For users that haven't read the documentation about the unsafe browser and/or just don't understand when it's necessary, it would be good if Tails does a reasonable job to try to detect whether a captive portal seems to be in place and notify the user if so. The approaches could range from simplistic to more sophisticated:

  • If wait_for_tor_consensus() fails during time syncing. Note that this would happen if Tails is booted on a LAN without Internet connection.
  • Use ooni-probe?
  • Other approaches.

The method used likely has to be active, but it should preferably hook into some common, innocent looking network connection in order to avoid fingerprinting.

Open questions

  • Is it OK to be more fingerprintable by checking (without Tor) whether a captive portal is sitting in the way?

  • Related question: how much is Tails fingerprintable as Tails by a network attacker (ISP), as opposed to being fingerprintable as "someone using Tor Browser"?

  • How shall we integrate the captive portal browser on the desktop in case we need to get back to it (to log in again, to log out)?

    • Lunar's proposal: as a detached windows
    • other possibility: invisible browser by default, can be displayed again somehow


Using WWW::Mechanize::Shell

For each kind of hotspot:

  • list of possible ESSID
  • optional: allocated IP address classes
  • optional: network test script?
  • optional: SSL certificate fingerprint?
  • a WWW::Mechanize::Shell script

Main script in in /etc/NetworkManager/dispatcher.d.

Test current connection against known hotspots.

When connected to a known hotspot, starts WWW::Mechanize::Shell script. Values are entered through a callback than will uses Gtk2::Notify and some custom widgets. Known login/passwords should be put in gnome-keyring with a browser like completion system (enter first letters, pick login, password is prefilled). Maybe we could use the same login/password database as Epiphany.

For hotspots that requires a periodic refresh, we can run another WWW::Mechanize::Shell script in a loop. NetworkManager is meanwhile monitored through DBUS to kill the loop if connection is lost. If loop fails try once more through default script before displaying a notification.

Existing hotspot connection applications

Looks like there is at least two Python apps doing this already:

Captive portal detection

hellais and friends are working on ooni-probe which may be interesting, depending on how stealthy the probe is.

Beta testers