> It Won’t Even Work

I heard similar sentiments about censorship efforts in Russia, but it does seem to work, unfortunately. So far they have outlawed and blocked major VPN providers (and keep blocking more, including non-commercial ones, like Tor bridges, and foreign hosting companies' websites), blocked major detectable protocols used for those (IPsec, WireGuard), made usage of proxying ("VPN") an aggravating circumstance for the newly-introduced crime of searching for "extremist" information. That seems to deter many people already, and once the majority is forced to use the local approved (surveilled, censored) services, it is even easier to introduce whitelists or simply cut international connections (as is already practiced temporarily and locally), at which point the ban is successfully applied to everyone.

• LadyCailin

  today at 11:33 AM

  It won’t even work*

  *without resorting to complete Russian style government control

  The US is not (yet) Russia. The rule of law is definitely being destroyed as we speak, so who knows 5, 10 years down the road, but there are still several prerequisite institutions that need to be destroyed before the US could reliably enforce a VPN ban.

  • nirui

    today at 1:17 PM

    It's not just a VPN ban, the word VPN in the context means proxy, and you can setup a proxy with something as basic as a SSH command.

    It's basically a restriction on communication, i.e. the government decides who you're allowed to talk to, not just a privacy issue.

  • forgotoldacc

    today at 12:13 PM

    Every country that has slid into North Korea style total control begins with a "it won't happen here. And it'd stop before it gets that bad."

    • vinay427

      today at 1:32 PM

      From my reading, the GP comment isn’t claiming otherwise, but just that that sort of VPN ban isn’t enforceable in advance of some of those changes. They do directly suggest they don’t know how long this will remain the case.

    • estimator7292

      today at 2:10 PM

      That's a tautology, and not even an interesting one.

    • jhrmnn

      today at 1:18 PM

      Can you name some examples?

    • colechristensen

      today at 1:44 PM

      >Every country that has slid into North Korea style total control begins with a "it won't happen here. And it'd stop before it gets that bad."

      This is a pretty bold claim and I'm not sure it matches up with reality.

      Karl Marx said that in the first stage of communism there would be a required period of dictatorial control in order to transition from and dismantle capitalist institutions. This is exactly what happened in China and the USSR... there just never was a phase 2.

      That's not quite "this will never happen here", more like premeditated dictatorship that never ended because the ruling class preferred being a ruling class rather than return themselves to "communist paradise".

      • mananaysiempre

        today at 2:09 PM

        As long as we’re exhuming odious corpses, Lenin did say the first step would be to control the telegraph and telephone exchanges. Control over the spread of information was understood to be crucial even then. (Admittedly in Lenin’s case he was also talking about battlefield coordination inside a city, what with the absence of portable radios.)

        As far as Marx, well, he didn’t provide a recipe for phase 2 either—he just kind of assumed that things would fall into place naturally after the revolution (that needed to be global! the whole communism-within-a-country thing was a later invention / post-hoc rationalization, lampooned masterfully by Voinovich’s Moscow 2042). The entirety of the nascent social sciences field (which Marx was performing to the contemporary standards of, however disastrously that turned out) was rather high on the whole natural law thing around that time. Turns out that, if you created a power vacuum, it would be filled by people who had most ruthlessly optimized for capturing power, as opposed to fairness, your preferred ideology, or anything else. Which at first meant Lenin and then ultimately Stalin, in whose purges died the last true (if at that point very, very bloody) believers. Also most of the intellectual backbone of the nation and the national liberation movements of multiple peoples, but who’s counting.

    • catlover76

      today at 2:07 PM

      [dead]

  • today at 1:20 PM

  • mananaysiempre

    today at 1:04 PM

    Don’t exaggerate the level of control required. For all that things are bad and getting worse, Russia has not reached the North Korea percolation point where every facet of government control is tied to every other one. (Neither has Russia reached a NK-style total war economy, partly through bureaucratic dysfunction and partly by design; but I digress.) The things that it does are still pretty modular and don’t require $YOURCOUNTRY becoming Russia in its entirety. Hell, London had more outdoor surveillance than Moscow until after Covid. As far as Internet censorship, here’s what the playbook was:

    1. Have a dysfunctional court system. (Not a powerless one, mind you; it’s enough that it basically never rule against the government. It would probably even be enough if it never ruled against any of the following.)

    2. Mandate page-level blocks of “information harmful to the health and development of children” (I wish I were joking) for consumer ISPs, by court order; of course, that means IP or at least hostname/SNI blocks for TLS-protected websites, we can’t help that now can we. The year is 2012.

    3. Gradually expand the scope throughout the following steps. (After couple of particularly obnoxious opposition websites and against an unavoidable background of prostitution and illegal gambling, the next victim, in 2015, was piracy including pirate libraries. Which is why I find the notion of LibGen or Sci-Hub being Russian soft power so risible, and the outrage against Cloudflare not being in the moderation business so naïve.)

    4. Make sure the court orders are for specific pieces of content not websites (as they must be if you don’t want the system to be circumventable by trivial hostname hopping), meaning the enforcement agency can find a particularly vague order and gradually start using it for whatever. Doesn’t hurt that the newly-blocked website’s owner will be faced with a concluded case in which they don’t even have standing.

    5. Ramp up enforcement against ISPs.

    6. Use preexisting lawful intercept infra at ISPs to ramp up enforcement even further. Have them run through the agency-provided daily blacklist, fine the offenders. Any other probe you can get connected to the ISP will work too.

    7. Offer ISPs a choice (wink, wink) of routing their traffic through agency-controlled, friendly-contractor-made DPI boxes they will need to buy, promising to release them from some liability. (First draft published 2016, signed into law 2019.)

    8. Mandate the boxes.

    9. It is now 2021 or so and you’ve won, legally and organizationally speaking, the rest is a simple matter of programming to filter out VPN protocols, WhatsApp calls and such. Pass additional laws mandating blocks of “promotion” of block evasion if you wish, but the whole legal basis thing is a pretense at this point. For instance, you can de facto block YouTube absent any legal order by simply having the DPI boxes make it very slow, which is a capability not mentioned in any law.

    See how very easy it is? How each legal or technical capability logically follows from very real deficiencies of the preceding ones so even a reasonable court would be disinclined to rule against them? Understand now why I’m furious when reasonable people on this forum defend the desires of their—mostly good and decent!—governments to control the Internet?

    (See also how most of this happened before “Russia bad” became the prevailing sentiment, and how most of it went largely unnoticed in the EU and US, aside from a couple of reputable-but-fringe orgs like RSF to whom very few listen because they cry wolf so much? The ECtHR didn’t even get to the cases, IIRC, before the trap snapped shut and Russia was drummed out of the Council of Europe to widespread cheering, making the matter de facto moot.)

    You know that road. You know exactly where it ends.

Reminds me of my time in Zanzibar, where the internet was censored and some VPN providers (like Proton) weren't working. The authorities then imposed a complete ban of VPNs without permit, with threats of harsh punishment (2000 USD fine or 12m in prison). Exceptions could be made by filling a form justifying the use of the VPN and details about it (for example IP address) but reviews are slow and obscure.

The context with this article is different but the similarities are with how lawmakers misunderstand VPNs. They are an essential tool for workers and there are many other ways to circumvent censorship without VPNs anyway. The irony of this ban is that Zanzibar also wants to attract digital nomads, and the most important tool for them is an unrestricted and reliable internet connection.

Sadly (at least for me, I am a US citizen) we are seeing the slow burn collapse of western ‘democracies’ and the slow steady rise of the global south.

Western leaders are in panic mode. I am not very political but when I look at the last Biden administration and the current Trump administration I see two men in panic mode - very weak.

A partial solution to western civilization collapse is to make ourselves as individuals strong: prioritize family, friends, continual life long education, spirituality, highly productive work, supporting our local communities, etc.

A device-side IP filter locked behind a password that parents can configure in the device's settings would be much more effective and easier to implement than censoring the Internet. This should be the default solution, yet it's never brought up for whatever reason.

Not to mention these online content censorship laws for kids are wrong in principle because parents are supposed to be in control of how they raise each of their own kids, not the government or other people.

And these laws make authoritarian surveillance and control much easier. It's hard to not see this as the main objective at this point. And even if it isn't, this level of stupidity is harmful.

• SwtCyber

  today at 1:45 PM

  Whether it's intentional or not, these laws open the door to mass surveillance under the guise of "protection"

• b00ty4breakfast

  today at 6:52 AM

  The goal is controling the flow of information online. "protecting the children" may or may not be a sincere concern but ultimately censorship is what is desired here.

  • sigmoid10

    today at 10:46 AM

    Same way the government needs to read all your emails because some terrorist on the other side of the world may or may not be using email as well to communicate.

  • subscribed

    today at 11:59 AM

    Whenever "think of the children" shows up as a pretend-genuine argument, you may bet on it being a scam/grift.

    Read about the infamous EU's chat control and lobbying behind it: https://mullvad.net/en/blog/mullvad-vpn-present-and-then

  • SwtCyber

    today at 1:49 PM

    Yep, "think of the children" has become the go-to excuse for all kinds of overreach

  • DuperPower

    today at 12:06 PM

    pedo and terror the 2 excuses

    • bergfest

      today at 1:52 PM

      It’s almost like they need these to exist.

• pksebben

  today at 6:59 AM

  It is the objective, it's always been the objective. The worst part is that I bet these people don't even think of themselves as authoritarian so much as they stumble into it through a combination of selfishness, ignorance, and complete disregard for ethics. They like money and power, more information means more of both, darn the torpedos, tap the lines, hit the gas and all of a sudden it's oops all facism.

• duxup

  yesterday at 5:21 PM

  I think putting parents in control is the right path, but will reveal a sad fact.

  Many parents aren't taking time to be in control, and no amount of legislation will fix that.

  • Jordan-117

    today at 5:53 AM

    Or the sadder fact that it's not actually about protecting kids.

  • merizian

    today at 11:40 AM

    I disagree that legislation can't help. Fundamentally there's an education disconnect and unnecessary friction in setting up parental controls. Governments can better educate parents about the risks, and give them better tools to filter/monitor content their children watch (eg at the device level). Being a parent is hard and it's possible to make this part easier imo.

    eg consider child-proof packaging and labeling laws for medication, which dramatically reduced child mortality due to accidental drug misuse.

  • hellotheretoday

    today at 10:25 AM

    This is 100% the response. I work with kids in mental health and the “kick the can to the parents” response is so shortsighted

    Apple and android controls aren’t that difficult to understand. Roblox parental controls aren’t that difficult to understand. Could it be simpler by unifying these things under one framework? Sure - I’ve worked with tons of parents who fall under the trap that Roblox is safe because they set iOS parental controls. I feel for them because they aren’t “tech” people and apple conditions them to expect a setting to be universal across the operating system, so it’s quite a shock when they find out their child has been texting with some groomer from Roblox chat.

    The parents who are doing that will continue to do that. Improving those controls will help those parents and I agree efforts should be made for them. But for every one of those parents I encounter I get about 4-5 more who don’t bother to set any kind of parental control or filter on their children’s devices. When their 9 year old starts talking about pornhub and I give them resources on setting up parental controls it almost always falls on deaf ears. They simply don’t give a fuck. They can’t be bothered to spend 20 minutes figuring out how to set it up, even if I offer to walk them through it.

    It is the new form of parental neglect, the modern version of a latchkey kid

    • stephen_g

      today at 1:03 PM

      Yes but massive censorship and the constant surveillance of children is also not good for the children ultimately. We need to bring the question of “does this help create a world that we want children to grow up in?”

      Are we really going to argue “since some parents won’t adequately parent their children, we’re going to create a massive censorship and surveillance apparatus and the Government will tightly control what everyone is allowed to view or talk about online”?

    • rgblambda

      today at 11:32 AM

      It'll take legal responsibility being placed on the parent, and one parent being prosecuted and convicted for child neglect, in order for that attitude to change.

    • today at 10:38 AM

  • j-bos

    today at 10:36 AM

    A technolo-- legislative solution to a social symptom.

  • philipallstar

    today at 8:44 AM

    Parents are already in control.

  • James_K

    today at 10:24 AM

    A trivial amount of legislation can fix that. Law reads: ISPs must implement implement parental blocks by default, exceptions may only be made on a per-device basis. Parental controls must also be enabled on public wifi. Easy as that. It doesn't matter how lazy you are, actively going and turning something off is more effort than not.

    • rgblambda

      today at 11:35 AM

      >ISPs must implement implement parental blocks by default

      This is already the case in the UK. We discovered another sad fact. Parents will suddenly develop the technical literacy to turn parental controls off because it's inconveniencing them, but won't bother to fine grain the control to make it safe for their children.

  • yesterday at 6:19 PM

• subscribed

  today at 12:00 PM

  IP filter? So what you do when you block the entire cloudflare, CloudFront, Amazon and Google cloud ip ranges?

  What's left?

  There are better solution than blocking IPs.

  • txrx0000

    today at 1:33 PM

    Yeah, we can have fancy NN-based filters, but I think even a simple IP blocker with some carefully-made presets would go a long way.

    Anyways, the main point I was making is the filtering should be done on-device at the parents' discretion, if they really wanted to protect their children. We can give them that feature and eliminate an excuse for authoritarian laws at the same time. This doesn't even require legislation, we can just do it if enough people working on operating systems agree.

• vasco

  today at 7:57 AM

  These are religious fanatics trying to ban porn because they believe it's evil. All the rest is dressing to advance that cause and isn't worth spending too much time trying to make sense of.

  They'd latch on to whatever reason they'd think would stick.

  • subscribed

    today at 10:25 AM

    You forgot to add they also believe the education sites are evil brain rot.

  • decremental

    today at 10:22 AM

    [dead]

• yesterday at 4:54 PM

• lukashoff

  yesterday at 3:26 PM

  > And even if it isn't, this level of stupidity is harmful.

  How much more proof do we need that we're speedrunning the authoritarianism and frankly we're already somewhat authoritarian, it's just pluralism for now. Wait until the elites eat each other and only one dictator is left.

I'm reminded of efforts in the 1990s to ban strong encryption in email and websites because governments tried to tell us it was used by drug dealers and pedos to do their nefarious activities.

Yes, governments really did want to force us to use HTTPS with only broken/weak crypto.

Same propaganda, different buzzwords.

• dreamcompiler

  yesterday at 4:50 PM

  https://en.wikipedia.org/wiki/Clipper_chip

  • seanhunter

    yesterday at 4:53 PM

    Yes and https://en.wikipedia.org/wiki/Bernstein_v._United_States

    Notice that in those cases DJB was represented by the eff, so they have been involved in this issue for a very long time.

• add-sub-mul-div

  yesterday at 2:59 PM

  In hindsight, they really misjudged how comfortable pedos would be with discussing their affairs in plaintext email.

  • jsmo

    today at 6:15 AM

    just the rich, well-connected ones with friends in high places right?

After Wisconsin finds out how to reliably filter vpn, they can then teach Netflix and Akamai how to do it.

Last time I checked modestly reliable geoblocking existed, and completely unreliable vpn blocking.

A friend told me that when he comes across a site for which Nordvpn is blocked, he just changes IP. Latest the third one always works, even on YouTube (he is all about privacy).

• charcircuit

  today at 9:54 AM

  You don't have to reliably block something to make a law against it. Murder is illegal despite the government not figuring out how to reliably stop people from murdering each other.

  • chrismorgan

    today at 11:23 AM

    So many people miss this in such discussions. Like that Australian politician’s “the laws of physics are all very well, but the laws of Australia are the only ones we care about” which was widely ridiculed in technical circles that did not grasp its truth: that law is all about declaring physically-possible actions illicit.

    However, to address your specific chosen example, one could argue a difference from murder, if they say “your site must block these traffic sources or you’re in trouble”: one could argue (it’s not at all cut and dried) that it’s like saying that venues are liable for the murders committed at them, rather than the murderer.

  • today at 11:30 AM

• SwtCyber

  today at 1:50 PM

  It's like watching people try to duct-tape the internet into behaving the way they imagine it should

• phantomathkg

  today at 9:27 AM

  It is a cat and mouse game, it is whether the service provider do or not. I remember AWS WAF can block VPN ages ago, according to this announcement, it is 2020.

  https://aws.amazon.com/about-aws/whats-new/2020/03/aws-waf-a...

• rda2

  today at 9:10 AM

  It’s different if you have influence over the network, like a government might. I spend a lot of time in China, and they’ve done a good job of blocking VPNs in recent years, including my personal WireGuard connection to my home network. Not that any technical solution is impossible to bypass, but a motivated state government could make VPN use difficult if it wasn’t for the whole Constitution thing.

• aydyn

  today at 8:36 AM

  Lots of sites do in fact block VPNs successfully. How? Well they could just sign up for NordVPN and see which IPs they use directly. Its not rocket science.

  • kbrkbr

    today at 8:51 AM

    I do have a bit of experience with managing WAFs for large online gaming providers and I can tell you it's not a solved problem. Netflix would also love to hear how I guess.

    Even if you somehow manage to enumerate the Nordvpn IPs - a thing of which Nordvpn probably thought in their threat model - then you still have thousands of other providers.

• NoMoreNicksLeft

  today at 10:01 AM

  You misunderstand. When they "ban VPNs", it's not that the VPN police will be patrolling your neighborhood trying to catch you using Mulvad or whatever. Instead, the AG will send a letter to the VPN provider, threatening to prosecute them for selling an illegal service. And they will comply and shut down. Once the commercial services are gone, it won't matter that you could hide your own VPN usage in a practical sense, because 1 in 100 people have the resources, technical expertise, and time to set up their own VPN server offshore. Furthermore, it may be cost prohibitive... I'm spending $3/month or so. I can't spend $250/month on this. And if I could, it will just break more often, I won't get the 99% uptime I usually get either.

  Something that's extraordinarily low effort will become exceedingly high effort, and this will achieve their goals.

  • kbrkbr

    today at 11:14 AM

    The text we are discussing says: "It’s an age verification bill that requires all websites distributing material that could conceivably be deemed “sexual content” to both implement an age verification system and also to block the access of users connected via VPN." That's what I was discussing. Not sure where AG and vpn providers come in.

  • today at 11:12 AM

Of course, what if I use an SSH tunnel instead as that normally suffices a lot easier for me. It's basically the same underlying libraries? They would have to regulate the use of libssl, libcrypto, etc. This makes no sense lol.

Am I going to find myself in jail one day for "Unregulated use of a private/public key pair?"

• willis936

  today at 10:01 AM

  That depends on if you are poor and/or considered a political enemy. Where is the party of small government?

  • coldpie

    today at 12:42 PM

    > Where is the party of small government?

    It's the conservative 2/3 of the Democratic party.

  • autoexec

    today at 10:19 AM

    The actual size of government doesn't much matter, it's what the government does and doesn't do that counts.

    • today at 12:05 PM

  • today at 1:27 PM

• hsbauauvhabzb

  today at 10:28 AM

  The tunnel part isn’t exactly a crypto function, but the crypto makes it hard to detect. You can tunnel anything over http,, telnet, dns or sms too.

• James_K

  today at 10:34 AM

  >Of course, what if I use an SSH tunnel instead

  Are you a child? Probably not, so you are just accessing legally available content by alternate means. It's strange how many people think they are out-smarting a system when said system is explicitly designed to allow them access.

  These laws are primarily intended to stop children browsing the internet from being exposed to porn and gore when they're simply browsing the web. A child who has gained sufficient independence to purchase their own VPN subscription or operate an SSH server to look at pictures of boobies without their parents knowing has also likely reached the point in life where doing so is not harmful to them.

  • monooso

    today at 11:44 AM

    Did you read the article?

    Firstly, the article makes it clear that the definition of "harmful to children" is being systematically expanded to mean "makes conservatives a bit uncomfortable."

    And secondly:

    > It's strange how many people think they are out-smarting a system when said system is explicitly designed to allow them access.

    The whole point of the article is to draw attention to the fact that certain regions are trying to make the use of a VPN illegal. If that were to happen, using an SSH tunnel would indeed be "outsmarting the system."

Part of the problem is that in order to prove your age you need to hand over a bunch of unrelated data about yourself. Why do they need to know my name, address, signature, and what I look like? They don’t even need to know my actual age, just that I’m over 21. Laws like this would go down a lot better if there were privacy-respecting ways of verifying age.

• SwtCyber

  today at 1:53 PM

  Probably because the real priority isn't age verification it's data collection and control.

Stuff like this really reminds me how nobody is actually in control. Entire countries are just going where ever the rivers takes them with those supposed in charge not knowing any better and often worse than the rest and functionally being so clueless they’re passengers too

It's like trying to ban people from whispering in public because someone might say something inappropriate

I'll be surprised if my country (the UK) doesn't go down the same path. I don't like the reform party, but they seem to be the only party that see the danger in all of this.

It's funny how democratic countries copy whatever laws authoritarian regimes passed, but with a 5-year lag.

• pjc50

  yesterday at 1:19 PM

  This sort of thing turns up very regularly in US politics, from the Comstock Laws to the Communications Decency Act. The late 90s even had a requirement to use easily breakable encryption (48-bit RSA) which big tech companies generally obeyed. And a worse proposal (the "clipper chip") which was never deployed.

  Authoritarianism is not limited by your birthplace, it can turn up anywhere. And when it does people are often really enthusiastic about it.

  • dreamcompiler

    yesterday at 4:55 PM

    https://en.wikipedia.org/wiki/Clipper_chip

    • cartoonworld

      today at 8:15 AM

      Very related:

      https://en.wikipedia.org/wiki/Crypto_Wars

• tim333

  yesterday at 11:04 PM

  The Great Firewall dates from 2003 and we still don't have a Great British Firewall so the lag seems longer.

  • Dave9k

    today at 6:41 AM

    UK ISPs block around 1500+ domains through High Court orders and police make 12k+ arrests a year for online speech. You don’t need a formal firewall when the effect is the same in practice.

    • rjh29

      today at 10:18 AM

      I would like a citation for 12k arrests a year as that seems insane to me.

      • rgblambda

        today at 11:45 AM

        https://www.thetimes.com/uk/crime/article/police-make-30-arr...

        The findings in the Times article were subsequently debated in the House of Lords. The figures weren't disputed: https://lordslibrary.parliament.uk/select-communications-off...

      • monooso

        today at 11:47 AM

        Not GP, but this may be of interest: https://allsides.com/

• wseqyrku

  today at 6:23 AM

  Could be more serious than that, maybe it's not a lag. Maybe they are becoming.

• bamboozled

  yesterday at 11:39 AM

  It's not funny, it fucking sucks.

  • gessha

    today at 1:11 PM

    “If I didn’t laugh, I’d cry”

    https://youtu.be/i6fGOXWO0w4

• pissmeself

  yesterday at 3:06 PM

  [dead]

Wisconsin "porn" websites will just move out of Wisconsin.

The bill reads like you would think from someone who's been talking with the ceo of an age verification company. The bill gives the website two options: use a _commercial_ age verification product tied to gov't id checking, or "digitize" the web user's gov't id.

• nijave

  yesterday at 5:09 PM

  Holding out for government IdP that can return verified but anonymous data (like age)--like a JWT that has no identifier besides an age claim.

  Seems highly unlikely it would ever happen (at least in the U.S.) but seems like it'd solve a decent amount of verification problems. With a JWT, the IdP wouldn't even necessarily need to know the recipient since the validity could be verified by the consuming party using asymmetric crypto.

  • immibis

    today at 10:40 AM

    Yep and I'd just have to automate the process and give out my own JWTs to other people for $2 each

As someone born in a post‑Soviet country with rather many odd digital laws--including one requiring that any use of encryption be registered with the department of commerce and the secret service (meaning no TLS unless you get a permit)--I can clearly see the endgame of similar proposals.

These laws aren’t meant to be followed. Their text is deliberately vague, and their demands are impossible by design. They aren't foolish, or at least their ignorance isn't needed to explain the system's broader function. They are meant to serve as a Chekhov's gun that may or may not fire over your head, depending solely on whether the people holding it decide like you.

In peaceful times, they fade into the background, surfacing only when it’s convenient to blackmail some company for cash or favors. In times of crisis, they declare a never-ending war on extremism, sin, and treason, fought against an inexhaustible supply of targets to take down in front of their higher‑ups, farming promotions, contracts for DPI software, and jobs updating its filters.

Historically, such controls were limited by the motivation and competence of the arms dealers, usually taking the form of DNS or IP blocks easily bypassed with proxies. With modern DPI, it's entire protocols going dark. Even so, those able to learn easily find a way around them. The people who suffer most are seniors, unable even to call family across the border without a neighbor's help, and their relatives forced into using least trustworthy messengers (such as Botim, from the creators of ToTok, a known UAE intel operation [0]) thinking they're the only way to stay in touch, not knowing how or wanting to use mainstream IM over a VPNs that may or may not live another month.

If wherever you are your votes still matter, please fight this nonsense. Make no mistake, your enemies are still more ridiculous than Voltaire could hope they'd be, but organizing against or simply living through a regime constantly chewing on the internet's wires is going to be a significantly greater inconvenience than taking _real_ action now.

[0] https://en.wikipedia.org/wiki/ToTok

• teddyh

  today at 10:39 AM

  > Chekhov's gun that may or may not fire over your head

  A more apt metaphor might be Damocles’ sword?

And cue the rise of self-hosted VPNs. 1 click to get a VPS instance, install VPN software, and make a connection. Automatically destroy the instance with another click or after a certain amount of time.

• txrx0000

  yesterday at 3:33 PM

  If this keeps going, they will ban self-hosting next: only government-approved hosts allowed.

  We can't just rely on technological solutions because you can't out-tech the law at scale. People need to actually understand that the government is very close to having the tools needed for a stable technocratic authoritarian regime here in the US and all around the world. It might not happen immediately even if they have the tools, but once the tools are built, that future becomes almost unavoidable.

  • skeledrew

    yesterday at 3:50 PM

    I feel like that'd take a level of surveillance that's technically unsustainable. But then again, sustainability isn't a consideration when it stands in the way of "better" control.

    • haxiomic

      yesterday at 4:16 PM

      AI is the perfect low cost tool to enable that. Plantir knows this and has been making strategic moves to build this

      Seems quite achievable and sustainable to me

      Every human carries dense compute and sensors with them. If they don't they stand out while still surrounded by dense compute and sensors held by others at all times

      Not nice to think about but it is the reality we are moving towards – vote accordingly

      • hdgvhicv

        today at 9:52 AM

        Voting doesn’t help. You need to win hearts and minds, and the synergy of resources available between the trillion dollar industries like AI and Marketing and you makes that a losing battle too.

        People want this stuff. People want ring doorbells, they want age verification, they want government control. Think of the children/criminals/immigrants.

        Voting won’t help.

  • LadyCailin

    today at 11:43 AM

    If it went this far, the US would no longer be recognizable. Not to say it can’t happen, and the US is fast marching in that direction, but this would be a dramatic shift in the entire underlying fabric of the country.

    • slfnflctd

      today at 1:12 PM

      Some would argue that the US is already unrecognizable in many ways, and that there are clear indications this trend will continue.

  • superkuh

    today at 5:56 AM

    When the ban happens it'll be really easy to implement without requiring only government approved hosts or any such distributed measures requiring enforcement. Certificate Authorities.

    There are just a handful of corporations get to decide which websites are visitable every 90 days. Put a bit of legal pressure on the corporate certificate authorities and there's instant centralized control of effectively the entire web thanks to corporate browser HTTPS-only defaults and HTTP/3 not being able to use self-signed certs for public websites.

    • mr_toad

      today at 1:30 PM

      There’s a handful of commonly used CAs, but the full list of CAs is very long.

  • joquarky

    yesterday at 7:54 PM

    Seems like a raspberry pi hidden at a library, restaurant, or anywhere with wifi would thwart this.

    • 1gn15

      today at 8:30 AM

      Feels like they'd make that illegal, and enforce it by checking the CCTV footage for the person who planted that mini computer, then arresting that person.

    • today at 6:30 AM

• LeoPanthera

  today at 8:55 AM

  Tailscale makes this trivial, which is why I'm worried about governments starting to block the Tailscale control servers. Which I think China already does.

  I don't know if Tailscale has any plans to make their service more censorship resistant, but I hope they do.

• Crontab

  yesterday at 7:10 PM

  I've been considering doing that, because it seems a lot of VPN owned IP addresses are being flagged.

  • txrx0000

    yesterday at 10:48 PM

    Consider SoftEther, which is VPN over Ethernet wrapped in HTTPS. It's open-source. It has a server discovery site called VPNGate. You can host a server to let somebody else use, then use a server soneone else is hosting.

    https://www.vpngate.net/en/

    We're really only missing a few things before there's decentralized VPN over HTTPS that anyone in the world can host and use, and it would be resistant to all DPI firewalls. First, a user-friendly mobile client. Second, a way to broadcast and discover server lists in a sparse and decentralized manner, similar to BitTorrent (or we may be able to make use of the BT protocol as is), and we'd have to build such auto-discovery and broadcasting into the client. Third, make each client automatically host a temporary server and broadcast its IP to the public server lists when in use.

    • suslik

      today at 7:06 AM

      Using this tech, all the CP traffic would detectably flow towards my ip, right? I’m sure I’m not the only one who would find this worrisome.

      • txrx0000

        today at 8:07 AM

        > Using this tech, all the CP traffic would detectably flow towards my ip, right?

        No, but I'm curious why you'd think that?

  • QuadmasterXLII

    today at 7:56 AM

    I logged into reddit from my local library wifi and immediately got a contagious ban that spread to all my reddit accounts.

"Here's what happens if VPNs get blocked: everyone has to verify their age by submitting government IDs, biometric data, or credit card information directly to websites—without any encryption or privacy protection."

Can someone explain how this is true? Even if there is not a VPN, there should be https encryption and privacy protection.

• stavros

  today at 7:01 AM

  They mean "no privacy protection from the website", presumably. Websites getting compromised and leaking IDs is a big deal, now that we've decided that websites should be seeing our IDs.

• joquarky

  yesterday at 7:34 PM

  My guess is that this data isn't secure even at rest, as the constant flow of data breaches has shown.

I'm curious how they plan to enforce it lol, because I don't think they can. Unless they plan to build something similar to the Great Firewall of China. But it will have to be nationwide. I don't think one state can do it.

Still not as bad as the previous administration colluding with Facebook, Twitter, and Youtube to censor American citizens and in many cases, get them fired from their jobs.

Isn't it Wisconsin law that lets the Governor change any numeric digits in a law while it's on his or her desk?

One of the most bizarre legal opinions I've ever heard of, but if they used any digits in the writing of the law those are up for grabs. Law makes a 30 day window or something? The governor can just change it to a million days with a stroke of the pen and then sign the edit into law with the same pen!

• gizmo686

  yesterday at 1:04 PM

  > Isn't it Wisconsin law that lets the Governor change any numeric digits in a law while it's on his or her desk?

  Pretty close.

  > (b) If the governor approves and signs the bill, the bill shall become law. Appropriation bills may be approved in whole or in part by the governor, and the part approved shall become law.

  > (c) In approving an appropriation bill in part, the governor may not create a new word by rejecting individual letters in the words of the enrolled bill, and may not create a new sentence by combining parts of 2 or more sentences of the enrolled bill

  https://docs.legis.wisconsin.gov/constitution/wi_unannotated

  The big limitation here is that it is limited to appropriations. Further, the constitution goes out of its way to try and prevent creative vetoing.

  Unfortunately, the court decided that numbers are not words.

  As a result, the governor changed "for the 2023–24 school year and the 2024–25 school year" to "for 2023–2425"

  https://statecourtreport.org/our-work/analysis-opinion/wisco...

  • stavros

    today at 7:05 AM

    May not reject individual letters? You know that's there because someone did it before.

    • CGamesPlay

      today at 9:33 AM

      > Evers’s veto is part of a dubious Wisconsin tradition. In 1975, Gov. Patrick Lucey struck the word “not” from the phrase “not less than,” reversing its meaning. In the 1980s, Govs. Tony Earl and Tommy Thompson crossed out individual letters to create entirely new words. And in 2005, Gov. Jim Doyle reappropriated over $400 million from its intended use by striking all but 20 words from a 752-word passage, creating a new sentence bearing no resemblance to the language approved by the legislature.

      • stavros

        today at 9:37 AM

        Wow, I have no words. I could strike some off your comment to make something, though.

      • sandbags

        today at 11:18 AM

        I'm not in the US so I've no dog in this race only curiousity.

        I can understand allowing a governor to change the text of a bill. But I cannot understand allowing them to sign those changes into law. It seems like that would mean they could creatively reverse the meaning of any bill.

        It seems like a governor should be able to approve the text as written, or change it and send it back.

        What am I missing?

• nwellinghoff

  yesterday at 12:55 PM

  What if it’s a “thirty day” window? Safe?

  • conartist6

    yesterday at 12:57 PM

    Yes, my understanding is that only digits are meaningless per the supreme court's ruling there

Why ban VPNs when you can freely force social networks like HN to tie nickname registration to an state issued digital ID certificate to guarantee freedom of speech and legal accountability?

https://old.reddit.com/r/XGramatikInsights/comments/1ovd88s/...

• tim333

  yesterday at 11:08 PM

  Because you can't freely force social networks like HN to tie nicknames to a state IDs. Just because some politician said that doesn't make it so.

  • stavros

    today at 7:07 AM

    You can, though. That's what laws are.

    • tim333

      today at 9:59 AM

      HN is US based. You'll have fun getting a law like that through in the US, or even the UK or EU. They do have a law like that in China I think.

      • bergfest

        today at 2:07 PM

        I don’t know about the US, but in UK and the EU they are certainly trying to do just that. And if not today, the will simply cook us slowly a little longer until they succeed. The problem is, that regular people just don’t care enough.

      • autoexec

        today at 10:14 AM

        There's a lot of things that used to be unthinkable in the US. Things that only evil governments in other (usually communist) countries did, but which now happen in the USA. It turns out there's not as much of a difference as you might think, and not much you can do to change that.

    • serf

      today at 9:10 AM

      laws and enforcement are different things.

      I get your overall point, but conflation of the two is inaccurate.

      • stavros

        today at 9:36 AM

        I agree, but they're highly correlated, so it's not that this doesn't affect anything.

• autoexec

  today at 10:12 AM

  > you can freely force social networks like HN to tie nickname registration to an state issued digital ID certificate to guarantee freedom of speech

  Nothing guarantees free speech like making it trivial to keep a copy of everything everyone says that can always be tracked back to their real identity! No way that could have a chilling effect on perfectly normal speech.

• yesterday at 10:12 AM

• tamimio

  yesterday at 12:44 PM

  Not just social media, expect ANY app to be able to “verify” you through the new apple digital ID (android wallet soon I assume), the “verification is simple and seamless!!”, and add few Alegria drawings explaining why providing your ID helps defeating the “bad evil guys!!” and you are good to go.

• throw-the-towel

  yesterday at 10:02 AM

  And also to defeat AI slopbots!

• imtringued

  yesterday at 2:31 PM

  To this day I have no clue what the point of this idea is. Forcing you to use an ID on the internet is the real world equivalent of making everyone you interact with take a photo of your ID. It's completely nonsensical.

  Considering that most crimes require people to be physically present at the crime scene, it also doesn't seem to be a functioning deterrent at all in the real world.

  Most of the bad behaviour is concentrated in "seedy" places, where you usually have to go out of your way to interact with that place. A real name policy doesn't change the nature of the place at all.

  If anything, the places that would be most affected are the ones where people are roleplaying or pretending to be something other than "themselves". E.g. gay or transgender people, furries, MMO/MUD/MUSH players, streamers, etc which overall seem to be exceedingly harmless.

  There is also the blatantly obvious problem that this only works on people who are risk averse to begin with. So it will basically have no effect on actual perpetrators, who see some risk vs reward tradeoff for their bad behaviour.

Well, let’s be honest — users of VPNs regularly don’t know what they are doing, too.

Can’t count how often I‘ve heard otherwise technologically literate people saying how they use a VPN (NordVPN e.a.) because „something something security“.

• nijave

  yesterday at 5:11 PM

  Irony being trusting random VPN providers and arbitrary foreign (exit) countries potentially makes security _worse_ than without the VPN

  • stavros

    today at 7:09 AM

    Sure, but the laws weren't supposed to make you more secure, they were supposed to make "kids safer".

• autoexec

  today at 10:16 AM

  No surprise, "Something something security" is the exact promise of many youtube ads, often spoken by people who know better.

You don't need to burn books if you can just ban access to them!

Republican lawmakers, in this case.

How are vpns detected?

It seems it would be much more effective to regulate ISPs, requiring them to disallow users from accessing adult sites and VPNs without first verifying their age. This also wouldn't be a violation of privacy since you are already giving your ISP your physical address. The only place users would be expected to identify themselves is over public wifi.

20 years ago the boogeyman was "the terrorists!" And now the boogeyman is "not the children!!" Or "immigrants!!" Depending on your audience's political views, but the ultimate goal is more surveillance, more control and more power abuse by who’s in control.

• tim333

  yesterday at 11:17 PM

  That doesn't match what I've seen in UK politics.

  • hdgvhicv

    today at 9:57 AM

    https://www.bbc.co.uk/news/articles/cn438z3ejxyo

    https://www.bbc.co.uk/news/articles/c0epennv98lo

    https://www.lbc.co.uk/article/digital-id-cards-ill-stop-ille...

    Terrorism still crops up occasionally but the rhetoric has certainly expanded.

    • tim333

      today at 10:09 AM

      I was querying that the motivation is control and power abuse more than protecting children. I live in the UK and know people that go into politics. A lot want to protect children. People can be over cynical about assuming everyone is evil.

      • stephen_g

        today at 12:54 PM

        Maybe “simple and easily manipulated” is better. The driving force behind the UK’s “child safety” push seems to be mostly because there was “enormous potential across the Safety Tech sector … to foster the development of sustainable, high-tech companies across the country” [1].

        Don’t be deceived - huge amounts of lobbying went into this, because some savvy entrepreneurs saw a market to sell age-verification services. The key driver behind the laws is more about creating that market than actual child protection - if they were actually interested in that, they wouldn’t be pushing things that are clearly so ineffective (but expensive).

        1. https://www.gov.uk/government/publications/safer-technology-...

      • autoexec

        today at 10:31 AM

        If the people you know are supporting and expanding mass surveillance you can bet that it's because they want control and power and not because of how much they want to protect children. Not everyone is evil. People who want to surveil and censor everyone are though. If they actually care about children they'll be trying to protect those children from such impositions on their freedom.

• astroflection

  yesterday at 4:17 PM

  https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...

I wonder if all of the journalism on Epstein would be considered "Sexual content" and if journalists would be forced to self-doxx to report in these states

Couldn't all of this be handled by META tags, request/response headers and some "they'll obviously do it" laws aimed at operating systems, device manufacturers and browser companies?

I've been thinking a lot about VPNs lately, mainly for 2 reasons:

1) In my home state I can no longer access Pornhub

2) Last month I visited Mississippi and could not access BlueSky, even though I can from my home state.

[I personally blame this on the "holier then thou", "don't tread of me" conservatives who cannot resist the urge to try to rule over the activities of others.]

I haven't selected a VPN provider because I have heard that a lot of websites create barriers to people who use VPNs. For example, I've seen people say that couldn't access Reddit via a VPN.

• tim333

  yesterday at 11:13 PM

  I've not had much problem. Never had that problem with Reddit. I use the free veepn browser extension.

  Accessing imgur from the UK has been a bit tricky. Sometimes they limit certain IP addresses like the US one usually doesn't work but the Singapore one does (slowly) for some reason.

• ThePowerOfFuet

  yesterday at 10:43 PM

  You can access Reddit from a VPN while signed into Reddit.

Lawmakers in general have less than one percent knowledge on what they make laws on. I look forward to them all logging in remotely after the ban.

The key change is needed with things such as meshtastic and lora. Taking things out of the hands of regulators is key

• codedokode

  yesterday at 10:16 AM

  They actually act perfectly rationally. Media post articles about how easy it is to bypass the law using VPN, mock the government, and what the law author should feel reading this? "Ok let them break the law"? Of course, the reasonable response is to close the loopholes.

  • ktallett

    yesterday at 8:25 PM

    The issue is tech isn't as simple as that, vpn's are key in many jobs, are they banned? It is the same issue when they ask for backdoors in every messaging app. It is rational if you don't think any deeper than surface level but once you dig an inch deep, it is clear why it isn't rational.

    • codedokode

      today at 12:13 PM

      > they ask for backdoors in every messaging app

      Being a devil's advocate, you already entrust the government to register your property, issue your money, prosecute you for wrongdoing (including death penalty) and send you to the war. Your data is already collected and sold by thousands of data brokers. What are you losing by having a backdoor that would be used only in strict accordance with the law (laws being created by your elected representatives) and only for legal purposes? You must comply with the law anyway, no matter if the government can or cannot see what you are doing.

      If you truly believed in democracy and rule of law in your country, you would have no doubts and volunteered to install the backdoor yourself.

    • codedokode

      today at 12:06 PM

      The companies using VPN for work can file an application for an white list exception, if they provide an application with a list of employees having access. I think this is how it works in my country. You are making an elephant from a fly (proverb meaning exaggerating minor issues).

      For better security, a signed obligation to observe law might be collected from every employee, and an access log kept, with records signed by company's digital signature.

    • duskdozer

      today at 6:45 AM

      Some company would surely jump in and get an exception written for certain corporate VPNs. But if not, it can be that those who contribute to the right people get exceptions and those who don't, don't. Rational or logical consistency just....don't have to apply

• greenavocado

  yesterday at 2:53 PM

  As a rule, criticism of the ruling elite will never be tolerated in the long term. The Internet was free and unrestricted until the masses shifted their attention to it, at which point, the ruling elite cracked down on it in order to maintain their hegemony by maintaining the ignorance of the masses, which they see as cattle to be herded and milked and sacrificed ritualistically from time to time for their internal social bonding purposes.

• tonyedgecombe

  yesterday at 12:00 PM

  I think they know exactly what they are doing. This isn’t the nineties anymore. Which makes it even worse.

  • jkestner

    yesterday at 5:04 PM

    But our gerontocracy is still living in the nineties (if we’re lucky).

>Businesses run on VPNs. Every company with remote employees uses VPNs. Every business traveler connecting through sketchy hotel Wi-Fi needs one. Companies use VPNs to protect client and employee data, secure internal communications, and prevent cyberattacks.

Oh look, someone's conflating business VPNs and consumer VPNs again. This time to legitimize consumer VPNs.

The cited laws propose to ban pornography for minors, and ban VPNs that hide geolocation and their use in accessing pornography. Nothing to do with businesses using private VPNs to encrypt employee traffic.

>Vulnerable people rely on VPNs for safety. Domestic abuse survivors use VPNs to hide their location from their abusers.

Woah, maybe VPNs have some uses I haven't considered, let's take a look at the linked article.

>Use a virtual private network (VPN) to remain anonymous while browsing the internet, signing a new lease or applying for a new home loan. This will also keep your location anonymous from anyone who has gained access to or infiltrated your device.

I think the loan thing is rubbish I don't get it, and it's unaffected by the law. But the idea of installing a VPN in case the device is compromised might make sense, if the device is compromised it might still be trackable, especially while downloading the VPN, but maybe if it connects at startup, and the RAT isn't configured to bypass the VPN bridge, it might work.

Quite a stretch if you ask me. And again, not relevant to adult sites blocking VPNs.

The rest of the example are the usual "people use it to evade the government and regulations but it can be THE BAD GOVERNMENt AND REGULAtiONS"

• skeledrew

  yesterday at 3:34 PM

  The only way to block a VPN is to have the knowledge that certain IPs are used by VPN providers. It's pretty trivial for someone to run a script/app that spins up a server somewhere, installs VPN software on it, and uses that for the connection. Now there's no way to separate whether a user is connecting via a VPN or not.

  • TZubiri

    yesterday at 6:32 PM

    Is this related to my comment at all? I do have another comment about the technical feasibility of this ban though.

  • SpicyLemonZest

    yesterday at 4:44 PM

    It's pretty trivial for you or I. The average 12 year old who this law aims to protect doesn't know how to do that.

    • dreamcompiler

      yesterday at 5:04 PM

      Never underestimate the work ethic of a 12 year old who wants to look at porn.

    • nijave

      yesterday at 5:15 PM

      I wouldn't underestimate 12 year olds. It's not hard to find an online community (chatroom/message board) where other members post this stuff.

      It's also pretty trivial to wrap in an app

      Source, I was setting up home proxies so classmates could access Flash games on school computers when I was 12...

    • etchalon

      today at 6:05 AM

      At 11 years old, I was dialing into BBS' to download images I'd print for my friends.

      Kids are resourceful.

    • TZubiri

      yesterday at 6:33 PM

      I think you misunderstand the comment you are replying to, it's talking about the perspective of the sysadmin of the adult website, and how it would detect a VPN user.

"Here's what happens if VPNs get blocked: everyone has to verify their age by submitting government IDs, biometric data, or credit card information directly to websites-without any encryption or privacy protection.

We already know how this story ends. Companies get hacked. Data gets breached. And suddenly your real name is attached to the websites you visited, stored in some poorly-secured database waiting for the inevitable leak. This has already happened, and is not a matter of if but when. And when it does, the repercussions will be huge."

Then

"Let's say Wisconsin somehow manages to pass this law. Here's what will actually happen:

People who want to bypass it will use non-commercial VPNs, open proxies, or cheap virtual private servers that the law doesn't cover. They'll find workarounds within hours. The internet always routes around censorship."

Even in a fantasy world where every website successfully blocked all commercial VPNs, people would just make their own. You can route traffic through cloud services like AWS or DigitalOcean, tunnel through someone else's home internet connection, use open proxies, or spin up a cheap server for less than a dollar."

EFF presents two versions of "here's what will happen"

If we accept both as true then it appears a law targeting commercial VPNs would create evolutionary pressure to DIY rather than delegate VPN facility to commercial third parties. Non-commercial first party VPNs only service the person who sets them up. If that person is engaged in criminal activity, they can be targeted by legislation and enforcement specifically. Prosecution of criminals should not affect other first party VPNs set up by law-abiding internet users

Delegation of running VPNs to commercial third parties carries risks. Aside from obvious "trust" issues, reliability concerns, mandatory data collection, potential data breach, and so on, when the commercial provider services criminals, that's a risk to everyone else using the service

This is what's going on with so-called "Chat Control". Commercial third parties are knowingly servicing criminals. The service is used to facilitate the crime. The third parties will not or cannot identify the criminals. As a result, governments seek to compel the third party to do so through legislation. Every other user of the service may be affected as a result

Compare this with a first party VPN set up and used by a single person. If that person engages in criminal activity, other first party VPNs are unaffected

EFF does not speculate that third parties such AWS, DigitalOcean, or "cheap server[s] for less than a dollar" will be targeted with legislation in their second "here's what will happen" scenario

Evolutionary pressure toward DIY might be bad news for commercial third party intermediaries^1

But not necessarily for DIY internet users

1. Those third parties that profit from non-DIY users may invoke the plight of those non-DIY users^2 when arguing against VPN legislation or "Chat Control" but it's the third parties that stand to lose the most. DIY users are not subject to legislation that targets third party VPNs or third party chat services

2. Like OpenAI invoking the plight of ChapGPT users when faced with discovery demands in copyright litigation

• 1vuio0pswjnm7

  today at 9:50 AM

  Commercial third parties intermediating use of the web don't solve problems of "privacy"

  They might interfere with the businesses of other third party intermediaries like "Big Tech"

  Paying the middleman (intermediary) might in theory discourage it from conducting commercial surveillance but it doesn't solve the problem presented by using third parties as middlemen

  The possibility to profit from surveillance remains

  An effective solution would remove the possibility, and thereby the incentive, by removing the third party

• scrps

  today at 6:03 AM

  Preexisting solutions to future problems! Thanks to AI (mostly) botnets specifically for renting residential IPs have multiplied since most commercial VPN IP blocks get rate-limited, captcha'd, outright blocked which got even worse with AI.

  People causing shenanigans using residential IPs if they ban VPNs is gonna lead to a lot of kicked doors, red herrings, lawsuits, and very probably ballooning budgets and will yet again fail to stop Bad Things™ not that it was really designed to anyway. I wonder if they think this is a good idea because they have machinations or is it just that they are clueless wealthy dinosaurs corrupting a future that isn't theirs?

• today at 8:08 AM

>So when Wisconsin demands that websites "block VPN users from Wisconsin," they're asking for something that's technically impossible. Websites have no way to tell if a VPN connection is coming from Milwaukee, Michigan, or Mumbai. The technology just doesn't work that way.

https://youtu.be/Pr4v725LPOE?si=ih3gfTSpiHumtrFs&t=79

"That's not how apps work"

"Then make it work you think we are stupid but we are not, we know" VPNs have something to do with IPs which are necessarily geolocatable , and also users need to make an account to connect to a VPN, you can just ask them what country and State they are in.

Being willfully obtuse draws no sympathy, and will not exclude companies from compliance

• Ukv

  yesterday at 2:43 PM

  > VPNs have something to do with IPs which are necessarily geolocatable

  The website (which is the party these obligations are being placed on) could geolocate the VPN IP, but that wouldn't tell them where the user is actually from.

• VortexLain

  today at 9:59 AM

  They probably know that the technology doesn't work this way. But such law will force websites to block ALL VPN connections even for users not from Wisconsin, and that's the plan.

• nijave

  yesterday at 5:37 PM

  IPs aren't necessarily even geolocatable. Sometimes they are, sometimes AT&T Mobile routes you six states over and exits through a CGNAT IP

  • TZubiri

    yesterday at 6:37 PM

    IPs are geolocatable yes, not with a perfect accuracy, but with a jurisdictional accuracy.

    First of all, IP addresses are issued in blocks and the IPs are distributed within regional proximity. This is how connections are routed, a router in say, Texas, knows that it can route block, say 48.88.0.0/16 to the south to mexico, 48.95.0.0/16 to the west to Arizona, and so on.

    whois/RDAP data will tell you the precise jurisdiction of the company that controls the block. It's entirely sensible to use that for geographic bans, the mechanisms are in place, if they are not used, a legislative ban will force providers to use that mechanism correctly. I wouldn't say it's trivial, but it what the mechanism has been designed to do, and it will work correctly as-is for the most part.

    • nijave

      yesterday at 6:51 PM

      I know how it works. I know how it doesn't.

      In the context of jurisdiction within a state in the U.S., I don't think it's accurate or reliable enough when taking mobile phones into account.

      Country-level is much more accurate

    • SirMaster

      yesterday at 8:58 PM

      How is that accuracy when it comes to IPv6 though?

• cestith

  yesterday at 4:11 PM

  What if your geolocated IP is from … a VPN? Maybe one outside the jurisdiction of the law?