[HN Gopher] Lawmakers want to ban VPNs
___________________________________________________________________
Lawmakers want to ban VPNs
Author : gslin
Score : 580 points
Date : 2025-11-14 06:39 UTC (1 days ago)
(HTM) web link (www.eff.org)
(TXT) w3m dump (www.eff.org)
| ktallett wrote:
| Lawmakers in general have less than one percent knowledge on what
| they make laws on. I look forward to them all logging in remotely
| after the ban.
|
| The key change is needed with things such as meshtastic and lora.
| Taking things out of the hands of regulators is key
| codedokode wrote:
| They actually act perfectly rationally. Media post articles
| about how easy it is to bypass the law using VPN, mock the
| government, and what the law author should feel reading this?
| "Ok let them break the law"? Of course, the reasonable response
| is to close the loopholes.
| ktallett wrote:
| The issue is tech isn't as simple as that, vpn's are key in
| many jobs, are they banned? It is the same issue when they
| ask for backdoors in every messaging app. It is rational if
| you don't think any deeper than surface level but once you
| dig an inch deep, it is clear why it isn't rational.
| duskdozer wrote:
| Some company would surely jump in and get an exception
| written for certain corporate VPNs. But if not, it can be
| that those who contribute to the right people get
| exceptions and those who don't, don't. Rational or logical
| consistency just....don't have to apply
| codedokode wrote:
| The companies using VPN for work can file an application
| for an white list exception, if they provide an application
| with a list of employees having access. I think this is how
| it works in my country. You are making an elephant from a
| fly (proverb meaning exaggerating minor issues).
|
| For better security, a signed obligation to observe law
| might be collected from every employee, and an access log
| kept, with records signed by company's digital signature.
| raw_anon_1111 wrote:
| And it's amazing you think this is okay.
| codedokode wrote:
| > they ask for backdoors in every messaging app
|
| Being a devil's advocate, you already entrust the
| government to register your property, issue your money,
| prosecute you for wrongdoing (including death penalty) and
| send you to the war. Your data is already collected and
| sold by thousands of data brokers. What are you losing by
| having a backdoor that would be used only in strict
| accordance with the law (laws being created by your elected
| representatives) and only for legal purposes? You must
| comply with the law anyway, no matter if the government can
| or cannot see what you are doing.
|
| If you truly believed in democracy and rule of law in your
| country, you would have no doubts and volunteered to
| install the backdoor yourself.
| jamzer wrote:
| The issue being that governments in the west have
| repeatedly demonstrated they will implement blanket
| surveillance and not follow due process in using it.
|
| Further those who do wish to break the law could still
| utilize cryptography to avoid backdoors so this would
| only really apply said surveillance to those not breaking
| the law.
|
| Perhaps this is also different for digital activities due
| to the history of the digital space and the scale/ease at
| which if allowed it can be surveilled.
| tonyedgecombe wrote:
| I think they know exactly what they are doing. This isn't the
| nineties anymore. Which makes it even worse.
| jkestner wrote:
| But our gerontocracy is still living in the nineties (if
| we're lucky).
| greenavocado wrote:
| As a rule, criticism of the ruling elite will never be
| tolerated in the long term. The Internet was free and
| unrestricted until the masses shifted their attention to it, at
| which point, the ruling elite cracked down on it in order to
| maintain their hegemony by maintaining the ignorance of the
| masses, which they see as cattle to be herded and milked and
| sacrificed ritualistically from time to time for their internal
| social bonding purposes.
| Havoc wrote:
| Stuff like this really reminds me how nobody is actually in
| control. Entire countries are just going where ever the rivers
| takes them with those supposed in charge not knowing any better
| and often worse than the rest and functionally being so clueless
| they're passengers too
| pjc50 wrote:
| _Republican_ lawmakers, in this case.
| analog31 wrote:
| In Wisconsin, this means there's a good chance the Democratic
| governor will veto it, probably with widespread public support.
| create-username wrote:
| Why ban VPNs when you can freely force social networks like HN to
| tie nickname registration to an state issued digital ID
| certificate to guarantee freedom of speech and legal
| accountability?
|
| https://old.reddit.com/r/XGramatikInsights/comments/1ovd88s/...
| throw-the-towel wrote:
| And also to defeat AI slopbots!
| tamimio wrote:
| Not just social media, expect ANY app to be able to "verify"
| you through the new apple digital ID (android wallet soon I
| assume), the "verification is simple and seamless!!", and add
| few Alegria drawings explaining why providing your ID helps
| defeating the "bad evil guys!!" and you are good to go.
| imtringued wrote:
| To this day I have no clue what the point of this idea is.
| Forcing you to use an ID on the internet is the real world
| equivalent of making everyone you interact with take a photo of
| your ID. It's completely nonsensical.
|
| Considering that most crimes require people to be physically
| present at the crime scene, it also doesn't seem to be a
| functioning deterrent at all in the real world.
|
| Most of the bad behaviour is concentrated in "seedy" places,
| where you usually have to go out of your way to interact with
| that place. A real name policy doesn't change the nature of the
| place at all.
|
| If anything, the places that would be most affected are the
| ones where people are roleplaying or pretending to be something
| other than "themselves". E.g. gay or transgender people,
| furries, MMO/MUD/MUSH players, streamers, etc which overall
| seem to be exceedingly harmless.
|
| There is also the blatantly obvious problem that this only
| works on people who are risk averse to begin with. So it will
| basically have no effect on actual perpetrators, who see some
| risk vs reward tradeoff for their bad behaviour.
| tim333 wrote:
| Because you can't freely force social networks like HN to tie
| nicknames to a state IDs. Just because some politician said
| that doesn't make it so.
| stavros wrote:
| You can, though. That's what laws are.
| serf wrote:
| laws and enforcement are different things.
|
| I get your overall point, but conflation of the two is
| inaccurate.
| stavros wrote:
| I agree, but they're highly correlated, so it's not that
| this doesn't affect anything.
| tim333 wrote:
| HN is US based. You'll have fun getting a law like that
| through in the US, or even the UK or EU. They do have a law
| like that in China I think.
| autoexec wrote:
| There's a lot of things that used to be unthinkable in
| the US. Things that only evil governments in other
| (usually communist) countries did, but which now happen
| in the USA. It turns out there's not as much of a
| difference as you might think, and not much you can do to
| change that.
| bergfest wrote:
| I don't know about the US, but in UK and the EU they are
| certainly trying to do just that. And if not today, the
| will simply cook us slowly a little longer until they
| succeed. The problem is, that regular people just don't
| care enough.
| elzbardico wrote:
| Give it a bit more time.
| autoexec wrote:
| > you can freely force social networks like HN to tie nickname
| registration to an state issued digital ID certificate to
| guarantee freedom of speech
|
| Nothing guarantees free speech like making it trivial to keep a
| copy of everything everyone says that can always be tracked
| back to their real identity! No way that could have a chilling
| effect on perfectly normal speech.
| codedokode wrote:
| It's funny how democratic countries copy whatever laws
| authoritarian regimes passed, but with a 5-year lag.
| bamboozled wrote:
| It's not funny, it fucking sucks.
| gessha wrote:
| "If I didn't laugh, I'd cry"
|
| https://youtu.be/i6fGOXWO0w4
| pjc50 wrote:
| This sort of thing turns up very regularly in US politics, from
| the Comstock Laws to the Communications Decency Act. The late
| 90s even had a requirement to use easily breakable encryption
| (48-bit RSA) which big tech companies generally obeyed. And a
| worse proposal (the "clipper chip") which was never deployed.
|
| Authoritarianism is not limited by your birthplace, it can turn
| up anywhere. And when it does people are often really
| enthusiastic about it.
| dreamcompiler wrote:
| https://en.wikipedia.org/wiki/Clipper_chip
| cartoonworld wrote:
| Very related:
|
| https://en.wikipedia.org/wiki/Crypto_Wars
| tim333 wrote:
| The Great Firewall dates from 2003 and we still don't have a
| Great British Firewall so the lag seems longer.
| Dave9k wrote:
| UK ISPs block around 1500+ domains through High Court orders
| and police make 12k+ arrests a year for online speech. You
| don't need a formal firewall when the effect is the same in
| practice.
| rjh29 wrote:
| I would like a citation for 12k arrests a year as that
| seems insane to me.
| rgblambda wrote:
| https://www.thetimes.com/uk/crime/article/police-
| make-30-arr...
|
| The findings in the Times article were subsequently
| debated in the House of Lords. The figures weren't
| disputed: https://lordslibrary.parliament.uk/select-
| communications-off...
| exasperaited wrote:
| I don't really get why this is surprising or actually
| particularly worrying.
|
| 30 arrests a day for something in a population of seventy
| million people, a large proportion of whom are online in
| some way, is not that much.
|
| And it's not 30 arrests per day for saying things the
| government don't like or that are politically incorrect,
| is it? It's mostly for things that rise to the level of
| threats or harassment or cause alarm.
|
| On the one hand it's a new conduit for threatening
| conduct, and on the other hand, it's probably replacing
| some.
|
| I'd note something that comes up when this number is
| mentioned often enlightens the context: that people often
| use this figure to say "that's more than in Iran or
| Russia", as if the number itself is actually meaningful.
| Nobody's going to arrest you in Russia for abusing
| transgender people; nobody's going to arrest you in Iran
| for encouraging the punishment of promiscuity or gay
| people. In either case they might turn a blind eye if you
| threaten the lives of those people. But the things they
| would arrest you for -- criticising the government or the
| war -- you know not to even say out loud when not among
| friends. Because the punishment is not the mild
| inconvenience you would get in the UK.
|
| There are bigger problems in the UK with misunderstanding
| policing of speech in the real, physical world: the
| Palestine Action stuff is being much more obviously
| mishandled. I think it's much more important to focus on
| getting the government to handle that more logically and
| sanely.
| rgblambda wrote:
| >And it's not 30 arrests per day for saying things the
| government don't like or that are politically incorrect,
| is it?
|
| We don't know, as offence type isn't provided by police
| services.
|
| The key takeaway is that arrests have risen since 2020
| while convictions have not. Given the sole evidence
| needed for a conviction is also needed for an arrest,
| you'd think convictions would rise at almost the same
| level. But it looks like people are being arrested and
| later released for perfectly legal speech. That would
| arguably be seen by many as an impairment of freedom of
| expression.
| exasperaited wrote:
| > The key takeaway is that arrests have risen since 2020
| while convictions have not.
|
| Yes, but this also coincides with the pandemic which put
| more people online and created a lot of anger and
| harassment of nurses, doctors, government officials, and
| it also coincides with growing activism in the trans
| debate space, which has undoubtedly led to more actual
| harassment.
|
| > But it looks like people are being arrested and later
| released for perfectly legal speech.
|
| But you just said we don't know, because offence type is
| not provided?
| rgblambda wrote:
| If there has been a rise in the amount of harassment due
| to the pandemic, then why have actual convictions dropped
| compared to before the pandemic. I refer to the graph of
| convictions per year in the HoL report linked above.
|
| >But you just said we don't know, because offence type is
| not provided?
|
| If someone is arrested but not convicted, we must presume
| innocence. "Legal speech" isn't a type of offence.
| monooso wrote:
| Not GP, but this may be of interest:
| https://allsides.com/
| wseqyrku wrote:
| Could be more serious than that, maybe it's not a lag. Maybe
| they are becoming.
| conartist6 wrote:
| Isn't it Wisconsin law that lets the Governor change any numeric
| digits in a law while it's on his or her desk?
|
| One of the most bizarre legal opinions I've ever heard of, but if
| they used any digits in the writing of the law those are up for
| grabs. Law makes a 30 day window or something? The governor can
| just change it to a million days with a stroke of the pen and
| then sign the edit into law with the same pen!
| nwellinghoff wrote:
| What if it's a "thirty day" window? Safe?
| conartist6 wrote:
| Yes, my understanding is that only digits are meaningless per
| the supreme court's ruling there
| gizmo686 wrote:
| > Isn't it Wisconsin law that lets the Governor change any
| numeric digits in a law while it's on his or her desk?
|
| Pretty close.
|
| > (b) If the governor approves and signs the bill, the bill
| shall become law. Appropriation bills may be approved in whole
| or in part by the governor, and the part approved shall become
| law.
|
| > (c) In approving an appropriation bill in part, the governor
| may not create a new word by rejecting individual letters in
| the words of the enrolled bill, and may not create a new
| sentence by combining parts of 2 or more sentences of the
| enrolled bill
|
| https://docs.legis.wisconsin.gov/constitution/wi_unannotated
|
| The big limitation here is that it is limited to
| appropriations. Further, the constitution goes out of its way
| to try and prevent creative vetoing.
|
| Unfortunately, the court decided that numbers are not words.
|
| As a result, the governor changed "for the 2023-24 school year
| and the 2024-25 school year" to "for 2023-2425"
|
| https://statecourtreport.org/our-work/analysis-opinion/wisco...
| stavros wrote:
| May not reject individual letters? You know that's there
| because someone did it before.
| CGamesPlay wrote:
| > Evers's veto is part of a dubious Wisconsin tradition. In
| 1975, Gov. Patrick Lucey struck the word "not" from the
| phrase "not less than," reversing its meaning. In the
| 1980s, Govs. Tony Earl and Tommy Thompson crossed out
| individual letters to create entirely new words. And in
| 2005, Gov. Jim Doyle reappropriated over $400 million from
| its intended use by striking all but 20 words from a
| 752-word passage, creating a new sentence bearing no
| resemblance to the language approved by the legislature.
| stavros wrote:
| Wow, I have no words. I could strike some off your
| comment to make something, though.
| quectophoton wrote:
| Random trivia: Memes in that format are known as "speed
| of lobsters" memes, where you take a screenshot of some
| text/post/tweet/whatever and then delete/hide words and
| letters to make up completely different sentences.
| sandbags wrote:
| I'm not in the US so I've no dog in this race only
| curiousity.
|
| I can understand allowing a governor to change the text
| of a bill. But I cannot understand allowing them to sign
| those changes into law. It seems like that would mean
| they could creatively reverse the meaning of any bill.
|
| It seems like a governor should be able to approve the
| text as written, or change it and send it back.
|
| What am I missing?
| mod50ack wrote:
| The original intention was to allow for what is called a
| "line-item veto." Let's say you had a bill (and this is
| not uncommon) with a lot of basically unrelated
| provisions. It creates programs A, B and C. This would
| allow the governor to approve A and C but not B, and
| would prevent the sort of "horse-trading" that
| legislators like to do ("I'll support your pet idea if
| you support mine").
|
| That was the idea. But Wisconsin has twisted into
| something else entirely. Arguably, the idea was not a
| good one to begin with, anyway.
| tamimio wrote:
| 20 years ago the boogeyman was "the terrorists!" And now the
| boogeyman is "not the children!!" Or "immigrants!!" Depending on
| your audience's political views, but the ultimate goal is more
| surveillance, more control and more power abuse by who's in
| control.
| astroflection wrote:
| https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...
| tim333 wrote:
| That doesn't match what I've seen in UK politics.
| hdgvhicv wrote:
| https://www.bbc.co.uk/news/articles/cn438z3ejxyo
|
| https://www.bbc.co.uk/news/articles/c0epennv98lo
|
| https://www.lbc.co.uk/article/digital-id-cards-ill-stop-
| ille...
|
| Terrorism still crops up occasionally but the rhetoric has
| certainly expanded.
| tim333 wrote:
| I was querying that the motivation is control and power
| abuse more than protecting children. I live in the UK and
| know people that go into politics. A lot want to protect
| children. People can be over cynical about assuming
| everyone is evil.
| autoexec wrote:
| If the people you know are supporting and expanding mass
| surveillance you can bet that it's because they want
| control and power and not because of how much they want
| to protect children. Not everyone is evil. People who
| want to surveil and censor everyone are though. If they
| actually care about children they'll be trying to protect
| those children from such impositions on their freedom.
| stephen_g wrote:
| Maybe "simple and easily manipulated" is better. The
| driving force behind the UK's "child safety" push seems
| to be mostly because there was "enormous potential across
| the Safety Tech sector ... to foster the development of
| sustainable, high-tech companies across the country" [1].
|
| Don't be deceived - huge amounts of lobbying went into
| this, because some savvy entrepreneurs saw a market to
| sell age-verification services. The key driver behind the
| laws is more about creating that market than actual child
| protection - if they were actually interested in that,
| they wouldn't be pushing things that are clearly so
| ineffective (but expensive).
|
| 1. https://www.gov.uk/government/publications/safer-
| technology-...
| Jweb_Guru wrote:
| I'm sure your friends want to secure a future for
| children, but unfortunately this motive is not mutually
| exclusive with being evil.
| TZubiri wrote:
| >So when Wisconsin demands that websites "block VPN users from
| Wisconsin," they're asking for something that's technically
| impossible. Websites have no way to tell if a VPN connection is
| coming from Milwaukee, Michigan, or Mumbai. The technology just
| doesn't work that way.
|
| https://youtu.be/Pr4v725LPOE?si=ih3gfTSpiHumtrFs&t=79
|
| "That's not how apps work"
|
| "Then make it work you think we are stupid but we are not, we
| know" VPNs have something to do with IPs which are necessarily
| geolocatable , and also users need to make an account to connect
| to a VPN, you can just ask them what country and State they are
| in.
|
| Being willfully obtuse draws no sympathy, and will not exclude
| companies from compliance
| Ukv wrote:
| > VPNs have something to do with IPs which are necessarily
| geolocatable
|
| The website (which is the party these obligations are being
| placed on) could geolocate the VPN IP, but that wouldn't tell
| them where the user is actually from.
| cestith wrote:
| What if your geolocated IP is from ... a VPN? Maybe one outside
| the jurisdiction of the law?
| nijave wrote:
| IPs aren't necessarily even geolocatable. Sometimes they are,
| sometimes AT&T Mobile routes you six states over and exits
| through a CGNAT IP
| TZubiri wrote:
| IPs are geolocatable yes, not with a perfect accuracy, but
| with a jurisdictional accuracy.
|
| First of all, IP addresses are issued in blocks and the IPs
| are distributed within regional proximity. This is how
| connections are routed, a router in say, Texas, knows that it
| can route block, say 48.88.0.0/16 to the south to mexico,
| 48.95.0.0/16 to the west to Arizona, and so on.
|
| whois/RDAP data will tell you the precise jurisdiction of the
| company that controls the block. It's entirely sensible to
| use that for geographic bans, the mechanisms are in place, if
| they are not used, a legislative ban will force providers to
| use that mechanism correctly. I wouldn't say it's trivial,
| but it what the mechanism has been designed to do, and it
| will work correctly as-is for the most part.
| nijave wrote:
| I know how it works. I know how it doesn't.
|
| In the context of jurisdiction within a state in the U.S.,
| I don't think it's accurate or reliable enough when taking
| mobile phones into account.
|
| Country-level is much more accurate
| SirMaster wrote:
| How is that accuracy when it comes to IPv6 though?
| VortexLain wrote:
| They probably know that the technology doesn't work this way.
| But such law will force websites to block ALL VPN connections
| even for users not from Wisconsin, and that's the plan.
| cornonthecobra wrote:
| I'm reminded of efforts in the 1990s to ban strong encryption in
| email and websites because governments tried to tell us it was
| used by drug dealers and pedos to do their nefarious activities.
|
| Yes, governments really did want to force us to use HTTPS with
| only broken/weak crypto.
|
| Same propaganda, different buzzwords.
| add-sub-mul-div wrote:
| In hindsight, they really misjudged how comfortable pedos would
| be with discussing their affairs in plaintext email.
| jsmo wrote:
| just the rich, well-connected ones with friends in high
| places right?
| dreamcompiler wrote:
| https://en.wikipedia.org/wiki/Clipper_chip
| seanhunter wrote:
| Yes and
| https://en.wikipedia.org/wiki/Bernstein_v._United_States
|
| Notice that in those cases DJB was represented by the eff, so
| they have been involved in this issue for a very long time.
| hahn-kev wrote:
| Never heard of this, thanks
| ManuelKiessling wrote:
| Well, let's be honest -- _users_ of VPNs regularly don't know
| what they are doing, too.
|
| Can't count how often I've heard otherwise technologically
| literate people saying how they use a VPN (NordVPN e.a.) because
| ,,something something security".
| nijave wrote:
| Irony being trusting random VPN providers and arbitrary foreign
| (exit) countries potentially makes security _worse_ than
| without the VPN
| stavros wrote:
| Sure, but the laws weren't supposed to make you more secure,
| they were supposed to make "kids safer".
| raw_anon_1111 wrote:
| I would trust a foreign country with my data much more than I
| would trust the US. A foreign country can't do me nearly as
| much harm as the US can as a US citizen.
| autoexec wrote:
| No surprise, "Something something security" is the exact
| promise of many youtube ads, often spoken by people who know
| better.
| TZubiri wrote:
| >Businesses run on VPNs. Every company with remote employees uses
| VPNs. Every business traveler connecting through sketchy hotel
| Wi-Fi needs one. Companies use VPNs to protect client and
| employee data, secure internal communications, and prevent
| cyberattacks.
|
| Oh look, someone's conflating business VPNs and consumer VPNs
| again. This time to legitimize consumer VPNs.
|
| The cited laws propose to ban pornography for minors, and ban
| VPNs that hide geolocation and their use in accessing
| pornography. Nothing to do with businesses using private VPNs to
| encrypt employee traffic.
|
| >Vulnerable people rely on VPNs for safety. Domestic abuse
| survivors use VPNs to hide their location from their abusers.
|
| Woah, maybe VPNs have some uses I haven't considered, let's take
| a look at the linked article.
|
| >Use a virtual private network (VPN) to remain anonymous while
| browsing the internet, signing a new lease or applying for a new
| home loan. This will also keep your location anonymous from
| anyone who has gained access to or infiltrated your device.
|
| I think the loan thing is rubbish I don't get it, and it's
| unaffected by the law. But the idea of installing a VPN in case
| the device is compromised might make sense, if the device is
| compromised it might still be trackable, especially while
| downloading the VPN, but maybe if it connects at startup, and the
| RAT isn't configured to bypass the VPN bridge, it might work.
|
| Quite a stretch if you ask me. And again, not relevant to adult
| sites blocking VPNs.
|
| The rest of the example are the usual "people use it to evade the
| government and regulations but it can be THE BAD GOVERNMENt AND
| REGULAtiONS"
| skeledrew wrote:
| The only way to block a VPN is to have the knowledge that
| certain IPs are used by VPN providers. It's pretty trivial for
| someone to run a script/app that spins up a server somewhere,
| installs VPN software on it, and uses that for the connection.
| Now there's no way to separate whether a user is connecting via
| a VPN or not.
| SpicyLemonZest wrote:
| It's pretty trivial for you or I. The average 12 year old who
| this law aims to protect doesn't know how to do that.
| dreamcompiler wrote:
| Never underestimate the work ethic of a 12 year old who
| wants to look at porn.
| nijave wrote:
| I wouldn't underestimate 12 year olds. It's not hard to
| find an online community (chatroom/message board) where
| other members post this stuff.
|
| It's also pretty trivial to wrap in an app
|
| Source, I was setting up home proxies so classmates could
| access Flash games on school computers when I was 12...
| TZubiri wrote:
| I think you misunderstand the comment you are replying to,
| it's talking about the perspective of the sysadmin of the
| adult website, and how it would detect a VPN user.
| etchalon wrote:
| At 11 years old, I was dialing into BBS' to download images
| I'd print for my friends.
|
| Kids are resourceful.
| raw_anon_1111 wrote:
| You're right, because laws against underage drinking and
| drug use have really been affective over the years. It only
| takes one smart 12 year old to show everyone else how to do
| it. Heck if I were 12 now with 1TB u/d internet connection,
| I'm sure I would have set some type of proxy up for my
| friends.
|
| If I could figure out 65C02 assembly programming at 12 in
| the 80s without the Internet and some books, I'm sure the
| 12 year old me in 2025 could set up a proxy.
| TZubiri wrote:
| Is this related to my comment at all? I do have another
| comment about the technical feasibility of this ban though.
| skeledrew wrote:
| It is.
|
| > Quite a stretch if you ask me. And again, not relevant to
| adult sites blocking VPNs.
|
| With the workaround I outlined, adult sites can no longer
| be aware of all VPNs in order to block them, if things do
| get that far. And you can be sure the ones the measure is
| supposed to "protect" will gain access to scripts/apps for
| said workaround.
| pona-a wrote:
| As someone born in a post-Soviet country with rather many odd
| digital laws--including one requiring that any use of encryption
| be registered with the department of commerce and the secret
| service (meaning no TLS unless you get a permit)--I can clearly
| see the endgame of similar proposals.
|
| These laws aren't meant to be followed. Their text is
| deliberately vague, and their demands are impossible by design.
| They aren't foolish, or at least their ignorance isn't needed to
| explain the system's broader function. They are meant to serve as
| a Chekhov's gun that may or may not fire over your head,
| depending solely on whether the people holding it decide like
| you.
|
| In peaceful times, they fade into the background, surfacing only
| when it's convenient to blackmail some company for cash or
| favors. In times of crisis, they declare a never-ending war on
| extremism, sin, and treason, fought against an inexhaustible
| supply of targets to take down in front of their higher-ups,
| farming promotions, contracts for DPI software, and jobs updating
| its filters.
|
| Historically, such controls were limited by the motivation and
| competence of the arms dealers, usually taking the form of DNS or
| IP blocks easily bypassed with proxies. With modern DPI, it's
| entire protocols going dark. Even so, those able to learn easily
| find a way around them. The people who suffer most are seniors,
| unable even to call family across the border without a neighbor's
| help, and their relatives forced into using least trustworthy
| messengers (such as Botim, from the creators of ToTok, a known
| UAE intel operation [0]) thinking they're the only way to stay in
| touch, not knowing how or wanting to use mainstream IM over a
| VPNs that may or may not live another month.
|
| If wherever you are your votes still matter, please fight this
| nonsense. Make no mistake, your enemies are still more ridiculous
| than Voltaire could hope they'd be, but organizing against or
| simply living through a regime constantly chewing on the
| internet's wires is going to be a significantly greater
| inconvenience than taking _real_ action now.
|
| [0] https://en.wikipedia.org/wiki/ToTok
| teddyh wrote:
| > _Chekhov 's gun that may or may not fire over your head_
|
| A more apt metaphor might be Damocles' sword?
| pessimizer wrote:
| Yes. Chekhov's gun always fires. Even if it happens after the
| resolution and it turns out to be a water gun.
| martin-t wrote:
| > These laws aren't meant to be followed
|
| Selective enforcement should be illegal - people practicing it
| should be put in prison, the law should be auto-repealed, any
| past sentences cancelled and the people sentenced should be
| compensated.
|
| This should be written into every constitution, just like free
| speech and the right to kill when killing is right ("right to
| bear arms").
| martin-t wrote:
| Ok, 2 downvotes, so I surmise there are 2 people who
| genuinely think selective enforcement is right and should be
| legal. Either of you care to justify your opinion?
| throw7 wrote:
| Wisconsin "porn" websites will just move out of Wisconsin.
|
| The bill reads like you would think from someone who's been
| talking with the ceo of an age verification company. The bill
| gives the website two options: use a _commercial_ age
| verification product tied to gov't id checking, or "digitize" the
| web user's gov't id.
| nijave wrote:
| Holding out for government IdP that can return verified but
| anonymous data (like age)--like a JWT that has no identifier
| besides an age claim.
|
| Seems highly unlikely it would ever happen (at least in the
| U.S.) but seems like it'd solve a decent amount of verification
| problems. With a JWT, the IdP wouldn't even necessarily need to
| know the recipient since the validity could be verified by the
| consuming party using asymmetric crypto.
| immibis wrote:
| Yep and I'd just have to automate the process and give out my
| own JWTs to other people for $2 each
| skeledrew wrote:
| And cue the rise of self-hosted VPNs. 1 click to get a VPS
| instance, install VPN software, and make a connection.
| Automatically destroy the instance with another click or after a
| certain amount of time.
| txrx0000 wrote:
| If this keeps going, they will ban self-hosting next: only
| government-approved hosts allowed.
|
| We can't just rely on technological solutions because you can't
| out-tech the law at scale. People need to actually understand
| that the government is very close to having the tools needed
| for a stable technocratic authoritarian regime here in the US
| and all around the world. It might not happen immediately even
| if they have the tools, but once the tools are built, that
| future becomes almost unavoidable.
| skeledrew wrote:
| I feel like that'd take a level of surveillance that's
| technically unsustainable. But then again, sustainability
| isn't a consideration when it stands in the way of "better"
| control.
| haxiomic wrote:
| AI is the perfect low cost tool to enable that. Plantir
| knows this and has been making strategic moves to build
| this
|
| Seems quite achievable and sustainable to me
|
| Every human carries dense compute and sensors with them. If
| they don't they stand out while still surrounded by dense
| compute and sensors held by others at all times
|
| Not nice to think about but it is the reality we are moving
| towards - vote accordingly
| hdgvhicv wrote:
| Voting doesn't help. You need to win hearts and minds,
| and the synergy of resources available between the
| trillion dollar industries like AI and Marketing and you
| makes that a losing battle too.
|
| People want this stuff. People want ring doorbells, they
| want age verification, they want government control.
| Think of the children/criminals/immigrants.
|
| Voting won't help.
| martin-t wrote:
| Voting doesn't work because people are not smart enough
| to think multiple steps ahead of people who are
| professionals at this.
|
| Voting doesn't work because everybody votes on
| everything, not just people who understand the subject
| matter.
|
| Voting doesn't work because it's impossible to express
| nuanced choice - you vote for a candidate or party as a
| whole, not on specific policies. The number of parties is
| much smaller than the number combinations of policies so
| some opinions can't be expressed at all.
| lucianbr wrote:
| Those are arguments why voting does not produce a perfect
| outcome. That's different than "voting doesn't work".
| Using arguments like yours nothing can ever work.
|
| Society is complex and there will always be someone
| somewhere that can influence an outcome where he/she
| doesn't understand the subject matter. Hence, nothing
| works and can ever work.
|
| "Let's just give up" is the only conclusion I can see.
| Hardly useful.
|
| Can you give an example of something that works by your
| standards?
| martin-t wrote:
| It does not work to produce a society where people are
| actually the ones holding power and where laws side with
| those in the right - i.e. the current legal system
| anywhere does not represent a consistent moral system and
| is not even close.
|
| You're right it's too strong as a general statement but
| it was in response to a specific issue - those in power
| wanting to take yet another bit of power from the general
| population - (this time and in this particular country)
| by banning VPNs.
|
| People always vote based on the most pressing issues to
| them - immigration, taxes, abortions, LGBT rights (random
| list which is different in every country). Minor issues
| fall between the cracks until they become so bad they
| become pressing to enough people.
|
| > "Let's just give up" is the only conclusion I can see.
| Hardly useful.
|
| Then you're reading it wrong. I listed specific issues -
| the solution is to find solutions to those issues.
|
| Here's a couple suggestions I'd like to see gamed out and
| tested:
|
| - The right to vote not as a function of age but a test
| of reasoning ability and general knowledge.
|
| - Limiting the amount of time a person can perform
| politics (including professional lobbying) to 5-10 years.
|
| - Splitting laws into areas of expertise and potentially
| requiring tests to prove understanding to gain the right
| to vote on those areas for both the general population
| and politicians.
|
| - Replacing FPTP with more nuanced voting systems.
|
| These are just a few random suggestions described
| briefly. When I do this, people start nitpicking and then
| I have to reply with obvious solutions to surface issues
| - I encourage everyone to instead think how to make this
| work (yes, in an adversarial environment) instead of just
| trying to shoot it down.
| esafak wrote:
| China is sustaining it just fine at much higher scale, and
| advancing technology only makes it easier.
| joquarky wrote:
| Seems like a raspberry pi hidden at a library, restaurant, or
| anywhere with wifi would thwart this.
| 1gn15 wrote:
| Feels like they'd make that illegal, and enforce it by
| checking the CCTV footage for the person who planted that
| mini computer, then arresting that person.
| superkuh wrote:
| When the ban happens it'll be really easy to implement
| without requiring only government approved hosts or any such
| distributed measures requiring enforcement. Certificate
| Authorities.
|
| There are just a handful of corporations get to decide which
| websites are visitable every 90 days. Put a bit of legal
| pressure on the corporate certificate authorities and there's
| instant centralized control of effectively the entire web
| thanks to corporate browser HTTPS-only defaults and HTTP/3
| not being able to use self-signed certs for public websites.
| mr_toad wrote:
| There's a handful of commonly used CAs, but the full list
| of CAs is very long.
| superkuh wrote:
| The full list of CAs with root certs in corporate
| browsers is fairly short. That's all that matters. If
| your CA isn't in $browser/$os cert root store then it's
| not going to be useful. $ ls -lathr
| /etc/ssl/certs/ | wc -l 265
|
| And of those far fewer are going to actually be giving
| out certs to human people. CAs are the chokepoint but I
| acknowledge that saying 'a handful' was hyperbolic. A few
| dozen.
| LadyCailin wrote:
| If it went this far, the US would no longer be recognizable.
| Not to say it can't happen, and the US is fast marching in
| that direction, but this would be a _dramatic_ shift in the
| entire underlying fabric of the country.
| slfnflctd wrote:
| Some would argue that the US is already unrecognizable in
| many ways, and that there are clear indications this trend
| will continue.
| LadyCailin wrote:
| For sure. And the US looked very different under
| McCarthyism too, so there's even precedent. But my point
| is that there are other prerequisites that have to happen
| first.
| lucianbr wrote:
| Why is that important? Sounds like saying "well before
| winter comes, autumn must come first". Yeah duh, so what?
| Winter is still coming, if anyone cares about it.
| LadyCailin wrote:
| Because if you overreact to an issue, then that can and
| will be used to dismiss your arguments entirely, and the
| general public can more easily be swayed against you.
| lucianbr wrote:
| Non sequitur. Pointing out an intermediate step changes
| nothing about how bad or good the issue is or how
| appropriate or inappropriate the reaction is.
| deaux wrote:
| Like the _dramatic_ shift that has taken place over the
| last 12 months, you mean?
| Crontab wrote:
| I've been considering doing that, because it seems a lot of VPN
| owned IP addresses are being flagged.
| txrx0000 wrote:
| Consider SoftEther, which is VPN over Ethernet wrapped in
| HTTPS. It's open-source. It has a server discovery site
| called VPNGate. You can host a server to let somebody else
| use, then use a server soneone else is hosting.
|
| https://www.vpngate.net/en/
|
| We're really only missing a few things before there's
| decentralized VPN over HTTPS that anyone in the world can
| host and use, and it would be resistant to all DPI firewalls.
| First, a user-friendly mobile client. Second, a way to
| broadcast and discover server lists in a sparse and
| decentralized manner, similar to BitTorrent (or we may be
| able to make use of the BT protocol as is), and we'd have to
| build such auto-discovery and broadcasting into the client.
| Third, make each client automatically host a temporary server
| and broadcast its IP to the public server lists when in use.
| suslik wrote:
| Using this tech, all the CP traffic would detectably flow
| towards my ip, right? I'm sure I'm not the only one who
| would find this worrisome.
| txrx0000 wrote:
| _> Using this tech, all the CP traffic would detectably
| flow towards my ip, right?_
|
| No, but I'm curious why you'd think that?
| giobox wrote:
| The risk surely exists if you decide to run their gate
| service:
|
| "After you activate the VPN Gate Service, anyone can
| connect a VPN connection to your computer, and access to
| any hosts on the Internet via your computer"
|
| "When you are running the VPN Gate Relaying Function on
| your company's network, then any person's communication
| to Internet hosts will be relayed via your company's
| network."
|
| > https://www.vpngate.net/en/join.aspx
|
| There's simply no way I would offer my residential or
| company IPs as exit nodes to strangers.
|
| > Third, make each client automatically host a temporary
| server and broadcast its IP to the public server lists
| when in use.
|
| If this came to pass, much the same problems.
| numpad0 wrote:
| SoftEther isn't Tor, it's just like modernized client-
| server L2TP style VPN, same deal as WireGuard. The
| volunteer public gateway thing is completely optional and
| voluntary add-on.
|
| The reason it exists is just that it predates WireGuard
| by ~decade.
| skeledrew wrote:
| Technically such a mobile client already "exists". I've
| been working on a cross-platform "super app", which is
| essentially just a Python REPL, but a key design is that
| components/controls of the UI framework that hosts it can
| be returned as a result.
| QuadmasterXLII wrote:
| I logged into reddit from my local library wifi and
| immediately got a contagious ban that spread to all my reddit
| accounts.
| LeoPanthera wrote:
| Tailscale makes this trivial, which is why I'm worried about
| governments starting to block the Tailscale control servers.
| Which I think China already does.
|
| I don't know if Tailscale has any plans to make their service
| more censorship resistant, but I hope they do.
| rpdillon wrote:
| Headscale can help here, if you're willing to host it.
|
| https://github.com/juanfont/headscale
| giobox wrote:
| I did this for years during the early 2010s, but given the IP
| ranges of most the major VPS players are widely known, many
| sites and services now just block them outright. It got to the
| stage I had to stop doing it. I suspect it has only gotten
| worse now many sites are trying to prevent scraping for AI
| training as well.
|
| If your primary focus is just reaching region blocked content,
| Self hosted VPNs can work great if you have access to a
| _residential_ IP in your target country- I 've taken advantage
| of family member's domestic connections instead of VPSes now,
| as I was lucky enough to have family in the regions I wanted.
| Devices like the Apple TV can function as a Tailscale exit node
| too, which greatly simplified deployment.
| txrx0000 wrote:
| A device-side IP filter locked behind a password that parents can
| configure in the device's settings would be much more effective
| and easier to implement than censoring the Internet. This should
| be the default solution, yet it's never brought up for whatever
| reason.
|
| Not to mention these online content censorship laws for kids are
| wrong in principle because parents are supposed to be in control
| of how they raise each of their own kids, not the government or
| other people.
|
| And these laws make authoritarian surveillance and control much
| easier. It's hard to not see this as the main objective at this
| point. And even if it isn't, this level of stupidity is harmful.
| lukashoff wrote:
| > And even if it isn't, this level of stupidity is harmful.
|
| How much more proof do we need that we're speedrunning the
| authoritarianism and frankly we're already somewhat
| authoritarian, it's just pluralism for now. Wait until the
| elites eat each other and only one dictator is left.
| duxup wrote:
| I think putting parents in control is the right path, but will
| reveal a sad fact.
|
| Many parents aren't taking time to be in control, and no amount
| of legislation will fix that.
| Jordan-117 wrote:
| Or the sadder fact that it's not actually about protecting
| kids.
| philipallstar wrote:
| Parents are already in control.
| James_K wrote:
| A trivial amount of legislation can fix that. Law reads: ISPs
| must implement implement parental blocks by default,
| exceptions may only be made on a per-device basis. Parental
| controls must also be enabled on public wifi. Easy as that.
| It doesn't matter how lazy you are, actively going and
| turning something off is more effort than not.
| rgblambda wrote:
| >ISPs must implement implement parental blocks by default
|
| This is already the case in the UK. We discovered another
| sad fact. Parents will suddenly develop the technical
| literacy to turn parental controls off because it's
| inconveniencing them, but won't bother to fine grain the
| control to make it safe for their children.
| hellotheretoday wrote:
| This is 100% the response. I work with kids in mental health
| and the "kick the can to the parents" response is so
| shortsighted
|
| Apple and android controls aren't that difficult to
| understand. Roblox parental controls aren't that difficult to
| understand. Could it be simpler by unifying these things
| under one framework? Sure - I've worked with tons of parents
| who fall under the trap that Roblox is safe because they set
| iOS parental controls. I feel for them because they aren't
| "tech" people and apple conditions them to expect a setting
| to be universal across the operating system, so it's quite a
| shock when they find out their child has been texting with
| some groomer from Roblox chat.
|
| The parents who are doing that will continue to do that.
| Improving those controls will help those parents and I agree
| efforts should be made for them. But for every one of those
| parents I encounter I get about 4-5 more who don't bother to
| set any kind of parental control or filter on their
| children's devices. When their 9 year old starts talking
| about pornhub and I give them resources on setting up
| parental controls it almost always falls on deaf ears. They
| simply don't give a fuck. They can't be bothered to spend 20
| minutes figuring out how to set it up, even if I offer to
| walk them through it.
|
| It is the new form of parental neglect, the modern version of
| a latchkey kid
| rgblambda wrote:
| It'll take legal responsibility being placed on the parent,
| and one parent being prosecuted and convicted for child
| neglect, in order for that attitude to change.
| stephen_g wrote:
| Yes but massive censorship and the constant surveillance of
| children is also not good for the children ultimately. We
| need to bring the question of "does this help create a
| world that we want children to grow up in?"
|
| Are we really going to argue "since some parents won't
| adequately parent their children, we're going to create a
| massive censorship and surveillance apparatus and the
| Government will tightly control what everyone is allowed to
| view or talk about online"?
| alchemism wrote:
| I might dryly suggest that it is prudent preparation for
| the computing environments they will encounter in their
| future jobs. Like the way expensive prep schools have
| children wearing business casual...
| ndriscoll wrote:
| Android doesn't have parental controls, does it? The
| closest thing I'm aware of is Family Link, which is a
| Google service that requires parent and child to have a
| Google account.
| j-bos wrote:
| A technolo-- legislative solution to a social symptom.
| merizian wrote:
| I disagree that legislation can't help. Fundamentally there's
| an education disconnect and unnecessary friction in setting
| up parental controls. Governments can better educate parents
| about the risks, and give them better tools to filter/monitor
| content their children watch (eg at the device level). Being
| a parent is hard and it's possible to make this part easier
| imo.
|
| eg consider child-proof packaging and labeling laws for
| medication, which dramatically reduced child mortality due to
| accidental drug misuse.
| JustExAWS wrote:
| Well the law could be simple - "every computer sold must
| have a prominently displayed 'parental choice' screen on
| first boot that lets the owner specify whether this device
| will be used by a child and give the parents and option to
| block adult content"
| b00ty4breakfast wrote:
| The goal is controling the flow of information online.
| "protecting the children" may or may not be a sincere concern
| but ultimately censorship is what is desired here.
| sigmoid10 wrote:
| Same way the government needs to read all your emails because
| some terrorist on the other side of the world may or may not
| be using email as well to communicate.
| subscribed wrote:
| Whenever "think of the children" shows up as a pretend-
| genuine argument, you may bet on it being a scam/grift.
|
| Read about the infamous EU's chat control and lobbying behind
| it: https://mullvad.net/en/blog/mullvad-vpn-present-and-then
| DuperPower wrote:
| pedo and terror the 2 excuses
| bergfest wrote:
| It's almost like they need these to exist.
| SwtCyber wrote:
| Yep, "think of the children" has become the go-to excuse for
| all kinds of overreach
| EasyMark wrote:
| Ultimately information is power, especially now. Governments
| naturally gravitate to wanting more and more power.
| Authoritarian types are all around, and their power is
| growing in the current political climate of America as they
| see a method that works, turning Americans against each other
| and creating national scares which in turn can be used to
| gain more control over every aspect of our lives
| pksebben wrote:
| It is the objective, it's always been the objective. The worst
| part is that I bet these people don't even think of themselves
| as authoritarian so much as they stumble into it through a
| combination of selfishness, ignorance, and complete disregard
| for ethics. They like money and power, more information means
| more of both, darn the torpedos, tap the lines, hit the gas and
| all of a sudden it's oops all facism.
| vasco wrote:
| These are religious fanatics trying to ban porn because they
| believe it's evil. All the rest is dressing to advance that
| cause and isn't worth spending too much time trying to make
| sense of.
|
| They'd latch on to whatever reason they'd think would stick.
| subscribed wrote:
| You forgot to add they also believe the education sites are
| evil brain rot.
| fireflash38 wrote:
| Don't forget they will brand anything they don't like as
| porn/bad for children. Like gay people daring to exist.
| subscribed wrote:
| IP filter? So what you do when you block the entire cloudflare,
| CloudFront, Amazon and Google cloud ip ranges?
|
| What's left?
|
| There are better solution than blocking IPs.
| txrx0000 wrote:
| Yeah, we can have fancy NN-based filters, but I think even a
| simple IP blocker with some carefully-made presets would go a
| long way.
|
| Anyways, the main point I was making is the filtering should
| be done on-device at the parents' discretion, if they really
| wanted to protect their children. We can give them that
| feature and eliminate an excuse for authoritarian laws at the
| same time. This doesn't even require legislation, we can just
| do it if enough people working on operating systems agree.
| JustExAWS wrote:
| I have worked in cloud consulting for a little over five
| years. A lot of companies specifically ask that we blocked
| traffic from cloud providers. It's a built in feature of AWS
| WAF.
|
| Ironically enough, that meant when I was working at AWS, I
| sometimes couldn't access a site that I was working on for a
| client when I went into the office for a business trip (I
| worked remotely).
| SwtCyber wrote:
| Whether it's intentional or not, these laws open the door to
| mass surveillance under the guise of "protection"
| JustExAWS wrote:
| This has existed for well over a decade for iOS. I don't use
| Android so I can't speak to it.
| SoftTalker wrote:
| > parents are supposed to be in control of how they raise each
| of their own kids
|
| You realize that a lot of parents support this sort of thing
| because they are not technically sophisticated enough to
| control it themselves? Or they simply think that it has no
| place in polite society? That is why politicians enact these
| laws, because they are hearing from constituents that they want
| it.
| Longlius wrote:
| Excuse my somewhat peeved tone, but if parents aren't capable
| of pressing one (1) button on a iPhone/Android setup screen
| to turn on the parental controls and content blocking, then
| perhaps we should be rethinking their capacity to raise
| children.
| dpoloncsak wrote:
| I wonder if all of the journalism on Epstein would be considered
| "Sexual content" and if journalists would be forced to self-doxx
| to report in these states
| Crontab wrote:
| I've been thinking a lot about VPNs lately, mainly for 2 reasons:
|
| 1) In my home state I can no longer access Pornhub
|
| 2) Last month I visited Mississippi and could not access BlueSky,
| even though I can from my home state.
|
| [I personally blame this on the "holier then thou", "don't tread
| of me" conservatives who cannot resist the urge to try to rule
| over the activities of others.]
|
| I haven't selected a VPN provider because I have heard that a lot
| of websites create barriers to people who use VPNs. For example,
| I've seen people say that couldn't access Reddit via a VPN.
| ThePowerOfFuet wrote:
| You can access Reddit from a VPN while signed into Reddit.
| tim333 wrote:
| I've not had much problem. Never had that problem with Reddit.
| I use the free veepn browser extension.
|
| Accessing imgur from the UK has been a bit tricky. Sometimes
| they limit certain IP addresses like the US one usually doesn't
| work but the Singapore one does (slowly) for some reason.
| rileymat2 wrote:
| "Here's what happens if VPNs get blocked: everyone has to verify
| their age by submitting government IDs, biometric data, or credit
| card information directly to websites--without any encryption or
| privacy protection."
|
| Can someone explain how this is true? Even if there is not a VPN,
| there should be https encryption and privacy protection.
| joquarky wrote:
| My guess is that this data isn't secure even at rest, as the
| constant flow of data breaches has shown.
| stavros wrote:
| They mean "no privacy protection from the website", presumably.
| Websites getting compromised and leaking IDs is a big deal, now
| that we've decided that websites should be seeing our IDs.
| jamzer wrote:
| I think they're referring to the verification end, in terms of
| being required to hand over personal info to various parties, a
| certain percentage of which will have insufficient security and
| be compromised resulting in your info being leaked.
|
| Or otherwise that if you want to effectively ban VPNs you'll
| end up at the point where secure encryption is effectively
| banned, because there are ways to tunnel traffic over pretty
| much any protocol eg. SSH, HTTPS if you're creative.
| 1vuio0pswjnm7 wrote:
| "Here's what happens if VPNs get blocked: everyone has to verify
| their age by submitting government IDs, biometric data, or credit
| card information directly to websites-without any encryption or
| privacy protection.
|
| We already know how this story ends. Companies get hacked. Data
| gets breached. And suddenly your real name is attached to the
| websites you visited, stored in some poorly-secured database
| waiting for the inevitable leak. This has already happened, and
| is not a matter of if but when. And when it does, the
| repercussions will be huge."
|
| Then
|
| "Let's say Wisconsin somehow manages to pass this law. Here's
| what will actually happen:
|
| People who want to bypass it will use non-commercial VPNs, open
| proxies, or cheap virtual private servers that the law doesn't
| cover. They'll find workarounds within hours. The internet always
| routes around censorship."
|
| Even in a fantasy world where every website successfully blocked
| all commercial VPNs, people would just make their own. You can
| route traffic through cloud services like AWS or DigitalOcean,
| tunnel through someone else's home internet connection, use open
| proxies, or spin up a cheap server for less than a dollar."
|
| EFF presents two versions of "here's what will happen"
|
| If we accept both as true then it appears a law targeting
| commercial VPNs would create evolutionary pressure to DIY rather
| than delegate VPN facility to commercial third parties. Non-
| commercial first party VPNs only service the person who sets them
| up. If that person is engaged in criminal activity, they can be
| targeted by legislation and enforcement specifically. Prosecution
| of criminals should not affect other first party VPNs set up by
| law-abiding internet users
|
| Delegation of running VPNs to commercial third parties carries
| risks. Aside from obvious "trust" issues, reliability concerns,
| mandatory data collection, potential data breach, and so on, when
| the commercial provider services criminals, that's a risk to
| everyone else using the service
|
| This is what's going on with so-called "Chat Control". Commercial
| third parties are knowingly servicing criminals. The service is
| used to facilitate the crime. The third parties will not or
| cannot identify the criminals. As a result, governments seek to
| compel the third party to do so through legislation. Every other
| user of the service may be affected as a result
|
| Compare this with a first party VPN set up and used by a single
| person. If that person engages in criminal activity, other first
| party VPNs are unaffected
|
| EFF does not speculate that third parties such AWS, DigitalOcean,
| or "cheap server[s] for less than a dollar" will be targeted with
| legislation in their second "here's what will happen" scenario
|
| Evolutionary pressure toward DIY might be bad news for commercial
| third party intermediaries^1
|
| But not necessarily for DIY internet users
|
| 1. Those third parties that profit from non-DIY users may invoke
| the plight of those non-DIY users^2 when arguing against VPN
| legislation or "Chat Control" but it's the third parties that
| stand to lose the most. DIY users are not subject to legislation
| that targets third party VPNs or third party chat services
|
| 2. Like OpenAI invoking the plight of ChapGPT users when faced
| with discovery demands in copyright litigation
| scrps wrote:
| Preexisting solutions to future problems! Thanks to AI (mostly)
| botnets specifically for renting residential IPs have
| multiplied since most commercial VPN IP blocks get rate-
| limited, captcha'd, outright blocked which got even worse with
| AI.
|
| People causing shenanigans using residential IPs if they ban
| VPNs is gonna lead to a lot of kicked doors, red herrings,
| lawsuits, and very probably ballooning budgets and will yet
| again fail to stop Bad Things(tm) not that it was really
| designed to anyway. I wonder if they think this is a good idea
| because they have machinations or is it just that they are
| clueless wealthy dinosaurs corrupting a future that isn't
| theirs?
| 1vuio0pswjnm7 wrote:
| Commercial third parties intermediating use of the web don't
| solve problems of "privacy"
|
| They might interfere with the businesses of other third party
| intermediaries like "Big Tech"
|
| Paying the middleman (intermediary) might in theory discourage
| it from conducting commercial surveillance but it doesn't solve
| the problem presented by using third parties as middlemen
|
| The possibility to profit from surveillance remains
|
| An effective solution would remove the possibility, and thereby
| the incentive, by removing the third party
| etchalon wrote:
| Couldn't all of this be handled by META tags, request/response
| headers and some "they'll obviously do it" laws aimed at
| operating systems, device manufacturers and browser companies?
| stavros wrote:
| You don't need to burn books if you can just ban access to them!
| kbrkbr wrote:
| After Wisconsin finds out how to reliably filter vpn, they can
| then teach Netflix and Akamai how to do it.
|
| Last time I checked modestly reliable geoblocking existed, and
| completely unreliable vpn blocking.
|
| A friend told me that when he comes across a site for which
| Nordvpn is blocked, he just changes IP. Latest the third one
| always works, even on YouTube (he is all about privacy).
| aydyn wrote:
| Lots of sites do in fact block VPNs successfully. How? Well
| they could just sign up for NordVPN and see which IPs they use
| directly. Its not rocket science.
| kbrkbr wrote:
| I do have a bit of experience with managing WAFs for large
| online gaming providers and I can tell you it's not a solved
| problem. Netflix would also love to hear how I guess.
|
| Even if you somehow manage to enumerate the Nordvpn IPs - a
| thing of which Nordvpn probably thought in their threat model
| - then you still have thousands of other providers.
| rda2 wrote:
| It's different if you have influence over the network, like a
| government might. I spend a lot of time in China, and they've
| done a good job of blocking VPNs in recent years, including my
| personal WireGuard connection to my home network. Not that any
| technical solution is impossible to bypass, but a motivated
| state government could make VPN use difficult if it wasn't for
| the whole Constitution thing.
| phantomathkg wrote:
| It is a cat and mouse game, it is whether the service provider
| do or not. I remember AWS WAF can block VPN ages ago, according
| to this announcement, it is 2020.
|
| https://aws.amazon.com/about-aws/whats-new/2020/03/aws-waf-a...
| charcircuit wrote:
| You don't have to reliably block something to make a law
| against it. Murder is illegal despite the government not
| figuring out how to reliably stop people from murdering each
| other.
| chrismorgan wrote:
| _So many_ people miss this in such discussions. Like that
| Australian politician's "the laws of physics are all very
| well, but the laws of Australia are the only ones we care
| about" which was widely ridiculed in technical circles that
| did not grasp its truth: that law is _all about_ declaring
| physically-possible actions illicit.
|
| However, to address your _specific_ chosen example, one could
| argue a difference from murder, if they say "your site must
| block these traffic sources or you're in trouble": one could
| argue (it's not at all cut and dried) that it's like saying
| that venues are liable for the murders committed at them,
| rather than the murderer.
| NoMoreNicksLeft wrote:
| You misunderstand. When they "ban VPNs", it's not that the VPN
| police will be patrolling your neighborhood trying to catch you
| using Mulvad or whatever. Instead, the AG will send a letter to
| the VPN provider, threatening to prosecute them for selling an
| illegal service. And they will comply and shut down. Once the
| commercial services are gone, it won't matter that you could
| hide your own VPN usage in a practical sense, because 1 in 100
| people have the resources, technical expertise, and time to set
| up their own VPN server offshore. Furthermore, it may be cost
| prohibitive... I'm spending $3/month or so. I can't spend
| $250/month on this. And if I could, it will just break more
| often, I won't get the 99% uptime I usually get either.
|
| Something that's extraordinarily low effort will become
| exceedingly high effort, and this will achieve their goals.
| kbrkbr wrote:
| The text we are discussing says: "It's an age verification
| bill that requires all websites distributing material that
| could conceivably be deemed "sexual content" to both
| implement an age verification system and also to block the
| access of users connected via VPN." That's what I was
| discussing. Not sure where AG and vpn providers come in.
| elzbardico wrote:
| The law is stupid and dangerous. But this is not what it
| says.
|
| It says that a site that distributes harmful content for
| minor, like, let's say, xvideos, will have to block vpn users
| from wiscosin.
|
| Yes. that will mean, that if xvideos will wish to be
| compliant with Wiscosin laws, they would have to figure out a
| way to block all vpn users.
|
| Bad. Really bad.
|
| But no, it's not like Wiscosin citizens will be prevented to
| work remotely using a VPN to connect to their corporate
| network.
| raw_anon_1111 wrote:
| Florida requires age verification today to go on porn sites.
| Guess how many of the mainstream porn sites not based in the
| US completely ignore it?
| SwtCyber wrote:
| It's like watching people try to duct-tape the internet into
| behaving the way they imagine it should
| InMice wrote:
| Of course, what if I use an SSH tunnel instead as that normally
| suffices a lot easier for me. It's basically the same underlying
| libraries? They would have to regulate the use of libssl,
| libcrypto, etc. This makes no sense lol.
|
| Am I going to find myself in jail one day for "Unregulated use of
| a private/public key pair?"
| willis936 wrote:
| That depends on if you are poor and/or considered a political
| enemy. Where is the party of small government?
| autoexec wrote:
| The actual size of government doesn't much matter, it's what
| the government does and doesn't do that counts.
| brookst wrote:
| "Small government" is ambiguous. It used to mean exactly
| that -- scope of powers. These days it's become unclear and
| some people use it to mean headcount.
| coldpie wrote:
| > Where is the party of small government?
|
| It's the conservative 2/3 of the Democratic party.
| LexiMax wrote:
| > Where is the party of small government?
|
| "Small government" in all its forms and variations is smoke.
|
| If you hear someone who says they desire small government,
| they are either lying to your face because they want their
| despot to have power, or haven't given their position enough
| interrogation to ask themselves the question "If the
| government isn't powerful, what is preventing a power-hungry
| despot from seizing power?"
| hsbauauvhabzb wrote:
| The tunnel part isn't exactly a crypto function, but the crypto
| makes it hard to detect. You can tunnel anything over http,,
| telnet, dns or sms too.
| James_K wrote:
| >Of course, what if I use an SSH tunnel instead
|
| Are you a child? Probably not, so you are just accessing
| legally available content by alternate means. It's strange how
| many people think they are out-smarting a system when said
| system is explicitly designed to allow them access.
|
| These laws are primarily intended to stop children browsing the
| internet from being exposed to porn and gore when they're
| simply browsing the web. A child who has gained sufficient
| independence to purchase their own VPN subscription or operate
| an SSH server to look at pictures of boobies without their
| parents knowing has also likely reached the point in life where
| doing so is not harmful to them.
| monooso wrote:
| Did you read the article?
|
| Firstly, the article makes it clear that the definition of
| "harmful to children" is being systematically expanded to
| mean "makes conservatives a bit uncomfortable."
|
| And secondly:
|
| > It's strange how many people think they are out-smarting a
| system when said system is explicitly designed to allow them
| access.
|
| The whole point of the article is to draw attention to the
| fact that certain regions are trying to make the use of a VPN
| illegal. If that were to happen, using an SSH tunnel would
| indeed be "outsmarting the system."
| Nifty3929 wrote:
| I agree with you, except maybe 'using an SSH tunnel would
| indeed be "outsmarting the system."'
|
| Not sure how you meant that, but I'm sure that using an SSH
| tunnel to get around VPN restrictions will be determined to
| be illegal. They'll just say an SSH tunnel IS a VPN in the
| legal sense.
|
| Of course, this won't matter for the vast majority that
| they don't prosecute - it will only matter for the few they
| do, which hopefully isn't you or me. But you never know.
| You get pulled over for a broken taillight and then - "hey,
| is that a NordVPN sticker on your laptop there..." and next
| thing you know you're doing 10-life.
| ndsipa_pomu wrote:
| > the article makes it clear that the definition of
| "harmful to children" is being systematically expanded to
| mean "makes conservatives a bit uncomfortable."
|
| Seems clear to me that a lot of religious sites are
| directly harmful to children if they allow the church
| elders abuse them with impunity.
| dabinat wrote:
| Part of the problem is that in order to prove your age you need
| to hand over a bunch of unrelated data about yourself. Why do
| they need to know my name, address, signature, and what I look
| like? They don't even need to know my actual age, just that I'm
| over 21. Laws like this would go down a lot better if there were
| privacy-respecting ways of verifying age.
| SwtCyber wrote:
| Probably because the real priority isn't age verification it's
| data collection and control.
| owisd wrote:
| There are privacy-respecting ways, e.g.
| https://blog.google/products/google-pay/google-wallet-age-id...
| uses Zero Knowledge Proofs to just verify age without revealing
| any other personal data. If Online Safety was just a data
| collection Trojan horse than this kind of approach wouldn't be
| allowed.
| James_K wrote:
| It seems it would be much more effective to regulate ISPs,
| requiring them to disallow users from accessing adult sites and
| VPNs without first verifying their age. This also wouldn't be a
| violation of privacy since you are already giving your ISP your
| physical address. The only place users would be expected to
| identify themselves is over public wifi.
| zerof1l wrote:
| I'm curious how they plan to enforce it lol, because I don't
| think they can. Unless they plan to build something similar to
| the Great Firewall of China. But it will have to be nationwide. I
| don't think one state can do it.
| defanor wrote:
| > It Won't Even Work
|
| I heard similar sentiments about censorship efforts in Russia,
| but it does seem to work, unfortunately. So far they have
| outlawed and blocked major VPN providers (and keep blocking more,
| including non-commercial ones, like Tor bridges, and foreign
| hosting companies' websites), blocked major detectable protocols
| used for those (IPsec, WireGuard), made usage of proxying ("VPN")
| an aggravating circumstance for the newly-introduced crime of
| searching for "extremist" information. That seems to deter many
| people already, and once the majority is forced to use the local
| approved (surveilled, censored) services, it is even easier to
| introduce whitelists or simply cut international connections (as
| is already practiced temporarily and locally), at which point the
| ban is successfully applied to everyone.
| LadyCailin wrote:
| It won't even work*
|
| *without resorting to complete Russian style government control
|
| The US is not (yet) Russia. The rule of law is definitely being
| destroyed as we speak, so who knows 5, 10 years down the road,
| but there are still several prerequisite institutions that need
| to be destroyed before the US could reliably enforce a VPN ban.
| forgotoldacc wrote:
| Every country that has slid into North Korea style total
| control begins with a "it won't happen here. And it'd stop
| before it gets that bad."
| jhrmnn wrote:
| Can you name some examples?
| vinay427 wrote:
| From my reading, the GP comment isn't claiming otherwise,
| but just that that sort of VPN ban isn't enforceable in
| advance of some of those changes. They do directly suggest
| they don't know how long this will remain the case.
| LadyCailin wrote:
| Exactly. I'm not saying don't fight this, you should,
| tooth and nail. But losing doesn't mean VPNs will stop
| working.
| colechristensen wrote:
| >Every country that has slid into North Korea style total
| control begins with a "it won't happen here. And it'd stop
| before it gets that bad."
|
| This is a pretty bold claim and I'm not sure it matches up
| with reality.
|
| Karl Marx said that in the first stage of communism there
| would be a required period of dictatorial control in order
| to transition from and dismantle capitalist institutions.
| This is exactly what happened in China and the USSR...
| there just never was a phase 2.
|
| That's not quite "this will never happen here", more like
| premeditated dictatorship that never ended because the
| ruling class preferred being a ruling class rather than
| return themselves to "communist paradise".
| mananaysiempre wrote:
| If we're exhuming odious corpses, Lenin did say the first
| step would be to control the telegraph and telephone
| exchanges. Control over the spread of information was
| understood to be crucial even then. (Admittedly in
| Lenin's case he was also talking about battlefield
| coordination inside a city, what with the absence of
| portable radios.)
|
| As far as Marx, well, he didn't provide a recipe for
| phase 2 either--he just kind of assumed that things would
| fall into place naturally after the revolution (that
| needed to be global! the whole communism-within-a-country
| thing was a later invention / post-hoc rationalization,
| lampooned masterfully by Voinovich's _Moscow 2042_ ). The
| entirety of the nascent social sciences field (which Marx
| was performing to the contemporary standards of, however
| disastrously that turned out) was rather high on the
| whole natural law thing around that time. Turns out that,
| if you created a power vacuum, it would be filled by
| people who had most ruthlessly optimized for capturing
| power, as opposed to fairness, your preferred ideology,
| or anything else. Which at first meant Lenin and then
| ultimately Stalin, in whose purges died the last true (if
| at that point very, very bloody) believers. (Notice also
| how there are very few mentions in history of the
| eponymous _soviet_ s, councils [of workers and peasants],
| deciding anything whatsoever.) Also most of the
| intellectual backbone of the nation and the national
| liberation movements of multiple peoples, but who's
| counting.
| Gud wrote:
| Not really, because pre-Soviet Union wasn't a capitalist
| society.
|
| Russia and China were barely industrial nations.
| Demiurge wrote:
| Russia was primarily an agricultural exporter, but it was
| most certainly a capitalist society prior to revolution.
| It bought and sold many things, and was an industrial
| nation, on par with many others in Europe, with a
| capacity to build war ships, tanks, artillery, trains and
| so on. It had other tremendous inequalities, but without
| factories, without lower officers in the navy and army,
| without the first revolution where the capitalists took
| over, there would be no second revolution of the
| bolsheviks, or soviets.
| spwa4 wrote:
| If buying and selling things internationally makes a
| country capitalist, then Soviet Russia was capitalist.
| Pre-Soviet Russia was mercantilist, which can be somewhat
| handwavyly described as capitalism-unless-I-can-kill-you,
| both between people within a nation and between nations
| themselves and is still not entirely dead.
| oscaracso wrote:
| Buying and selling things internationally does not make a
| country capitalist.
| uhhuhnwhatdoes wrote:
| No True Scotsman applied to concept; fascinating.
|
| Capitalism is circumlocutions of long dead people who
| provided little to society but the sound of their voice,
| vacuous writings.
|
| So kind of the educated labor exploiters of the past to
| explain how the world must work. Very TINA of them.
|
| Capitalism is people socially convincing each other
| there's a communal upside to capitalism. Sounds almost
| like socialist communist nonsense, this capitalism.
|
| Strip away endless obfuscation the real economy is
| anything but physical statistics, it becomes clear
| capitalism is just empty rhetoric.
| pessimizer wrote:
| You said "if buying and selling things internationally
| makes a country capitalist," somebody told you that's not
| what capitalism is, and you said "no true scotsman."
|
| You have to do better than this to convince people of
| things.
|
| If you had said "Buying and selling things
| internationally makes a country capitalist" rather than
| posing a pointless hypothetical, you would have had to
| defend that, and you weren't ready to.
| gishh wrote:
| Capitalism and communism couldn't be more different, in
| the true definition of the terms.
|
| Communism is literally a ruling class dictating the lives
| of an entire country. Capitalism at least gives the
| opportunity of individual action.
|
| You are allowed to hate capitalism, clearly you do, and
| advocate for socialism, et. al. Whatever point you think
| you just made with your post is completely devoid of
| substance.
| Gud wrote:
| Well, that is not the definition of capitalism.
| colechristensen wrote:
| Your hair-splitting argument is missing the point
| entirely, don't you see that?
| bccdee wrote:
| > Karl Marx said that in the first stage of communism
| there would be a required period of dictatorial control
|
| Not that it particularly matters, but he didn't say that.
| Marx never set down specific ideas about how a communist
| or proto-communist society should organize itself. He
| thought history was a natural progression of inevitable
| forces and was more interested in establishing the
| inevitability of communism (ha) than in describing
| specifically what a post-capitalist society would look
| like. (Misleadingly, he did use the phrase "dictatorship
| of the proletariat," though not to describe any type of
| dictatorial government.)
|
| The whole "vanguard party of elites ruling by fiat" thing
| was Lenin's idea. Lenin though the working class wasn't
| educated enough to lead itself, so a ruling Communist
| Party should act as a steward on their behalf. Naturally,
| this idea was popular with people like Lenin and Mao,
| since it justified their being elevated to the status of
| authoritarian dictators.
|
| > more like premeditated dictatorship
|
| Lenin's communist party was, in theory, meant to
| represent the public. The pitch was never, "time for our
| prescribed period of temporary authoritarian
| dictatorship." Like any other political party, the
| Communist party was supposed to be democratically
| selected and represent the public. Obviously it quickly
| became corrupt and snuffed out the democratic elements,
| but any government is vulnerable to that sort of thing.
|
| No, I think the USSR's descent into authoritarianism was
| very much an "it won't happen here" phenomenon, save
| perhaps for the fact that the Tsar's monarchy had only
| just ended and authoritarianism would have been nothing
| new to Russia.
| estimator7292 wrote:
| That's a tautology, and not even an interesting one.
| mananaysiempre wrote:
| Don't exaggerate the level of control required. For all that
| things are bad and getting worse, Russia has not reached the
| North Korea percolation point where every facet of government
| control is tied to every other one. (Neither has Russia
| reached a NK-style total war economy, partly through
| bureaucratic dysfunction and partly by design; but I
| digress.) The things that it does are still pretty modular
| and don't require $YOURCOUNTRY becoming Russia in its
| entirety. Hell, London had more outdoor surveillance than
| Moscow until after Covid. As far as Internet censorship,
| here's what the playbook was:
|
| 1. Have a dysfunctional court system. (Not a powerless one,
| mind you; it's enough that it basically never rule against
| the government. It would probably even be enough if it never
| ruled against any of the following.)
|
| 2. Mandate page-level blocks of "information harmful to the
| health and development of children" (I wish I were joking)
| for consumer ISPs, by court order; of course, that means IP
| or at least hostname/SNI blocks for TLS-protected websites,
| we can't help that now can we. The year is 2012.
|
| 3. Gradually expand the scope throughout the following steps.
| (After couple of particularly obnoxious opposition websites
| and against an unavoidable background of prostitution and
| illegal gambling, the next victim, in 2015, was piracy
| including pirate libraries. Which is why I find the notion of
| LibGen or Sci-Hub being Russian soft power so risible, and
| the outrage against Cloudflare not being in the moderation
| business so naive.)
|
| 4. Make sure the court orders are for specific _pieces of
| content_ not _websites_ (as they must be if you don't want
| the system to be circumventable by trivial hostname hopping),
| meaning the enforcement agency can find a particularly vague
| order and gradually start using it for whatever. Doesn't hurt
| that the newly-blocked website's owner will be faced with a
| concluded case in which they don't even have standing.
|
| 5. Ramp up enforcement against ISPs.
|
| 6. Use preexisting lawful intercept infra at ISPs to ramp up
| enforcement even further. Have them run through the agency-
| provided daily blacklist, fine the offenders. Any other probe
| you can get connected to the ISP will work too.
|
| 7. Offer ISPs a choice (wink, wink) of routing their traffic
| through agency-controlled, friendly-contractor-made DPI boxes
| they will need to buy, promising to release them from some
| liability. (First draft published 2016, signed into law
| 2019.)
|
| 8. Mandate the boxes.
|
| 9. It is now 2021 or so and you've won, legally and
| organizationally speaking, the rest is a simple matter of
| programming to filter out VPN protocols, WhatsApp calls and
| such. Pass additional laws mandating blocks of "promotion" of
| block evasion if you wish, but the whole legal basis thing is
| a pretence at this point. For instance, you can de facto
| block YouTube absent any legal order by simply having the DPI
| boxes make it very slow, a capability not mentioned in any
| law whatsoever, then cheerfully announce that in the national
| press.
|
| See how very _easy_ it is? How each legal or technical
| capability logically follows from very real deficiencies of
| the preceding ones so even a reasonable court would be
| disinclined to rule against them? Understand now why I'm
| _furious_ when reasonable people on this forum defend the
| desires of their--mostly good and decent!--governments to
| control the Internet?
|
| (See also how most of this happened before "Russia bad"
| became the prevailing sentiment, and how most of it went
| largely unnoticed in the EU and US, aside from a couple of
| reputable-but-fringe orgs like RSF to whom very few listen
| because they cry wolf so much? The ECtHR didn't even get to
| the cases, IIRC, before the trap snapped shut and Russia was
| drummed out of the Council of Europe to widespread cheering,
| making the matter _de facto_ moot.)
|
| You know that road. You know exactly where it ends.
| nirui wrote:
| It's not just a VPN ban, the word VPN in the context means
| proxy, and you can setup a proxy with something as basic as a
| SSH command.
|
| It's basically a restriction on communication, i.e. the
| government decides who you're allowed to talk to, not just a
| privacy issue.
| Spooky23 wrote:
| Not really, that's just the type the EFF gins up. The
| problem is the regulation of speech and requiring
| verification.
|
| The VPN stuff is a misapplication of security "best
| practices". Tech companies are amoral and happily
| facilitate the use of their technology for oppression in
| other places.
| spwa4 wrote:
| I would argue it's more accurate to say tech companies
| take the "old-style" US approach. It's based on the idea
| that propaganda doesn't actually work. There weren't many
| actual communists in Russia, it was a dictatorship with
| mostly prisoners/hostages who were threatened into lying,
| and knew full well that they were threatened, and after
| the teenage phase is over, actually start asking " _why_
| are we being threatened over this? ".
|
| So as soon as they left with little intention to return,
| they suddenly become the problem that socialists _really_
| hate to discuss: ex-Soviets hate socialism. It 's like
| cults, or, if we're honest, there's other repressive
| groups and repressive ideologies that have loooooooooong
| lost their any usefulness and really only the repression
| remains.
|
| In other words, if tech companies show Chinese that non-
| communist democratic states exist and how it is to live
| there, then no amount of CCP censorship will ever
| _actually_ convince those people that the CCP has good
| intentions.
|
| Judging by my conversations with Chinese, it's working.
| bccdee wrote:
| > There weren't many actual communists in Russia
|
| What's this claim based on?
|
| Hierarchies are fractal; at every level of an ideological
| authoritarian society, comfort and influence are only
| granted in exchange for affirming and regurgitating state
| ideology. Cognitive dissonance forces people who take
| that deal to choose between losing self-respect and
| accepting the ideology. I think you'd be surprised how
| well this works. People always want to believe that they
| deserve the things they have.
|
| > ex-Soviets hate socialism
|
| Naturally, they change their minds when they leave.
| There's no longer any psychological incentive to believe.
| Besides, people who choose to leave have typically
| already broken with the ideology. You compare it to a
| cult, but the thing about cults is that the members
| generally _do_ believe.
|
| > non-communist democratic states exist and how it is to
| live there
|
| Life in many authoritarian states is fine for most
| people. It is what it is; if you don't make a fuss, you
| can live pretty comfortably. Obviously many dictatorships
| are not like this, but China is fairly stable.
|
| For almost all of human history, people have lived under
| authoritarian governments. It's unpleasant to think
| about, but authoritarianism can be stable and durable.
| There's no guarantee that democracy wins.
| spwa4 wrote:
| > Life in many authoritarian states is fine for most
| people. It is what it is; if you don't make a fuss, you
| can live pretty comfortably. Obviously many dictatorships
| are not like this, but China is fairly stable.
|
| I've always found Chinese who left are either rich or
| not. If they're rich, they've seen other rich suddenly
| fall out of grace, suddenly "relocate" or outright
| disappear.
|
| If they're not rich, they've always been miserable in
| China, and don't want to go back.
| bccdee wrote:
| I mean, of course the people who left wanted to leave.
| What about people who actually live in China?
| pessimizer wrote:
| > there are still several prerequisite institutions that need
| to be destroyed before the US could reliably enforce a VPN
| ban.
|
| Ah, the "institutions." I didn't think about those. Very
| convincing.
| cedws wrote:
| I think us software people tend to think in absolutes. Yes,
| completely banning VPNs is very difficult. But for a
| totalitarian government, reducing VPN usage by say 60% is a
| win. You only have to make it difficult enough for the layman.
| gjsman-1000 wrote:
| I keep citing, as an example of this, speed limits.
|
| You can literally break the law by just pushing your foot
| down harder. It's that easy! Therefore they're pointless.
|
| Or, the TSA. They might have taken away my knife, but putting
| a rock in a sock and hitting someone in the head is an easy
| workaround. Therefore it's pointless.
|
| (Arguing that the law is easy to break has no effect on
| whether the law is a good idea, should exist, or is
| effective.)
| thaumasiotes wrote:
| Your examples are unlike each other.
|
| What stops people from speeding more than they already do
| is enforcement. The law isn't doing anything.
|
| But the TSA isn't a law. The TSA is, notionally, the
| enforcement. And it doesn't do anything either.
|
| So the TSA _really is_ pointless. If you drive around at 30
| mph over the limit, you 're going to get a ticket, and this
| traffic cop presence stops people from speeding "too much".
| If you smuggle explosives onto an airplane, you may die in
| the crash, but that would have happened regardless of the
| TSA. The TSA hasn't added any value.
| brookst wrote:
| The examples are similar in that they demonstrate that
| reducing probability is a reasonable goal, and it is a
| mistake to say anything imperfect is useless.
|
| Your take on TSA seems to be in the imperfect=useless
| camp. There are good ROI, efficiency, and philosophical
| reasons to want to abolish TSA, but it seems naive to say
| there is zero value and their mere existence has not
| deterred anyone.
| maxbond wrote:
| I think the problem with these examples is that they
| conflate instrumental goals with terminal goals.
|
| People speed to get to a destination faster or to relieve
| their frustration on the road (street racers
| notwithstanding). If the cost of speeding increases
| they'll speed much less, because they're more interested
| in their terminal goal. There's a lot of elasticity here.
|
| Attacking a plane is a terminal goal for terrorists. If
| it gets harder, they'll do it somewhat less or pursue
| softer targets. But there's much less elasticity here. So
| it's less clear that more security measures will result
| in fewer deaths.
|
| That doesn't imply the TSA is useless but I think it
| might be clarifying to the discussion.
| adgjlsfhk1 wrote:
| the problem with TSA is that their effectiveness is near
| 0. every time there have been tests, ~3/4ths of
| bombs/guns go straight through. you'd get better accuracy
| out of a monkey pointing at whoever happens to have a
| banana in their bag
| thaumasiotes wrote:
| > There are good ROI, efficiency, and philosophical
| reasons to want to abolish TSA, but it seems naive to say
| there is zero value and their mere existence has not
| deterred anyone.
|
| Are you familiar with the TSA's measured efficiency? It's
| not naive at all to say that, below a certain detection
| threshold, the deterrence value is zero.
|
| Compare https://www.loweringthebar.net/2015/06/tsa-
| successfully-pass... .
|
| You'll notice that what I actually said was "[the TSA
| doesn't] do anything", which is accurate in a context of
| accident prevention. I didn't call them imperfect. I
| called them useless directly. It isn't the case that they
| do some good work and some bad work. They don't do
| anything that is useful in any degree.
| ACCount37 wrote:
| TSA really is pointless, and airport "security" in general
| is an example of what you get when you keep sacrificing
| real freedom to fight imaginary threats.
|
| If Trump administration was ever serious about reducing
| government waste, they should have dismantled the TSA.
| JustExAWS wrote:
| Are you really unaware of how often plane hijackings use
| to occur?
| fn-mote wrote:
| Eyeballing the data [1], it looks like total fatalities
| in the low 1000s, and roughly 20 hijackings per year
| 1980-2000. Let's value each human fatality at $1M, and -
| lacking any knowledge about the subject - cargo also at
| $1M/incident.
|
| That's about $1B in human life loss and $20M/year in
| cargo.
|
| The 2025 budget for ths TSA was over $10B, so we're
| spending 10x the loss to prevent it. Value each human
| life at $10M? Then the total value of lives lost over a
| 20 year span is about one year of TSA spending.
|
| [1]: https://ourworldindata.org/data-insights/airline-
| hijackings-...
| JustExAWS wrote:
| You're completely ignoring the knock on economic effects
| of lower confidence in flight safety, liability and the
| not so hypothetical ability of someone to take over a
| plane and use it to attack ground targets.
|
| AirTran for instance went out of business because of one
| crash. If someone blew up a United plane, I can guarantee
| you that Delta would increase the security before you got
| on their flights to instill confidence on passengers.
|
| And people act as if airport security and the TSA
| measures are unique to the US. My wife and I just got
| into a position where the stars aligned for us to fly a
| lot post Covid. But during that time the three countries
| that we have flown out of - London, Costa Rica and Mexico
| all have the basic same security measure with the slight
| difference that you can bring liquids on board from LHR
| because they have newer scanners that supposedly detect
| explosives.
|
| And it's not just airlines. We also had to go through the
| same type of security to get on the "Chunnel" from London
| to France.
|
| The only thing that is really theatre is taking off your
| shoes in the US.
| antonkochubey wrote:
| The current VSL (value of a statistical life) is
| approximately $13.1 million, a figure that varies by
| agency. For example, the Department of Transportation
| (DOT) uses $13.7 million for its safety standards.
| idiotsecant wrote:
| Barely ever? I don't see any evidence to suggest that the
| TSA has any level of effectiveness in preventing them,
| either.
| Filligree wrote:
| What prevents them is the reinforced cockpit door, and
| the passengers' knowledge that they'll die if they don't
| stop the hijackers.
|
| The TSA just happened to be made ac the same time as that
| changed.
| raw_anon_1111 wrote:
| Guns? If you don't have security. It's a lot easier to
| overpower someone with knives than guns
| AnthonyMouse wrote:
| Plane hijackings used to occur because the SOP was to not
| resist and try to negotiate with the hijackers for the
| safe release of the passengers.
|
| After 9/11 the assumption has to be that they're going to
| fly the plane into a building and kill everyone, so now
| if you try to hijack a plane all the passengers and crew
| are going to beat you to death with their fists and
| shoelaces like their life depends on it, which makes it a
| lot harder to hijack a plane. The TSA has approximately
| nothing to do with that.
| raw_anon_1111 wrote:
| Yes and how well is that going to work if people can get
| guns on board? Flight 94 they had knives.
| AnthonyMouse wrote:
| Guns are trash on a plane. The use of a firearm is to be
| able to incapacitate someone from far enough away that
| they can't counterattack. Planes are densely packed with
| people. You'd have people surrounding and disarming you
| long before you could get control of the plane. How many
| shots do you expect to get off when anyone you're not
| currently aiming at can put their hands on the gun while
| someone else grabs your other arm to pull you in the
| opposite direction and a third person comes up behind you
| and kicks you between the legs?
|
| Also notice that even if you somehow managed to kill
| everyone on the plane, you'd then be left with just a
| plane full of terrorists for the government to blow out
| of the sky. And if all you wanted was to kill a bunch of
| random people then being on a plane has nothing to do
| with it.
| raw_anon_1111 wrote:
| Terrorism is never about how many people you kill. It's
| about instilling fear and sending a message and the
| downstream economic harm.
|
| Look no further than 911. Two costly unnecessary wars
| (that even republicans don't defend anymore) that caused
| an entirely new generation of people to hate America.
| AnthonyMouse wrote:
| > Terrorism is never about how many people you kill. It's
| about instilling fear and sending a message and the
| downstream economic harm.
|
| But again, what does it have anything to do with it being
| a plane? If they were to blow up a train instead of a
| plane, are people going to be like "haha you idiots, that
| only works if it's a plane"?
|
| > Look no further than 911. Two costly unnecessary wars
| (that even republicans don't defend anymore) that caused
| an entirely new generation
|
| It sounds like you're saying that inhibiting
| overreactions to terrorism would lessen its effect and
| act as a deterrent to it.
| raw_anon_1111 wrote:
| (I edited my above comment. I didn't finish my thought
| "caused an entire generation to hate America").
|
| My wife and I fly a lot so we don't think twice about it.
| But I'm sure you know how many people are deftly afraid
| of flying. Can you imagine how reticent people would be
| about flying if planes start blowing up? Much more
| economic harm comes from a disruption of air travel than
| if mass transit stopped in one city.
|
| No one in America to a first approximation cares about
| trains or mass transit. They are mostly popular in those
| left leaning cities that are infested by criminality any
| way. I can see it now "what did they expect when they
| elected a socialist Muslim" (please note sarcasm).
| AnthonyMouse wrote:
| > Can you imagine how reticent people would be about
| flying if planes start blowing up? Much more economic
| harm comes from a disruption of air travel than if mass
| transit stopped in one city.
|
| There are more than four times more riders of the subway
| in NYC alone than there are plane tickets sold
| nationwide.
|
| Meanwhile if you're actually worried about deterring
| people from flying then what does it do to force them to
| risk missing their flight if they don't waste two hours
| getting there early, or subject them to warrantless
| suspicion, scary radiation, uninvited groping, nude body
| scanners and senseless humiliation?
|
| And all for nothing because it can't be the thing
| preventing people from blowing up planes when tests
| consistently show that they're still letting through
| three quarters of contraband.
| raw_anon_1111 wrote:
| You realize every single country has similar procedures?
| The only difference in my experience flying out of LHR
| (London) this year and flying out of ATL is that you
| don't have to remove your shoes and they allow liquids to
| pass through security after a secondary screening. SJO
| (Costa Rica) was about the same earlier this year except
| they also don't aloud liquids.
|
| You also have to go through screening and metal detectors
| to get on the train between London and France (the
| "Chunnel")
|
| If NY gets disrupted - no one cares outside of New York.
| Do you remember how people were stuck after 911 or more
| recently when a bad software update took out airlines
| nationwide?
|
| There is a reason that the government set up a fund to
| protect the entire airline industry from collapse from
| liability after 911.
| AnthonyMouse wrote:
| > You realize every single country has similar
| procedures?
|
| The US has a way of setting bad precedents or pressuring
| other countries to adopt its inanity, yes. Another reason
| not to do it here.
|
| > If NY gets disrupted - no one cares outside of New
| York.
|
| The very large number of people in New York probably care
| though. Also, why would someone blowing up a train in New
| York be less scary to people in DC than someone blowing
| up a plane in New York would be to people in DC?
|
| > Do you remember how people were stuck after 911 or more
| recently when a bad software update took out airlines
| nationwide?
|
| Less than a quarter as many people as get stuck when the
| NYC subways are offline, presumably.
| netsharc wrote:
| TSA is security theater, but I think checks are still
| necessary. Otherwise people can bring C4 onto planes,
| blow themselves (and the plane) up in the air, and freak
| a lot of "Western civilization" out.
|
| The liquids ban really is bullshit though, it's to
| prevent a fictional movie plot using a bomb mixed up
| using binary liquids...
| AnthonyMouse wrote:
| Binary explosives aren't fictional. They'll make just as
| much of a hole in the plane as C4.
|
| The liquids ban is bullshit because you can have
| arbitrarily many small bottles of liquid and an
| arbitrarily large empty bucket to mix them in once you're
| inside. And because blowing up a plane isn't any more of
| a problem than blowing up a subway car or a highrise
| hotel lobby but it's ridiculous and infeasible to
| stripsearch everyone who goes into a high population
| density area.
| InsideOutSanta wrote:
| What is the purpose of blowing up a plane in the air when
| you can blow up something on the ground and achieve much
| more damage?
| raw_anon_1111 wrote:
| It's not about "damage". Terrorism never is. It's about
| instilling fear and an over reaction that will have
| people sympathetic to your cause. It worked during 911
| and it's working right now in Israel.
| InsideOutSanta wrote:
| Yeah, but that's my point. Planes go missing somewhat
| regularly, and sometimes even get blown out of the sky
| intentionally. It's news for a week or two. So why go
| through the trouble of getting on a plane and blow it up
| in the sky (and kill yourself in the process) when you
| can just blow up something like a music star's concert
| and get more media attention, and even survive the whole
| thing.
| raw_anon_1111 wrote:
| I only see one major domestic commercial airline crash in
| the last decade.
|
| https://en.wikipedia.org/wiki/List_of_fatal_accidents_and
| _in....
|
| Blowing up a concert doesn't cause nearly the fear even
| if people stay away from concerts - no one cares.
| Airlines are different.
| ACCount37 wrote:
| And are you aware of what exactly has changed?
|
| One notable change is: reinforced cockpit doors that
| can't be forced open from the outside easily. Good luck
| hijacking with that.
|
| But another notable change is that plane crews and
| passengers all understand now that plane hijacking is a
| life or death situation, and would fight hijackers to the
| bitter end.
|
| Which is what happened on the very day of 9/11, on Flight
| 93.
| JustExAWS wrote:
| With reinforced doors - pilots still come out to use the
| restroom. Flight attendants usually just block the aisle.
| People will fight back in the case of knives. But how
| much fighting back dk you think is going to happen if
| people have guns?
|
| How long do you think it's going to be before a pilot
| opens the door if a hijacker starts shooting people?
|
| Airport security is by far not just in America with the
| only exception in my experience is that other airports
| don't make you take your shoes off and some allow liquids
| in carryon
| triceratops wrote:
| Why would they have guns? Even pre-TSA airports used
| metal detectors.
| raw_anon_1111 wrote:
| And security was run by private contractors at the
| airport. So you are opposed to the TSA but not security.
| What's the difference?
|
| No you don't pay for TSA out of taxpayer money. The
| airlines do bu adding a cost to your ticket.
| triceratops wrote:
| > So you are opposed to the TSA but not security
|
| I expressed no opinion on the TSA.
| InsideOutSanta wrote:
| If people think the plane is about to be flown into a
| skyscraper, I'm not sure a gun will stop them. There are
| hundreds of people on a plane and at most twenty rounds
| in a gun. The math isn't in the terrorist's favor.
|
| There also isn't room to get away from angry passengers.
| They're probably going to overwhelm terrorists with guns
| relatively quickly.
| raw_anon_1111 wrote:
| I don't believe I'm making up this scenario. But here I
| go..
|
| I would book a first class flight in the first seat in
| front of the plane. Make all of the first class passenger
| - fewer of them, probably wealthier business travelers
| who don't think they are Rambo - move to the back of the
| cabin.
|
| The aisle would be the perfect kill zone. I watched a
| documentary and they said SWAT training for taking over a
| plane from terrorist they know that whoever goes in first
| is likely to get shot.
| AnthonyMouse wrote:
| > You can literally break the law by just pushing your foot
| down harder. It's that easy!
|
| How are you distinguishing that from any other law? You can
| literally break the law against theft by just picking
| someone's pocket. It's that easy!
|
| But that was never the argument to begin with. They're
| proposing a law requiring websites to ban users who visit
| via a VPN. So to begin with we already have a major
| difference. The people subject to the law (websites) are
| different than the people who would be trying to circumvent
| it (users and VPN services).
|
| Meanwhile websites have no actual means to know if someone
| is using a VPN. There are a zillion VPN services and anyone
| with an IP address can start one. There is no way for them
| to comprehensively ban them all. So now what happens? The
| website bans some VPNs -- they would be doing an incredibly
| painstaking job if they managed to get three out of every
| four -- and then the user just tries three or four random
| VPNs or VPN-equivalents until they find one that works and
| keeps using that.
|
| At this point you could try to prosecute the website for
| failing, but then you'd be prosecuting everybody because
| nobody would actually be able to do it. Whereas if making
| an attempt is sufficient for compliance then they check
| their compliance box meanwhile everybody is still bypassing
| it. Which is why it's useless.
| AnthonyMouse wrote:
| > I think us software people tend to think in absolutes.
|
| "Software people" have an above-average understanding of
| probabilities overall. It's politicians who tend to think in
| absolutes. If you tell them that the effectiveness of
| something is poor and vastly exceeded by its costs, they say
| "so you admit that its effectiveness is more than zero". And
| then people will instead have to say that something _doesn 't
| work_ when they mean it has low effectiveness or an
| underwater cost-benefit ratio.
|
| Moreover, a lot of things with computers _actually are_
| absolutes. You can 't backdoor encryption without a massive
| systemic risk to national security and personal privacy of
| someone bad getting the keys to everything. You can't allow
| people to send arbitrary data to each other while preventing
| them from communicating something you don't want them to --
| the same string of bits can have arbitrarily many semantic
| meanings and that's proven with math, and software can do the
| math without the user needing to understand it.
|
| And the most important one is this:
|
| > But for a totalitarian government...
|
| A totalitarian government is trying to do something different
| and illegitimate. Banning VPNs etc. has higher effectiveness
| as a means for censoring the general population than it does
| as a means to prevent crimes or limit contraband in a
| democracy, because criminals will take the required
| countermeasures when the alternative is being arrested or not
| getting their fix whereas laymen are less likely to when the
| alternative is "only" that they don't get to read criticism
| of the government.
|
| "It works better for totalitarian regimes" is an argument for
| _not_ doing it.
| coldtea wrote:
| > _" Software people" have an above-average understanding
| of probabilities overall. It's politicians who tend to
| think in absolutes._
|
| If I had a penny for everytime a software person / nerd on
| HN and elsewhere made an argument that shows little
| understanding of probabilities and statistics, or perhaps
| only a theoritical understand that's context dependent
| (meaning they know the math, but magically forget them when
| discussing some specific topic), I'd be rich.
|
| > _" It works better for totalitarian regimes" is the
| argument for not doing it_
|
| Parent is not justyfing them doing it. They are explaining
| how little exhaustive their implementation can be, while
| still being effective for their goals.
| AnthonyMouse wrote:
| > If I had a penny for everytime a software person / nerd
| on HN and elsewhere made an argument that shows little
| understanding of probabilities and statistics, or perhaps
| only a theoritical understand that's context dependent
| (meaning they know the math, but magically forget them
| when discussing some specific topic), I'd be rich.
|
| If 75% of people in some group are above average then 25%
| of them still aren't.
|
| > They are explaining how little exhaustive their
| implementation can be, while still being effective for
| their goals.
|
| But their goals are different than yours. Or if they're
| not, you're the baddies.
| imiric wrote:
| Unless the government decides to ban all cryptography, or
| forcefully install their own certificates on every device, it
| should be possible to avoid any restriction attempts. If
| they're doing deep packet inspection to detect specific
| protocols, then those can be tunneled via encrypted protocols
| they do allow, such as TLS or SSH. This is certainly more
| inconvenient to use, but not impossible.
|
| If they're blocking all traffic beyond their borders, then
| that's a separate matter, but usually such restrictions are
| more annoying than absolute.
| rvnx wrote:
| Technically it's easy to come around restrictions (for
| example, where I live, RT.com is fully censored "to protect
| me").
|
| But from a lawmaker perspective, the topic is not technical.
|
| The question, at the end, is about the enforcement of the
| punishments that go with circumvention; and in some places
| there is punishment even when you are "just" trying to
| circumvent these restrictions.
|
| It's easy to break-in into someone's place. What prevents you
| from doing it, is the punishment (and potentially ethics),
| not the physical barrier.
| spwa4 wrote:
| > It's easy to break-in into someone's place. What prevents
| you from doing it, is the punishment (and potentially
| ethics), not the physical barrier.
|
| It's illegal to steal a macbook that has been abandoned on
| the train. Try leaving yours and see if the more important
| thing is the physical barrier or
| ethics/punishment/existence of laws.
| Lex-2008 wrote:
| re: SSH - I once heard that in China they can throttle SSH
| speed so it's usable for terminal work, but not for copying
| files or browsing web.
| pxc wrote:
| Take a look at the tools Chinese people use to evade the
| national firewall. They're extremely sophisticated, and need
| to advance all the time because the GFW constantly becomes
| more sophisticated. There are a lot of encryption
| technologies that the government also allows to work until
| they block them at a critical moment. All of the VPNs you've
| ever heard of in some advertisement on YouTube or whatever
| are easily and totally blocked in China.
|
| Governments can make evading their censorship very difficult,
| painful, and risky, if they want to. It can have a huge
| impact.
| whydoineedthis wrote:
| I dont think so. I run a VPN whitelabel and its parent
| company is based in China.
| bogdan wrote:
| You can buy a Hong Kong esim in China that has access to
| everyrhing. You can use any vpn service and it just works.
| The only place I had trouble was the airport wifi but
| shadow proxy works fine. So I don't know what you're
| talking about
| crystal_revenge wrote:
| > All of the VPNs you've ever heard of in some
| advertisement on YouTube or whatever are easily and totally
| blocked in China.
|
| Have you actually been to China? I was there not long ago
| traveling around a range of cities and never had trouble
| with either Mullvad or Astrill having used both hotel and
| residential networks. I have many friends who have similar
| experiences. In fact, I've never recalled anyone having
| _trouble_ getting outside of the great firewall.
| InsideOutSanta wrote:
| The last time I was in China a few months ago, I used an
| off-the-shelf, popular VPN, and it worked perfectly fine.
| SoftTalker wrote:
| The thing is, you're still breaking the original law, which
| is "you must prove your age to access this content."
|
| Using a VPN, or any other technical workaround you can think
| of, doesn't negate that the law in your state says you must
| prove your age to access the content.
|
| States require proof of age to purchase alcohol. You can ask
| someone who is of age to buy it for you, that doesn't make it
| legal for you to have it.
| wartywhoa23 wrote:
| But then VLESS is thriving and the only way to stop this is by
| enforcing whitelists. Which is not something those scumbags are
| incapable of, of course.
| flexagoon wrote:
| Is it working in Russia? I'm Russian and basically every single
| person I know has and actively uses a VPN with no consequences.
| WireGuard also works just fine - I was able to selfhost and use
| it without any extra obfuscation. They only blocked a few
| largest providers, but that's seemingly it.
| defanor wrote:
| > every single person I know has and actively uses a VPN
|
| I do know people who use no circumvention methods: some are
| simply not sufficiently familiar with technologies (including
| older people, who seem to think that something is wrong with
| their phones), for others it is a mix of regular shying away
| from technologies and being worried that it draws the
| government's attention. And then there are those who appear
| to genuinely support the censorship (or whatever else the
| government does). I also hear of people switching to local
| services as the regular ones are blocked.
|
| Anecdotal data is of little use to determine the extent
| though, and trustworthy statistical data may be hard to come
| by, but if you somewhat trust the Levada Center, their polls
| indicate that YouTube's Russian audience halved following the
| blocking, among other things. [0]
|
| > WireGuard also works just fine - I was able to selfhost and
| use it without any extra obfuscation.
|
| For both IPsec and WireGuard, I have both heard of the blocks
| [1] and observed those myself, particularly to servers across
| the border (which were otherwise available; there is a chance
| that I misconfigured something back then, but I recall it
| working fine with local servers). For IPsec, I have also
| observed blocks within the country (and RKN lifting those on
| request, confirming an intentional blocking that way, twice;
| also confirmed that those were for IPsec packets in
| particular, not any UDP). But possibly it does not affect all
| the foreign subnets: as with a recent blackout [2], when
| quite a few were affected, but not all of them.
|
| [0] https://www.levada.ru/2025/04/24/polzovanie-internetom-
| sotsi...
|
| [1] One of the recently seen public mentions is at
| https://blog.nommy.moe/blog/exotic-mesh-vpn/
|
| [2] https://github.com/net4people/bbs/issues/490
| idiotsecant wrote:
| Are you saying that it's reasonable to think _fully half_
| of YouTube traffic was Russian?
| defanor wrote:
| Of course not: I meant Russian audience, which that poll
| and the post were about. Added "Russian" into the post,
| to avoid further misunderstandings.
| drdaeman wrote:
| > WireGuard also works just fine - I was able to selfhost and
| use it without any extra obfuscation.
|
| Good for you. I have a few machines around the world (a truly
| geo-distributed homelab lol), and my node on a residental
| connection in Russia (north-west, no clue about other
| regions) has pretty spotty vanilla Wireguard connectivity to
| the rest of the world - it works now and then, but packets
| are dropped every other day. My traffic patterns are unusual
| compared to usual browsing (mostly database replication), and
| something seem to trigger DPI now and then. Fortunately,
| wrapping it in the simplest Shadowsocks setup seems to be
| working fine at the moment.
|
| But yeah, can confirm, VPNs are ubiquitous and work
| reasonably well for everyone I know who still lives there.
| Although I think all decent VPN providers have measures
| against traffic analysis nowadays, as plain Wireguard is not
| exactly reliable.
| eutropia wrote:
| Why and how is your homelab distributed like this?
| majormajor wrote:
| I'd be concerned there about the combination of "loggable"
| with "practically everyone breaks the law every day" (the
| latter is generally true in many countries, but not always in
| ways that are easy to record). You can get away with it but
| if you ever displease someone, then the consequences could
| show up suddenly then.
| hereme888 wrote:
| Russia is not even remotely similar to the U.S.A. in terms of
| freedom, rights, and infrastructure.
|
| Politicians will never be able to ban VPNs or vetted e2e
| encryption (like signal, and now X) in the US. Especially with
| this strongly pro-American, strongly pro-privacy admin and
| Supreme Justices on the watch.
| gilli wrote:
| Tell me another joke..
| hereme888 wrote:
| Here's one: How successful was the combined efforts of
| politicians + 3-letter agencies + universities, at banning
| computer encryption in the past? Not successful at all,
| hahaha.
| bccdee wrote:
| Banning encryption proved infeasible, so they just
| switched to programs like PRISM instead. That was very
| successful.
| bccdee wrote:
| > Especially with this strongly pro-American, strongly pro-
| privacy admin
|
| lol
|
| "pro-privacy" and "pro-cop" are diametrically opposed, and
| Republicans pick "pro-cop" every time. And "pro-American"
| doesn't mean anything; it's a marketing term.
|
| > Supreme Justices on the watch.
|
| Have you been keeping up with their rulings? The Roberts
| court is completely spineless. They do whatever the
| administration wants and justify it post-hoc. In their shadow
| docket rulings, they don't even bother with justifications.
| porphyra wrote:
| One time in China (in 2018) I ran my own OpenVPN instance on a
| Linode VPS in Singapore, and then it got blocked within a
| couple of days lol. I'm guessing it was deep packet inspection.
| liveifsh wrote:
| I'm from Russia, can confirm that. We are constantly trying to
| get around these blocks but no tech can help from cutting
| international connections. Also there is another issue: local
| browsers (Yandex and Atom from Mail Ru group) are using
| government certificates by default. That means that https
| encryption between sites inside the country becomes useless
| drysine wrote:
| >simply cut international connections (as is already practiced
| temporarily and locally)
|
| No, international connections are not cut.
|
| The mobile internet gets cut locally and temporarily when the
| Ukraine attacks Russian cities trying to terrorize population.
| Several essential or popular Russian services are whitelisted.
| All the rest of Russian internet is as inaccessible as foreign
| servers.
| yatopifo wrote:
| The name is Ukraine. There is no "the".
| josephg wrote:
| > The mobile internet gets cut locally and temporarily when
| the Ukraine attacks Russian cities trying to terrorize
| population.
|
| It's hard to feel sympathetic when Russian bombs have been
| "accidentally" hitting Ukrainian civilians since day 1 of the
| war.
|
| Has the war been affecting civilian life in Russia much? I
| hear Ukraine has been targeting the Russian power grid
| lately.
| ninetyninenine wrote:
| How are vpns detected?
| pipes wrote:
| I'll be surprised if my country (the UK) doesn't go down the same
| path. I don't like the reform party, but they seem to be the only
| party that see the danger in all of this.
| SwtCyber wrote:
| It's like trying to ban people from whispering in public because
| someone might say something inappropriate
| billy99k wrote:
| Still not as bad as the previous administration colluding with
| Facebook, Twitter, and Youtube to censor American citizens and in
| many cases, get them fired from their jobs.
| raw_anon_1111 wrote:
| Yes instead now we have a president accepting bribes from
| companies - Paramount, Disney, Google, Twitter and Facebook.
|
| Trump also called out someone to be fired from Microsoft he
| didn't like and let's not forget that the FCC threatened ABC
| because Kimmel dare speak bad about a racist podcaster.
|
| States also were firing teachers because they said mean things
| about the same podcaster.
|
| https://amp.miamiherald.com/news/state/florida/article312903...
| keraf wrote:
| Reminds me of my time in Zanzibar, where the internet was
| censored and some VPN providers (like Proton) weren't working.
| The authorities then imposed a complete ban of VPNs without
| permit, with threats of harsh punishment (2000 USD fine or 12m in
| prison). Exceptions could be made by filling a form justifying
| the use of the VPN and details about it (for example IP address)
| but reviews are slow and obscure.
|
| The context with this article is different but the similarities
| are with how lawmakers misunderstand VPNs. They are an essential
| tool for workers and there are many other ways to circumvent
| censorship without VPNs anyway. The irony of this ban is that
| Zanzibar also wants to attract digital nomads, and the most
| important tool for them is an unrestricted and reliable internet
| connection.
| moffkalast wrote:
| I guess the sultan of Oman will have to move somewhere else
| now.
| mark_l_watson wrote:
| Sadly (at least for me, I am a US citizen) we are seeing the slow
| burn collapse of western 'democracies' and the slow steady rise
| of the global south.
|
| Western leaders are in panic mode. I am not very political but
| when I look at the last Biden administration and the current
| Trump administration I see two men in panic mode - very weak.
|
| A partial solution to western civilization collapse is to make
| ourselves as individuals strong: prioritize family, friends,
| continual life long education, spirituality, highly productive
| work, supporting our local communities, etc.
| elzbardico wrote:
| You're one of the few that correctly sees this goes beyond
| partisanship boundaries.
|
| The polarization keeps us divided. Meanwhile, the billionaire
| become more and more rich and powerful, no matter which sides
| currently has the power. Baillouts, tax cuts, regulation or de-
| regulation. Doesn't matter, there is a group who always win.
| LexiMax wrote:
| Our current crop of leaders are, to quote Succession, not
| serious people.
|
| You could point to many examples why, but I don't think
| there's a better example of this than how China managed to
| utterly snooker the west when they tried to run the same old
| economic imperialism playbook on them.
|
| The nepo-babies making those decisions who wanted to coast on
| the US's global superpower status were outsmarted by a hungry
| up-and-comer. Now they're pissed off, but don't have an
| actual plan for how to fix things, so they're resorting to a
| series of own-goals that make them feel good in the moment.
|
| Some of them are even building bunkers, but don't seem to
| have the foresight to understand that they're either setting
| themselves up to bend the knee to the first warlord who lays
| siege, or betrayed from within by their bodyguards. Like I
| said, not serious people.
|
| These are dark times, and as an individual it can sometimes
| feel hopeless. I don't know if we can save our country. But
| you can try saving yourself, your friends, your family, you
| community, the people you truly care about.
|
| Good luck, everyone.
| hylaride wrote:
| Western "democracies" are most certainly fraying, but the rise
| of the global south is nowhere near a certainty. Their
| institutions are nowhere near strong enough, especially rule of
| law. People are also not migrating en-mass to them, either.
|
| > A partial solution to western civilization collapse is to
| make ourselves as individuals strong: prioritize family,
| friends, continual life long education, spirituality, highly
| productive work, supporting our local communities, etc.
|
| I broadly agree, but western civilization has had so much
| regulatory capture by vested interests that sap productivity
| (whether it's US billionaires capturing the tax code or
| retirees in France demanding the state fund their arguably too
| early retirement) that individualism may not be enough.
| fwip wrote:
| Okay, I'm generally a fan of the EFF, but what they say in this
| article is untrue?
|
| > Their solution? Entirely ban the use of VPNs.
|
| > Yes, really.
|
| Which is then followed by the actual explanation:
|
| > an age verification bill that requires all websites
| distributing [...] "sexual content" to both implement an age
| verification system and also to block the access of users
| connected via VPN.
|
| This doesn't ban VPNs - it requires age-verified sites to block
| VPN users.
|
| Which makes 3 of the 4 categories they describe basically
| unaffected by the change to the law. Business users, students,
| journalists protecting sources - all can turn off their VPN to
| access porn when they want to, and enjoy the use of their VPN at
| any other time. (The fourth category is "people who want
| privacy," who are in fact negatively affected by the law.)
|
| Don't get me wrong, I think this is a bad bill, but it's also a
| bad article that is basically lying.
| trollbridge wrote:
| Considering many of these VPNs are operated by shady groups that
| probably sell data to intelligence services, I suspect efforts to
| ban them will mysteriously fail.
| pxc wrote:
| It's also possible to write legislation that makes it difficult
| for new or independent entrants, which funnels more business
| and traffic to the honeypots.
| bithead wrote:
| They will then need to be all encrypted traffic if such a law
| survive legal challenge.
| motohagiography wrote:
| ive been invovled in privacy for decades and not once has anyone
| named the parties behind the bills or authors of it, or who
| lobbies and uses leverage over lawmakers to push these bills
| through.
|
| they are persistent and have continuity through generations,
| organize across borders, influence manufacturers and even
| pressure individual developers.
|
| tech doesnt secure privacy. finding these people and calling them
| out directly might.
| treebeard901 wrote:
| All it does is make it easier for the Government to monitor VPN
| connections. They already can request logs from providers. Most,
| if not all VPNs require a proof of identity which is used to
| subpoena your data. Next up is device security itself. Most
| phones can be remotely compromised with man in the middle style
| certificates. Most sites do not use certificate pinning and there
| is always a master key for decryption built in at the certificate
| authority level. Unless you have banking level certificates with
| certificate pinning between sites, a random VPN not tied to your
| identity and secure devices, a VPN just sells you the illusion of
| security.
| jamzer wrote:
| Huh?
|
| > All it does is make it easier for the Government to monitor
| VPN connections.
|
| That is not all it does. We're talking about them banning VPNs.
|
| > They already can request logs from providers.
|
| Most claim they do not keep logs. This has been proven for
| certain providers. Providers operating in different
| jurisdictions are not necessarily obligated to provide these
| logs.
|
| > Most, if not all VPNs require a proof of identity...
|
| I have never been asked by a VPN for proof of identity.
|
| > Next up is device security itself...
|
| This is by far a separate issue. Yes it is true mitm attacks
| are still possible when using a VPN, they do however provide an
| extra layer of security and shift trust to an entity you should
| consider trustworthy (your VPN) from a possibly untrustworthy
| LAN, ISP, or country.
|
| This is ignoring the primary use which is of privacy.
| Governments have shown time and time again when possible they
| will implement blanket surveillance and often not follow due
| process. Just as someone, some organization, or some government
| should require a very good reason to open your mail, or obtain
| a warrant to search your house, they should too require this to
| eavesdrop on your digital communications.
|
| VPNs and similar technology are also useful to those under
| oppressive regimes to communicate privately. While this is not
| currently the case in the US, the mechanisms to retain the
| freedoms currently enjoyed should be upheld in case they are
| ever required.
|
| Further, you ignore the benefits VPNs provide in terms of
| geoblocking.
|
| Finally, VPNs are also useful in corporate, education, and
| other networking settings including accessing your home network
| from elsewhere or remote services you host.
| Longlius wrote:
| >Most, if not all VPNs require a proof of identity
|
| I've never been asked for proof of identity by a VPN.
| helterskelter wrote:
| The water's getting a little warm isn't it, fellow frogs?
| lifty wrote:
| Too much hassle to fight it. Better scroll a bit more on tiktok
| Traubenfuchs wrote:
| So 2020 - 2030 will be known as the years when "western
| societies" (read: corrupt politicians that see us as nothing but
| cattle) decided to become more authoritarian and dystopic than
| China and Russia.
| senshan wrote:
| If the goal is to protect minors, then alcohol may be a better
| model:
|
| a) Alcohol is considered harmful for minors, hence
|
| b) It is unlawful for minors to posses and consume alcohol;
|
| c) It is unlawful to sell alcohol to minors;
|
| Similarly:
|
| 1) Internet may potentially contain harmful material, hence:
|
| 2) It is unlawful for minors access Internet;
|
| 3) It is unlawful to sell or provide to minors access to Internet
| or any devices or services that facilitate access to Internet
|
| Easy-peasy
| para_parolu wrote:
| Protecting minors is never a goal. But punishing VPN providers
| will be next step after banning usage.
| senshan wrote:
| Exactly, but each time any lawmakers wants to "protect the
| children", the "alcohol solution" needs to be brought up.
| While it is somewhat ridiculous when applied to Internet
| access, it bring in the right perspective -- the population
| as a whole does not need to be affected by the measure
| TZubiri wrote:
| Showing ID to buy alcohol is pretty common though.
| Spivak wrote:
| Yes but on the internet, at least in the US, asking "Are you
| 21 Yes/No" with no actual check has been acceptable. Same
| with all mature content like violence and porn.
|
| Someone needs to make a case as for why in 2015 this was
| perfectly acceptable but in 2025 it's not anymore. The
| internet has gotten _tamer_ since its inception and porn is
| still porn, exactly as depraved as it always was. What 's
| considered the bad parts of the internet these days used to
| be the whole thing.
| senshan wrote:
| Right, but only when and where you buy it, not when and where
| you drink it.
| accrual wrote:
| Extending the analogy would be a pretty weird but plausible
| thing - you show your ID to buy "internet credits" then go
| home and use them however you want. But those credits
| probably have an ID or known endpoint that will be tied to
| your ID/credit card.
| wartywhoa23 wrote:
| People of the West, repeat after me:
|
| Xray
|
| Vless
|
| Hiddify
|
| Streisand
|
| (and buy VPSes by heaps while you can)
| Bender wrote:
| This will be an unpopular take, but... ban all the VPN's. Do it
| now.
|
| Every time such a thing happens new technology is created out of
| necessity. The more totalitarian a regime is the more people are
| pushed under ground. This only hurts big companies and
| governments that benefit from having all the juicy delicious data
| flowing through cooperating CDN's and big centralized platforms
| where they can see it real time and with real identities.
|
| Motivate developers to make easy-peazy tools to push the normies
| to Tor, SSH tunnels, hybrid open source VPN's, DNS tunneling,
| HTTPS piggy-backing, Obfuscated HTTPS websockets, Domain
| Fronting, Lora Relays, Laser Relays, open source user-space mesh
| VPN's like Tinc and watch the arms race unfold.
|
| My super secret ulterior motive is that I despise the big
| platforms including all the big VPN platforms that have money
| trails _or claim BTC is anonymous_ and claim to not log anything
| or have real time lawful intercept API 's thus allowing them to
| claim no logs.
|
| I octo-dog dare governments to ban VPN's.
| TZubiri wrote:
| How does changing post titles work? I think it's more accurate
| that:
|
| "Lawmakers want to ban VPN users from accessing porn websites."
|
| or
|
| "Lawmakers wants porn websites to ban VPN users"
|
| It's an important distinction that has caused a lot of confusion
| in the last thread about this article.
|
| I know that the author is arguing a slippery slope for political
| reasons, but it's not factual and it causes confusion.
| matheusmoreira wrote:
| Remember the days when governments the world over didn't seem to
| realize the internet existed? I miss those days. I used to
| complain about and laugh at their technological ineptitude. Now I
| wish I could turn back time.
| mcintyre1994 wrote:
| This seems like an insane way to achieve what they want. I'm
| surprised they don't pass a law like the UAE has - it's illegal
| to use a VPN to get around internet censorship.
___________________________________________________________________
(page generated 2025-11-15 23:01 UTC)