UK households could face VPN 'ban' after use skyrockets following Online Safety Bill
Prominent backbench MP Sarah Champion launched a campaign against VPNs previously, saying: “My new clause 54 would require the Secretary of State to publish, within six months of the Bill’s passage, a report on the effect of VPN use on Ofcom’s ability to enforce the requirements under clause 112.
"If VPNs cause significant issues, the Government must identify those issues and find solutions, rather than avoiding difficult problems.” And the Labour Party said there were “gaps” in the bill that needed to be amended.
https://www.birminghammail.co.uk/news/midlands-news/uk-households-could-face-vpn-32152789Open linkView original on lemmy.dbzer0.com1044
Comments356
Just to fast-forward this dumb cat-and-mouse thing, the next step is people go back to torrenting their porn and deeper down the rabbit hole of garbage "free" websites skirting the rules.
As always, the UK is useful on the international stage because sometimes you need to be able to point at some idiot trying dumb stuff to explain to people why dumb stuff is dumb.
It does feel that way. UK bureaucracy is just one giant guinea pig stunting it's own commonwealth.
Next someone will try enforcing paper umbrellas as a solution for climate action. We'll all say, "That won't work". They'll still do it; it won't work. We'll say, "We told you so", and it won't get reversed because they're already aiming at the next foot to shoot.
There has to be a logical next step for the information age. Old school government is not fucking working, and we can all see it.
The fact that there aren't large scale riots already is astounding.
He tries his best...
100% Brexit quickly shut up similar movements when people saw how badly it went
Now if only Trumpism would have shut down extremist right wing idiology globally.
Trumpism is still in progress, maybe...
It should have died when he tried to coup the US government after he lost the 2020 election.
Alberta seems to have missed that memo.
Damn Alberta; always trying to leave the EU.
I’m uninformed. What’s the reason for the porn ID thing? Is it just porn or more?
Surveillance due to paranoia due to all the shady shit they're doing.
Neoliberal political class implementing fascist surveillance capitalism laws — masquerading as child protection — because they are owned by a fascist oligarchy.
It's never about the children, it's an excuse for surveillance capitalism.
Christian evangelists at the root of it all. 'nuff said.
Must protect the children
You know the old saying... The politicians don't want children to be able to recognize a cunt.
If data is collected that can be used for blackmail, it will eventially be used for that purpose.
It's probably true that a few anti-porn people exist somewhere in the world. It's certainly true that fascists love adding in new tools to keep the general population from using the internet freely.
So the answer to your question is yes, and yes.
It also general censorship they are applying it to some political content as well.
Then, we move to the socks proxy, or tor, or other options I haven’t even considered yet.
I am pretty sure they would consider tor as using a VPN.
Probably they would demand ISPs to run lists of known VPN addresses and if you connect to them, they will forward the information to the anti-terrorism unit and you will get SWATed.
If Russia, China, and Iran cannot stop tor usage, there's no way the UK can do it.
I believe China can stop any kind of access at any time, they just choose to allow a certain percentage of folks to get through above a certain bar of sophistication and need.
Don't the people in those countries use a proxy to access tor first? probably that means cycling through the proxies regularly as they become known. I have no doubt that it is impossible to prevent truly tech savvy people from access. Also Russia, Iran and China all run state sanctioned hackers, so the governments have a vested interest in allowing these groups to obscure where they are coming from.
But i am not sure how much that transpires to a broader public.
That's what things like snowflake and bridges are for. Because, at least with snowflake, it just looks like a webRTC phone call. But it's actually tor traffic. And snowflake proxies are ephemeral, since you can just run them in your browser and help anyone connect.
Their next strategy will be to keep a list of websites that are “government approved”, I'm afraid. Long live the Great UK Firewall!!
go back?
This kinda proves that it was never about the children. How many children have know how and the means to buy a VPN subscription?
Still an important part. Free VPNs that spy on you are a thing, but work
One of the rare ones
.
All it takes is one big brother/sister that knows how to access a free or paid VPN and their 5 year old little sibling and all their friends will have it also. Despite the difficulty teaching them math or history, they DO learn very quickly and are fast to figure out new things that interest them.
Do you know what's smarter and more talented the the UK government?
14, 402, 544 kids............
Were you never a child? I formatted my family pc and reinstalled windows xp in 5th grade, and used a proxy to circumvent the schools online filter in 7th grade.
Children are not as stupid as you seem to think
VPNs also accept many anonymous payment methods that happen to be easily accessible to children, like gift cards. And free VPNs exist
Where there is a will there is a way, I guess.
Still, a possible ban on VPNs affects way bigger group of business and adult users than the number of tech savvy kids.
Where should the line be drawn? How much rights should everyone have to give up so that little techie Billy can’t hack his way to see some titties?
I started using a VPN after my friends/classmates told me about them in my Sophomore year of HS, mostly to get around the Wifi banning us from accessing certain apps (social media). Now, like all the other dumb kids, I used whatever they recommended, which was some shitty "Free" VPN that was probably stalking my data. But by Senior year, I smartened up and learned about online privacy and got myself a Proton VPN subscription after using the free version for a bit.
So yeah, I could totally believe middle-school and up are using VPNs, cause that's what we literally did.
Just needs a Union Jack on his hat and the wrapping paper and "UK" in place of "US" on the box.
The government: Parents have you tried being a parent to your children?
Parents: Oh lord no that's too difficult can't you just, I don't know lol, ban it or something?
In my English textbook, ca. 2007 there was a comic of a child in a cage hanging outside the house. The father told the neighbor something like "This way they get out of the house, but stay off the streets."
I think that hit quite well, what many consider parenting in the UK.
Those child cages were real. They would attach to a window similar to AC units today.
This government literally can't afford to fuck about wasting money yet here they are. Proving they are imposters failing the country.
This ends with just another war on encryption.
When encryption is legal, they can't know what is going on between two points. They going to make is so we can only have encryption to nodes they trust?
It is dangerously technologically illiterate to wage war on encryption.
Jokes on you, e2e encryption is already banned in some cases in the uk afaik. Hence apple dropping some cloud services
Easy enough to do when it's mega corps. They don't really care about anything but money. If everyone had self hosted services with e2e, be far harder. Encryption is everywhere now.
So they will go after the end points. Which again, is a battle they can't win. All very Cory Doctorow's "Unauthorized Bread".
If you care about this stuff:
UK: https://action.openrightsgroup.org/make-one-donation US: https://www.eff.org/pages/donate-eff EU: https://my.fsfe.org/donate
There will be others too, those are just in my head's cache.
Some how we need to get governments to listen to us serfs instead mega corps and authoritarian police/spooks.
The world they want is not only terrible for digital and political freedom, but competition, thus functioning markets. It's terrible for making developers and makers instead of dumb consumers, which in turn, is terrible for technology and progress.
If I was black hatter I would be looking at these people like they just dropped a golden goose.
Best of luck with that, idiots. How are you planning to tell the difference between my personal VPN and my work VPN?
Next step: ban on remote work.
It's not just remote work. All our manufacturing sites use to VPN connections data centres. It would cripple manufacturing on an epic scale if they were instabanned.
Well we just fire you, and the one you’re still using then must be your personal one!
He means, how is the government supposed to tell the difference between personal and work vpns.
he just answered your question. maybe read it again
Either just banning remote work or more realistically you'll need a permit for running a vpn server. Permit pricing starting at 100k a year
How many small businesses can afford such permit? Hell, I'd argue that even bigger companies will have a problem paying for that.
Also, what if I just connect to a vps overseas and set my exit point there? Will they ban vps too? This is gonna be so much fun to see from the outside
Feature, not a bug.
They want people back in offices to help landlords and property prices. This way they can say that remote work is not banned and it's just companies choosing not to buy a permit and offer it.
I work from office and i regularly use a vpn at work to connect remotely to devices that are not physically with me. Not to talk about companies that provide remote assistance and use them to connect to their customers devices.
Remote work is just a byproduct of vpns, but not the real reason why you use them at work.
You think given how well thought through this online safety act has been that they'll understand that would be an issue and legislate accordingly?
Absolutely not, of course. I'm just hoping they try to enforce this so a shitstorm of proportions only seen in the brexit will ensue.
One thing we must acknowledge to these idiots is how much effort they put on showing the world the consequences of extremely stupid acts so the rest don't have to do it.
Kinda sucks to be the world's policy alpha tester though.
VPN ban risks pushback from their billionaire masters. Multinational corporations don't want to deal with anything that could hurt profits.
yes everything will be banned and binned. better dust off that carrier pigeon
They wouldn't consider such rational things
What about the VPN I have to my home?
If they outlaw VPNs then all internet-connected businesses will flee and everyone will just move to the dark net. Then you’ve got a whole other problem.
These ancient tyrants are in over their heads.
Honest question but what makes you think that would happen? Do most businesses use VPNs?
VPNs are one of the core security measures of all large companies.
VPNs aren't just a "hide your IP" tool, they're a way of giving someone access to an organisation's internal network. Sensitive servers such as databases, wikis, scheduling tools etc don't have publicly exposed IPs, they only have connections that are accessible from inside that VPN. See also https://en.wikipedia.org/wiki/Defense_in_depth_(computing)
I have never worked for a company that didn't utilize VPNs.
I work in consulting. I have a VPN for my company and also for each client
Damn near every business uses VPN technology. They literally cannot exist in the modern world without it. It would be incredibly expensive and impractical to do without.
I have no less than 7 VPNs installed on my work laptop, and I work for one single company.
The UK has long championed writing legislative checks that their emaciated state infrastructure can't cash.
If they do outlaw it will likely be banned solely for non-business use for this reason alone.
If only I could start my own business….
become a sole trader with no assets, no expenses but still a business. Sorted!
That sounds a bit like fear mongering from Reform: a VPN is safety 101 when using public networks, and most businesses make use of VPNs to secure their data. They are also a key component if WFH (you use the company VPN).
If Labour are stupid enough to go after VPN usage, I suspect it would guarantee their loss at the next election.
Eh, I dunno. The vast majority have no idea what a VPN is. If a VPN ban benefits Rupert fucking Murdoch then the tabloids will wang on about how they're used by paedophiles and people smugglers and that'll be that.
It has always been the main aim of legislation like this to nobble VPNs, they just needed the "child" "violent pornography" etc. excuse to do so. UK government already monitors all of the internet traffic for the UK, except for MPs who are exempt, VPNs are a blocker for this.
Obviously, not even the UK government would expect a private VPN ban (work VPNs would likely need an Ofcom license) to stop everybody from using a VPN or suitable alternative, its not the aim. The aim is to stop the majority from doing so and criminalize the minority who do still bypass the block as it gives them the power to seize equipment, ask for your logins (its illegal punishable with jail time to not supply this in the UK), request ISP logs etc. to deep dive into your life.
Work VPN doesn't look any different a porn VPN to the people tapping the line.
Yeah that's the point of the license from Ofcom, to approve the endpoint address used for the VPN. Most work places don't use some random IP address but a small pool of known DNS entries for their endpoint. Just because you are using a VPN doesn't mean nobody can see which endpoint you using.
It would have been smarter for the UK to mandate that every ISP must provide a family filter for free as part of their service. Something that is optional and can be turned on or off by the account holder but allows parents to set filters (and curfews) if they want. They could even require that ISPs require new signups to affirm if they want it on or off by default so people with families are more likely to start with it enabled.
The problem is that content filters don't work all that well in the age of https everywhere. I mean, you can block the pornhub.com domain, that's fairly straightforward ... but what about reddit.com which has porn content but also legitimately non-porn content. Or closer to home: any lemmy instance.
I think it would be better if politicians stopped pearl clutching and realized that porn perhaps isn't the worst problem in the world. Tiktok and influencer brainrot, incel and manosphere stuff, rage baiting social media, etc. are all much worse things for the psyche of young people, and they're doing exactly jack shit about that.
They know. The "think of the children" angle is just cover to enrage the tabloid readers and to be used as a straw man against anyone criticisng the law ("you're a pedophile"). The real purpose is "let's enumerate the IDs of everyone who uses the internet for anything we don't like" and "let's censor anything we don't like starting with LGBTQ content"
That's a problem is for ISPs and content providers to figure out. I don't see why the government has to care other than laying out the ground rules - you must offer and implement a parental filter for people who want it for free as part of your service. If ISPs have to do deep packet inspection and proxy certs for protected devices / accounts then that's what they'll have to do.
As far as the government is concerned it's not their problem. They've said what should happen and providing the choice without being assholes to people over 18 who are exercising their rights to use the internet as they see fit.
No, there are very good technical reasons why this approach can't work.
There is no deep packet inspection on properly encrypted TLS connections. I know TLS termination and interception and recertifying with custom certificates is a thing, but even if it were feasible to implement this on millions of client computers that you don't own, it is an absolutely god awful idea for a million reasons and much worse for privacy and security than the age-gate problem you're trying to work around.
Actually it can be done and is being done. Software like Fortigate Firewall can do deep packet inspection on encrypted connections by replacing certs with their own and doing man in the middle inspection. It requires the browser has a root CA cert that trusts the certs issued by the proxy but that's about it. Filtering software could onboard a new device where the root cert could be installed.
And if Fortigate can do it then any filtering software can too. e.g. a kid uses their filtered device to go to reddit.com, the filter software substitutes reddit's cert for their own and proxies the connection. Then it looks at the paths to see if the kid is visiting an innocuous group or an 18+ group. So basic filtering rules could be:
This is eminently possible for an ISP to implement and do so in a way that it ONLY happens when a user opts into it on a registered device while leaving everything open if they did not opt into it.
And like I said this is an ISP problem to figure out. The government could have set the rules and walked away. And as a solution it would be far more simple that requiring every website to implement age verification.
I know how it works, so spare me the explanation. It's not that as easy as you make it out to be. OS and browser companies are actively fighthing "rogue" root CAs and making it harder and harder to use custom CAs, especially on mobile devices.
And for good reason, because by accepting a rogue root CA that's not your own, you're basically undermining the whole trust system that SSL is based on and surrendering all your online privacy and security to the government and your ISP. Whoever has control over that custom root CA has the keys to your online life.
Rolling such a system out countrywide is utter madness.
You obviously didn't know how it works if I had to explain it was already possible. And I am not aware of any mobile device that prevents you installing a new root CA.
And it isn't "madness", it's a completely workable way to offer filtering for people who want it for kids and have no filtering or censorship for anybody else. It is a vastly better option than onerously demanding adults provide their identity to random and potentially adult themed websites where they could be victims of identity theft or extortion
If you read my comment properly, you'll see that I wrote: "I know TLS termination and interception and recertifying with custom certificates is a thing"
Yes it is. TLS interception should never be normalized because it breaks the chain of trust upon which TLS is based. It can be useful in some situations, like the fortigate firewall where you control the certificate, but ISPs nor the government should be trusted to wield this power over virtually the whole country. It is a very slippery slope.
On Android, apps can't install their own root CA. The user has to manually download it, then jump through a bunch of hoops and deeply nested menus to install it and in the process ignore all the scary warnings that their communication may be intercepted if they install and trust this certificate, and (at least on Pixel phones) they get a permanent warning in their notification tray that someone may be eavesdropping on them. Which is correct.
I'm strongly against government mandated age gates myself, but you're objecting for the wrong reasons. You're not providing your identity to the adult website. You're providing it to the third party identity verifier, who then certifies to the adult website that you are an adult without passing on your actual identity. Keep this in mind when you're arguing against it, because pro-age-gater puritans can use it to undermine your argument.
I object to it first and foremost on principle. I shouldn't have to request permission from a third party or the government to do perfectly normal legal adult things in the privacy of my own home.
Secondly, there is still a privacy problem at the "identity verifier". They may swear up and down that they do not store my identity data, but there is no way to prove that one way or another so I cannot trust that my data can't be leaked through them.
Thirdly, when viewing adult content, I don't want there to be any association between my real identity and the adult content whatsoever, even through a third party, and I don't want there to be anything that uniquely identifies me.
Finally, I object to the (re)demonization of all things sexual in our societies. We seem to be backsliding into puritanism under the guise of protecting the children, while we're doing nothing to protect them from real actually harmful online things that are damaging the younger generations beyond repair.
I have a Gen Z stepson, and all the ways in which he is fucked up by the online world (no attention span, permanent online-ness, no real world friends, always seeking instant gratification, unrealistic expectations about life, an overly materialistic worldview, plenty of manosphere bullshit, ... ) have precious little do do with viewing porn.
@arc99 @SpaceCadet thats basically allowing the Government to force the ISP's to build a solution which is able to sensor every content. Sorry there is alot of reasons why you should be against it.
PS: even your deep packet inspection falls short to end 2 end encryption / decryption ...
Deep packet inspection already happens on encrypted traffic (Fortigate Firewall) so it's eminently possible for filtering software to do the same.
@arc99 please inform yourself about end to end encryption and decryption.
All i say is you haven't understand what is happening on this firewall and what this firewall can do and what the firewall can't do.
I'm intimately aware about what it can and cannot do. And it can intercept and man in the middles any https traffic
@arc99 but end 2 end encryption is not by default https traffic ;) ssh / vpn are protocolls ( end 2 end encryption, decryptio) and this firewall can't deep inspect while this protocoll can easy tunnel other tunnels.
The new Christian nationalist orders are not so patient. Even Charles X of France rolled back rights too speedily, sparking public outcry resulting in Parisian haircuts. (a bit off the top 🪟🔪)
SCOTUS used to be sneakier, carving out sections of fourth- and fifth-amendment protections, but since Dobbs the Federalist Society Six have tossed subtlety and reason to the wind and now adjudicate away rights based on vibe and conservative rhetoric grievance.
Hopefully the US and UK both will recognize why the French public was swift to act when manarchists took shears to the Napoleonic Code.
Lots of ridiculous-looking people in politics today. They could use some haircuts.
The problem is that they're not trying to protect kids. They're trying to be like China where every user has to identify themselves so they can be tracked across the internet.
Crazy because every (isp provided) router I have used has these options. They probably aren't 100% correct all the time, but it would be good enough for children (even though you shouldn't rely soley on filters to replace watching your kid).
Exactly. This was turned on on my professional phone so that was always an option.
Damn. Labor really wants to lose that election to Farage. Good luck to Corbyn and Sultana, I guess.
Farage: Gets elected.
Everyone: At least you'll abolish the OSA!
Farage: Nah, I said that because it would make me popular. Amma use the OSA to ban things I consider "woke".
Most authoritarian option there is.
And Farage would say doing it is "Common Sense".
"It has come to our attention that we haven't fascismed hard enough, nor in sufficient detail"
Maybe if they see significant issues with the populace adhereing to this law they should identify the solution of revoking the unpopular law.
It's the populace that is wrong, not the lawmakers /s
See: the 18th and 21st Amendments in the US (Prohibition).
Nothing will meaningfully improve until the rich fear for their lives
So, nothing will ever meaningfully improve?
Come on UK, just skip all the boring parts and make unremovable collars for everyone fitted with GPS, cameras and miniature bombs that can be remotely detonated. After all, that's the only way to make sure nobody is doing bad, very bad illegal stuff and to PROTECT THE CHILDREN, isn't it? Fucking hell, these fucks really are trying to create a bloody dystopia...
They think 1984 is a manual.
Oh, wait, no, that was about the evil communists.
I’d email my MP to ask why this Labour Government is using the BBC to promote Reform talking points and implementing brain dead Reform policies, but I don’t expect anything other than the blandest party line response.
All this pandering to Reform voters is completely useless, people will still vote for the original rather than a shitty knockoff. Despicable behaviour from Labour.
This is REALLY familiar...
"We will force you to do what we want", democracy in action
Isn't this currently what Russia is trying to do with their internet?
It's something russia has been doing for a decade and got pretty good at.
A long term blanket vpn ban is not compatible with a modern digital infrastructure, but with certain protocols (openvpn, wireguard) they can detect their usage and filter them out when necessary.
It does require a lot of expensive DPI (deep packet inspection) hardware I'm not sure UK has, so building a Great Firewall of Britain (Hadrian's Firewall?) will take some time.
Just to add that Hadrian's Firewall used to exist/does exist, I think. It was located in BT's main POP in Newcastle.
All good names are taken :<
"Safety" meanwhile these same mp's can't budget can't run critical public services like bloody hospitals.
But don't worry, your thoughts and activity are policed.
Democratic failure to prioritise and run a country at its finest on display for the world to see. The waste is astounding.
Funny how its always so important to ban useful and empowering things for citizens in the name of safety but someone we can't ban business practices that cause mass extinctions, change the climate, impoverish the working class or kill enough of us to only be seen as a statistic instead of people. If they actually cared about safety, they would be banning the things that cause mass suffering and death, not VPNs. We should be opposed to these kinds of bans on the principle that it further disempowered us so we are less able to deal with the threats of all the mass suffering and death that they refuse to keep us safe from.
https://use-their-id.com/
Holy shit that is brilliant...
Why not just ban all human rights while you're at it?
Little by little!
Can't do it all at once or the
peasantspopulace might catch on!The anti-terror unit needs to fill its new vacancies first. Do you know ho many enforcers it takes to arrest a single man in a wheelchair?
https://www.youtube.com/watch?v=M8p6Log2E9Q
If this comes to anything I'm moving to somewhere in the EU and pursuing citizenship there. This is clearly not about protecting the children anymore (not that it ever was).
EU is about to do the exact same thing. Norway is the place to be. That's where I went - at least according to my ip address.
Huh. I’m also “moving” soon. Any reason for Norway over Switzerland?
Not sure about the situation in Norway, but Switzerland has a quite right-conservative government and is also expanding their surveillance , e.g. Proton freezes Swiss investment over surveillance fears
I saw this news and I guess it’s good that privacy is being discussed somewhat soberly over there in the wake of this investment decision.
Personally I have recently been exiting out of the UK, a much more invasive country, so Switzerland for now does seem like an improvement for me. Norway is further out geographically and has less Mullvad servers, would seem like the less favorable option for me unless the proposed laws actually pass.
Frankly I’m scrambling after the UK’s ID thing.
No other than it's geographically closer to my actual location so I thought the speed would be faster.
Norway is part of the Nine Eyes…
They can come and pry TOR from my cold dead hands lmfao
this law can eat shit. i ain't gonna dox myself and feed my personal info to companies. maybe they should take this as a hint that most people care about their privacy
if you don't want kids seeing NSFW stuff be an actual parent and don't raise your kids on the internet??
apparently having a functioning brain isn't a requirement of being an mp
but of course we knew that when she did this in 2019:
Your law is the difficult problem you daft cunt
Lol what is going on over there. The UK is becoming more dystopian by the day.
Show me a ban that didn’t came with 10x problems. People have their needs even the filthy ones. Especially the filthy ones. Hence will find a way to fulfill it. If there’s no legal way to do so the demand will create an alternative market for it to match the demand…more trouble on the way if that’s the lane the UK choose
We all know that prohibition in the US was a rousing success!
And the war on drugs was extremely effective and didn't cause any bad things at all!
let people live life is more than just good for individuals… it’s just safer for everyone
focusing on harm reduction rather than abstinence and bans
I'd tentatively say, casually available heroin, morphine and laudanum/opium.
It obviously caused problems and pushed the market underground but it seems to have worked out.
I'm not aware of any studies in to this though, so it's only conjecture/guesswork.
I'll also clearly state I'm not putting them on the same level as this current dystopian bullshittery.
"Worked out" is people dieing from tainted drugs of a unknown potency? Youre a fucking monster.
Hey now, that's a lot of animosity for a statement that doesn't do much to make a good point.
The original question was
I posited a conjecture based guess with some basic reasoning and as i said , it was opinion more than provable fact.
By "worked out" i meant the overall situation is better after the ban, despite the negative consequences.
It seems that was lost on you, but now you know.
So let's address your reasoning, such as it is.
People died from tainted drugs before the ban, probably a lot from tainted drugs of the type in the ban.
Unless you have any evidence those numbers changed significantly after the ban, I'll chalk that up to your opinion.
Not a very reasonable one to my eyes, but such are angry people on the internet.
I was not aware i needed to provide an example of a ban that resulted in everything being completely fixed after the fact (mainly because that's not how the question was worded) but if that was, in fact, the requirement, my bad.
If I'm a monster (in your opinion) because i think the reduction in access to terribly addictive drugs might have overall brought down fatalities and other negative consequences, then i can live with that.
Not even China can ban VPN entirely, because businesses use it as a security measure.
U got a loicense fo dat VPN, lad? Show me dem poipers!
The solution is very simple, just require a license /s
That is very likely what they will do, I'm certain of it. Probably worse than that. I bet they will allow VPNs to licensed users (businesses), they will require specific protocols where they are able to backdoor in and snoop if they want to.
This isn't a good road we're going down right now.
But they can't seem to muster up the "political" will to tax the rich
Next up, zeros and/or ones
That's good. Everyone can read base 1.
I dunno, some people get confused beyond 11111.
there are 10 types of people in this world those who understand binary and those who dont
And those who didn't expect this joke to be interpreted as base 3.
Labour are not governing for the people, and they are not the Labour party anymore.
They're Labouring very hard for the corporations.
If they ban VPN's that's going to hit corporations harder than the average person.
The UK is the testing grounds. After they figure it out, they’ll be rolling it out everywhere else.
I don't think it's that centralized. Just some elite somewhere pushes through what elites everywhere would want, and they try to do the same around it.
Like spread of a disease.
I think the way to fight it is similar. Unions, customer associations, parties (not for election, but for having as many people as possible for mutual aid and actions ; it might even be counterproductive to get into government, since that breeds expectations which are not delivered upon, which hurts the party ; better to do volunteer projects without using state power as much as possible).
Yeah, I don’t think it is, but it’s the end result that concerns me.
"Hey! Stop using well known workarounds to my idiot demands! Surely this is brand new technology that no one could have known about!"
"Stop defending yourself, and let me hit you" vibes.
And there's the other shoe dropping with VPNs now. Didn't even take them an extra fucking year
Didn't even take a week.
Even the CCP can't stop VPNs... good luck UK
My guess they will block VPN services IP addresses like proton, shouldn't affect business VPN.
But what if I work for Proton and I am in the UK?
Edit: it's hypothetical
Your company will be forced to make you redundant.
dust off that resume
Ban remote working, vpn now only allowed from business addresses as registered with companies house.
VPN in businesses is mostly to secure internal use infrastructure against external threats. Use for remote working is an afterthought.
Oh that makes it easier for the government.
Maybe that the end goal, force people back into the office by banning vpn
Like i said, that won't work, because VPN has more important uses than mere homoffice.
How is this even feasible? People need them for work, business, school etc. The UK is going nuts with the attempts to regulate the internet.
Nanny state
You're literally being Jimmy Salvile right now
~ Guy who posed for photo ops with Salvile twenty years ago
Omg my brother amd I went to see Rolf Harris when we were kids and he invited my brother onto the stage. So woerd to think of now 😕
When I was a kid, Reddit and general public Internet access weren't things, but I sure managed to get my hands on pornography. I'm pretty confident that even entirely killing Internet access isn't going to stop kids who want to get ahold of porn from getting ahold of it.
The linked story has been updated. The headline now reads:
And the story begins:
Couldn't people just hire a VPS in another country and VPN with that using Wireguard etc, or even use RDP etc to it? Is it even a VPN if you're remotely operating a computer in another country?
WireGuard would be illegal. ISPs would monitor for encrypted traffic streams. All remote workers must now come back to the office. ofcom can see any and all traffic. Your loyalty to the king shall be examined. You choices of media will be scrutinized. The threat of losing your children will be used to force compliance. Welcome to the machine.
Pretty much every single website uses HTTPS these days which means all traffic is encrypted anyway. Instead of a VPN you could use an encrypted proxy that connects over HTTPS. I doubt the UK is just going to completely cut itself off from the rest of the world’s internet (because all it takes is one path out).
Can we develop a new VPN protocol where the encrypted traffic is disguised as a 24 hour continuous stream of Never Gonna Give You Up
RickGuard
Oh man, they're going to come visit everyone that didn't do the "optional" affirmation thing at his coronation, aren't they?
I remember in Cory Doctorow's Little Brother (Great read, Free e-book here.) they had an insider at the ISP who just encrypted all the traffic that came through, so it just became the "new normal".
Work based VPNs would likely have to obtain a license from Ofcom, it would be highly unlikely to block them completely. Probably be requesting a back door into the work VPNs at the same time just like they have for other encryption, lol.
Tempora already snoops on traffic.
Refer to other comment. They don't see "VPN traffic", they see encrypted tunnels between two ports to some offshore vps. At best, they see a header saying "openvpn". The article is alluding to the country effectively wanting to crack down on encrypted tunnels (because you cannot discriminate VPNs from them). At best, maybe they're just christofascist idiots.
At best, they see a TLS handshake that gets upgraded to an encrypted websocket which hides VPN traffic…
And make sure to keep videos running 24/7 through said VPN so they don't know when the packets are interesting vs just YouTube or something
There will always be a way to bypass laws that do not serve the people.
I have a Digital Ocean droplet in Amsterdam, runs OpenVPN server. $6/mo., no one sees my activity, haven't logged into it in years.
Netherlands is part of the Nine eyes. They know exactly what your activities are.
Whether they choose to chase you down is a different issue.
Ah, fascism on the rise.
(NOTE: Any links to politician tweets in this comment are from Nitter mirrors, not direct links to Elon Musk's nazi bar.)
The Technology Secretary, Peter Kyle, pretty much called Nigel Farage a paedophile in a news network interview earlier today because he opposed the Online Safety Act, by saying he's on the side of sex offenders like Jimmy Savile.
He then went to Twitter and doubled-down on this stance:
This of course generated a lot of fury among the site's users.
For context, the Online Safety Act has been used to censor and age-gate anything and everything deemed "illegal content" under Ofcom guidelines. Any social media platforms must comply, else risk getting fined up to 10% of your annual global revenue. This is so broadly worded that it includes anything related to illegal immigration and people-smuggling (literally quoted in the GOV.UK page I linked.)
Twitter had genuinely been forced to censor all coverage around anti-asylum seeker protests behind age verification requirements, which has riled up a lot of right-wing politicians here. The reason for these protests is that the previous (Conservative) government had been paying exorbitant amounts of money to house asylum seekers in hotels, effectively lining the pockets of hotel chain executives - all while we deal with a massive housing and cost of living crisis.
This was meant to be a measure to give asylum seekers temporary accommodation which was put in place at the start of COVID, but has been government policy since 2020 with no end in sight.
Labour have also done jack-shit to resolve our skyrocketed (legal) immigration levels since they got into power, except for scrapping the Rwanda Deal which would have deported any illegal migrants to a third country for processing (which as the name obviously suggests, is the East African state of Rwanda.)
Zia Yusuf (head of Reform's DOGE division, yes they're ripping off Trump and Elon Musk) had this to say about the OSA on Twitter:
Labour have fucked up so catastrophically hard with how they've handled this legislation, that they've straight-up generated bipartisan sympathy for the leaders of a right-wing populist party - who are the only political force that have vowed to repeal the legislation because it is being used for mass surveillance and censorship.
Also, if you're thinking of voting Reform UK in 2029 (and it has honestly crossed my mind because age verification checks are a major sticking point for me), then you should take the pledges from Nigel Farage and Zia Yusuf with a grain of salt. Richard Tice (the party's deputy leader) openly tweeted support for pushing through mandatory ID checks on social media four years ago.
If Labour don't get rid of Keir Starmer, do a full cabinet reshuffle and reverse course, we are going to see a Reform landslide in the next election...
i don't trust a hair on Farage's little head lol
Enterprises will love that. A perfect excuse to end wfh. However, this will cripple business travelers. I'm sure there'll be some exception for corporations where they can exercise maximum control over their employees while still being allowed to generate capital.
Hey UK: suck it.
They couldn't switch off VPNs for businesses. I work in a hospital and we use VPNs to create secure tunnels to other third party health care companies as well as NHS adjacent health services amongst other things. This is to protect patient sensitive data amongst other things. This would cripple our service and go against NHS england and government requirements for the secure transfer and sharing of data.
This would have to be public VPNs only. Despite the fact that it would be complete bullshit either way.
Exactly. The best they could hope to do would be to create an exemption for businesses in which case I open my own fapping business.
and now you have to pay lost of business taxes even if you don't have any income
Unless things have changed massively in the UK in the last 5 years or so, in my actual experience you don't unless you make a profit.
The yearly baseline costs of opening and operating a Limited company in the UK are pretty low (less than £100 if I remember it correctly).
I shall pay my debt in crusty socks.
Well, you could just go back to sending stuff by fax machine forever, but then instead of even using the fax machine to sync patient data just make the patients fill out their own entire medical history from scratch every time they go to a different doctor and take their word for it.
Its 2025, we no longer need such silly things. Don't worry, its for the greater good.
Ive got a few UK coworkers that will be out of the job if anything disables VPNs. They voted for that mess now they can sleep in their 1/3 salary local jobs too.
A VPN is just a proxy. I don't see how this would be enforced.
An encrypted proxy. Thats a pretty hefty distinction.
Freenet, I2P and Tor will be the new refuge
I think it's Hyphanet now.
To me it looks like every government in the world is pro-surveillance and anti-privacy; they're just all at different stages of depth into those ideologies done in practice. Privacy and anti-surveillance against foreign governments and corporations, pro for domestic. And I continue decade after decade to say that you should fear your domestic government far more than any foreign unless you're a country that may have US and allies bombing/droning and paratrooping your country. Countries with a modern enough military mostly have to worry about their own government rather than foreign governments
There are ways around this even if they do ban vpn. Its a hopeless battle being fought by the ignorant.
I mean anyone can rent a server in Europe and install OpenVPN themselves. Hell, it doesn't even need to open OpenVPN, Wireguard works just as well and is basically undetectable.
Eat shit, UK government, for real. Idiots think that by speaking the same language as US fascists they can have similarly dumb ideas.
It would have been my go to. But they can detect openvpn and other protocols. I would just use a ssh tunnel with squid proxy. The squid wont cache ssh traffic unless you run your own cert and set up the squid that way. It will however seamlessly allow you to connect through a ssh tunnel with one port forward.
I've certainly happily used SSH tunnels --- on Linux it's great in that it's readily available wherever you already have OpenSSH installed --- but one downside of OpenSSH as a general-purpose tool for tunneling is that it is intrinsically TCP and thus forces packet ordering across multiple tunneled connections, which may not be necessary for whatever you're doing and can have performance impact. Part of the reason mosh exists is to deal with that (not for the SSH-as-a-tunneling-protocol case, but rather for the "SSH-as-a-remote-shell" case).
Wireguard is UDP, and OpenVPN can use either TCP or UDP, depending upon how it's configured.
If we were going to move the world to a single "tunneling" protocol, SSH wouldn't be my first choice, even though it's awfully handy as a quick-and-dirty way to tunnel data.
I used putty for tunnels on windows machines. As for mosh I forgot it exist. I use wireguard now. But if they ban VPN it will be harder for them to prove the SSH is being used for the purpose evading their stupid law. The high bandwidth usage could be a lot of things... right?
While in the hospital ten years ago I did get a visit from the IT dept. They didn't have any qos on ssh and I was moving a lot of data through it. They just asked me to limit my high usage to late night.
Fair enough, and come to think of it, I think I have too. Just was pointing out that not all SSH implementations have tunnelling functionality.
Yeah, that's true.
wireguard is not undetectable, even wireshark has a simple way to identify it, but there are more accurate ways
Wouldn't it be detected via initial connection only? WG does not send packets while connected, does it?
update: I think not only the handshake packets contain a recognizable pattern. look at "Subsequent Messages: Exchange of Data Packets"
https://www.wireguard.com/protocol/
especially if the receiver/sender_index and the counter are what I think they are.
also have a look at this page: https://www.wireguard.com/known-limitations/
now that you say, I think I remember reading something like this earlier
To be honest, I've found WireGuard's performance is harmed more by replay attacks than OpenVPN. Least that is what I put it down to when I tried them both from a VPN provider that offered both.
Edit: missed the a in replay.
How is WG vulnerable to replay attacks? They already address that in their documentation.
It's doesn't fall over, it just slows down. Or appears to much more than OpenVPN. There could be something else going on, but for what ever the problem was, OpenVPN was coping better and just spitting out errors about a possible replay attack and continuing like nothing was wrong. I've not looked again as OpenVPN is working fine. For everything else, I'm using WireGuard.
What's a reply attack? Do you have people activity MITM-ing your connection? Personally I've found Wireguard performance to be significantly better, especially on spotty mobile Internet
Man in the middle can be part of it. It's just basically recording and sending stuff back. Generally I use WireGuard, but on unhygienic networks, were OpenVPN is warning about possible replay attacks, WireGuard doesn't work as well. Could be something else of course, but I've got one end. It's not constant or always.
Oh replay attacks, that makes a bit more sense. Honestly I've never been on such a poor network to run into that. I don't know your situation, but I'd be doing anything I could to get away from that ISP if they're actively manipulating your traffic
Ah, I see it. Sorry. Corrected.
It's not really an issue with OpenVPN as it seams to cope. It's the only time I use OpenVPN instead of WireGuard.
They will use it as an excuse to give themselves more power and to take more civil liberties from you.
Someone should start a bussiness near the border of Republic of Ireland and get two antennas pointed at each other across the border, with the RoI side having connected to the free internet, then the UK Northern Ireland side connected to the Intra-net. You pay a "Club Membership Fee" to get access to the proxy network.
Its not a VPN, its a Nerd Techie Club, just with a free proxy service as part of the club membership 😉
Yeah, businesses will not accept this. Remote work and remote connections rely on VPN for ALL KINDS OF SHIT. If you must adhere to some kinds of government compliance, it is even MANDATED BY THE FUCKING GOVERNMENT. Explain to me how the hell that is going to just poof and not cause all kinds of problems.
Labour has already spoken out and said they will make no attempts to ban VPNs.
I love watching politicians try to understand the internet.
VPNs have loads of vanilla use cases.
It would be infinitely more productive to regulate the predatory practices of stream providers and reduce the incentive for piracy.
just do what the chinese do to get around thier great wall. use proxies and anti-detect browsers, its the next step after VPN.. you might want to look around how to set these up.
The Collective Shout Out must feel envious of such power... Think about all what they could ban, you know, for you and your children protection of course.
Labour was supposed to destroy the Tories, not join them!
The UK government doth protest too much about protecting the kids. It’s obvious that this whole thing is just an attempt to increase the surveillance of the UK population.
Will the next step be banning VPS then? Because that's what will happen: if you ban VPNs (good luck with that lol), people will just connect to a VPS in a less stupid country and exit from there.
I hope they start looking at TOR too, that should be really fun.
Well, if you connect to your own VPS, you're still "illegally" using a VPN if they ban them. Yeah, you enter a world of how they will enforce it. But, it's not dodging the law to make your own VPN on a VPS.
Sure, but how do you confirm that I'm using it as a vpn and not as a real server to run my own apps (for example a cloud storage or a media server)?
Oh right, you just ban VPS as a whole too, because why not, right?
And next thing, since we are at it, we should ban encrypted traffic because who knows what are you doing with your encrypted communications! Fuck HTTPS! Think of the children!!!
And the worst thing is that I can completely see them doing it.
But that's true of any law. They need to prove you broke the law. I doubt they will ban VPS'. They might ban private use of VPN's and they will occasionally convict someone of it, to keep the fear level up. Just like most hard-to-prove laws.
The thing is, if they're able to monitor traffic, then they can easily isolate "likely" VPN traffic. HTTPS will almost always be on 443 and to a variety of sites. If suddenly you have a metric ton of encrypted traffic going to a single host and your traffic going to other hosts also drops accordingly. You've got a very likely use of VPN.
Now, yes to prove it they'd need to get search warrants and the like. Which is why I think enforcement will be one of those things they make a big noise about when they do. Just to keep normal people scared to do the thing.
Just like IPTV use, normal piracy, and this kind of thing.
What if the VPS' start offering no-logs policies so it's impossible to know anything about the traffic and encryption so they don't even know whose that traffic?
This is gonna be an arms race and I don't doubt of the stupidity of the politicians. The brexit showed us how dumb they can be.
No. I fully expect them to monitor the traffic from the UK. And search warrant your premises. People using VPNs are most likely going to have evidence (the keys for the VPN and ways to start it up) on the machines, in their house that they could seize. They don't need to touch your VPS.
Like I say, it'll be a rarity. It's too much work to go after people wholesale for this and the manpower to get the hard evidence it prohibitive. But, they will make a few examples.
For court purposes (and they will be careful to keep these cases in magistrate courts unless there's solid evidence of more crimes found), there will be enough evidence to show the changing traffic patterns and the proof of a working method of accessing sites from another jurisdiction present on the machines found in the user's possession. More than enough for well trained magistrates to convict.
But look, this is IF they try to route of banning VPNs too. It's just the ranting of one or two MPs right now.
Just adopt a CCP style social credit system already. Why all of this pussyfooting around being a totalitarian, censorship focused, surveillance state? Just do it. Give the good people of UK a solid reason to be a little bit more French again.
https://en.m.wikipedia.org/wiki/Social_Credit_System
This is, if true and accurate, delightful news! And has improved an otherwise troublesome day.
As an American, it always made me laugh when we made fun of China's "Social Credit Score" when we literally have one already that determines whether we can buy houses/cars/etc lol
What about all the people blocked from air travel due to low Social Credit? Are you saying that never happened?
People can be banned from airlines but they get banned for the same reasons they do in the US, like getting drunk on the plane and punching someone. Or like how the US bans people who owe child support from getting a passport, judges in China are allowed to ban people with unpaid child support or big enough unpaid fines from state owned airlines until they pay.
Oh, that would be hilarious to watch.
I could definitely see myself setting up a Wireguard VPN only allowing connections to a bunch of porn sites here on my home fiber in Sweden. Should make a nice little side profit.
People are "at risk"... of what? What a terrible article to not even clarify what the risk is. Because it sounds to me like the government is who put those people at risk by making them go look for solutions to a draconian policy.
Freedom from EU regulation. 😋
I mean, in terms of the age restriction rules, we might get it first. But the EU is setting up for a very similar set of rules, the USA is also working on their own version. France came before us. Australia are also running I think (now, soon? Not too sure). As to whether similar talk (and it's just talk right now) around banning VPNs will happen elsewhere too. Well, if they pull it off here too without too much of a problem, yes it will likely be rolled out elsewhere.
It's not isolated in any way and the fact it seems to be very suddenly a thing every country wants to do should make it even more concerning.
I'm looking forward to the next UK election where the headline will be: Labour has lost the election in a landslide that left them with dozens of votes total
Every single person who didn't think this would affect them who watches porn in any capacity is very likely highly pissed off and will continue to be for as long as this draconian bullshit is enabled.
this is obviously such a dumpster fire that I can't help but wonder, "When will they realize how dumb this is and back out of it?"
then i remember that Brexit happened
fuckin stubbornness is a national identity for you blokes innit
You cant ban vpns, its easy for tech people to set up a vpn server on any server on the internet and connect to it. Wireguard for example, super simple.
That sounds awful lot like dictatorship...
Reddit already tried to block VPN users.
Expect the corpos to bend the knee.
So now it's not just TERF island but also nazi island.
As a Brit I'm sorry for how embarrassing our country's authorities are becoming
Every society has its pathway there. TERFs are one of the last milestones.
GB has really wanted to go fascist autocratic since Germany looked over in the 1920s and saw a like minded kin.
Did we? Some maybe, I do recall the fascists got the shit kicked out of them on Cable Street. More of that please.
That's the only source? A far-right conspiracy website?
What would be defined as a VPN and even then there are other options to get access to content as if you where in a different country or ways to bypass the age restriction. A lot of companies and governments also use VPN's to get people to work on their servers, so how would the UK function.
It always baffles me that they try shit like that.
Edit: heck proper sex education is a way better solution to reduce unhealthy sex habits
It's not about sex, or protecting the children.
It's about control.
Maybe it and maybe it isn't, but kicking against it trying to change won't help because there is a certain amount of the population who believes that it isn't for control, but it is actually for sex or protecting the children or what not.
If you want to get those people over to change their behaviour, you want to work on compromises or in this case you want to deflect them into fixing something else.
Trust me, I have a lot of right and even some mildly right people around me and with going hard against them you will just confirm their bias.
for those in the UK and/or Other places in Europe just know it's so painfully easy to either set up your own VPN or just use something like Mullvad.
I set up my own VPN this morning for the first time on my server and it took less than 10minutes. plenty of guides online on how to do it.
Banning VPNs is quite a serious move.
It's not so easy to ban VPNs. They need to setup DPI everywhere. And then people will start using DPI circumvention software.
Geeze I hope I don't...slap tailscale on a vps
What if we all started using I2P for most stuff? The governments couldn't do anything about it.
Man I can't follow UK politics. I thought Labour was a progressive party
Old labour was.
They pivoted quite hard a few years ago to try and win an election.
They are just Tory Lite now.
For starters, the whole "Progressive" thing is an American concept born out of the American environment (with its very deep religious moralistic strain amongst a large fraction of the population) and does not really applicable to Britain because, at least until recently, they didn't really have regressive tendencies.
Beyond that Labour hasn't been Leftwing since Tony Blair took over in the 80s and started talking about it being New Labour - they're Neoliberals and quite strongly so, so pretty rightwing.
What they did was performative Identity Politics like in the US: theatrics in the Moral space to make them seem different from the other mainstream party, rather than actually having genuine Liberal Principles.
Of late they even ditched that and seem to be trying to outfascist the Fascists.
I don't think it's even possible to get rid of VPNs without outright banning encryption. If I set up a VPN that uses an obscure port and the traffic is encrypted, how are they going to know it's even a VPN?
Can't wait for the next election to kick out the Tories so can roll back all their draconian bills.
Download Tor, Whonix & Tails
I though the UK was a Western democracy. What the hell are you guys doing over there?
Kinda hoping MPs don't read anything here. But, hopefully they omit socks/http proxies from whatever ban they impose....
Wireguard evil, mmkay?
Turning into China, aren't we?
labour really doesn't want people to access lgbtq safe spaces and resources huh?
China 1.5