to home base than a defaultly configured iOS device.
I recently acquired a used iPad and its my first real iOS experience in a decade, and I have to say I have similar feelings from using it.
Many privacy controls are set to their tightest settings by default, many things require the app to ask the user before intruding then give you clear indication if and when they are intruding, and most controls that I might want to change aren’t buried 4 layers deep in the settings.
However, I can’t install uBlock Origin on Firefox (yet?) and there’s quite a few minor customizations I’d really like to change but can’t. And honestly Android’s openness to sideloading sometimes lets me do things like load an old paid game that hasn’t been updated in several years and sometimes does or doesn’t work depending on the Android version and specifics of the vendor’s implementation, or snag random stuff off Githubor Itch if I really want to.
only Android gives me the feeling that someone is constantly looking over my shoulder.
Aurora Store instead of Play Store, Firefox with UbO and Adguard DNS. I feel Android does look over my shoulder (why do I need to use ADB to disable uninstallable apps or install pre Android 6 apps?!) but not in the context of privacy. I don’t know how having GMS enabled w/o being signed in affects being tracked.
I’m sure your feelings are more accurate than thousands of thousand security researchers trying to make a name for themselves.
This is more “Alexa is spying on me” ignorance and paranoia.
This entire thread…
Since there are so many security researchers agreeing with you, why didn’t you link a few reports to support your claim?
Ahh right, the old disprove god doesn’t exist argument. 👌👍
I’m sure Google and Amazon have secret whistleblower tech that has some how kept any evidence of this massive program secretly stealing everyone’s data without leaving a trace.
You seemed to claim that there are thousands of security researchers that have found that iOS monitors you more than Android, yet you offer no proof, only a shit attitude.
Sure I made a snarky remark, but my point still stands, you have no links to reports confirming your claim.
I was open to read about this, but your attitude has made me less so.
You’ve made up arguments and comparisons. Google services monitor you. Android (as stated earlier) or AOSP or even pixel os doesn’t. There is a difference. The OS is quite locked down. Nobody is forcing you to use any Google services. I’m sorry you missed that nuance.
Exactly what argument did I make up?
Google is an advertisment company, this is a fact, Apple is a tech company, this is also a fact.
My own feelings are also a fact.
YOU made the positive claim.
Whatever you say my man.
How do ya compare incentives of Apple/Cloudflare & the big box store in terms of data privacy?
I’m surprised by how many people here buy into Apple’s marketing. I thought people on Lemmy would be more aware.
Yeah… It’s genuinely sad. 🤷🏽♂️😅
