Ok, so basically when your computer uses a VPN it just connects to a VPN server over the Internet using an encrypted TCP/IP or UDP/IP connection. On your computer side all your connections to the Internet just get shoved into that encrypted tunel instead of going directly into the whole wide world from your own network connection so nobody but that server sees those connections, whilst on the VPN server side they’re recieved from that tunel and then exit to the whole wide world from that VPN server as if they’re actually connections initiated by that, so nobody else but that server knows that they are in fact connections you via an encrypted tunel.
Nations with nation-wide firewalls can try and block VPN by blocking the actual encrypted network connections to VPN servers (there are ways to recognize those, but there also ways to disguise them), but for websites to block them (which is what this legislation demands) the websites have to block the actual VPN servers since they have no way to know whose really behind those connections as all the sites see is connections which seem to originate in those servers as they have only the power to interfere with the traffic coming to them, not traffic elsewhere on the Internet (such as the encrypted connections from customers of VPNs)
Now, there are lists of the IP addresses of the exist points of VPN providers, which are the IP addresses were the traffic of somebody using that VPN enters the Internet, so to try to comply with this legislation those sites would start by blocking all traffic from any of those IP addresses - remember those websites don’t know were the traffic coming from a VPN server to that website really comes from, so they can’t tell traffic from people in Wisconsin from traffic from people elsewhere hence have to block everything to catch everybody from Winsonsin.
This would affect everybody anywhere in the World using those exit points of those VPN providers since those sites can’t really tell where exactly in the World is somebody whose traffic is coming from those VPN exit points.
Then there’s the problem that the legislation applies to all VPNs, not just commercial VPN providers, meaning that the websites would also theoretically have to block VPN servers from business VPNs (and given how the networks of many large companies work, that might mean blocking the entire company) as well as thing like schools using VPNs and, even more entertaining, VPNs set up by individuals by, for example, renting a Virtual Private Server and installing a Linux there running their own VPN server or even installing the VPN server software on something like Amazon AWS or Microsoft Azure, which mean they might have to block every single IP address of any provider of VPS servers anywhere in the World (as any Wisconsian could, theoretically, over the Internet rent a chea VPS in, say, Malasia, and install a Linux with a VPS server there) as well as of all AWS and Azure servers since again any Wisconsian could theoretically run their own personal VPS server there.
So this legislation is totally insane in several ways.
Godort@lemmy.ca 1 day ago
Generally, they know you’re using a VPN because of where your traffic is coming from.
They probably block Digital Ocean’s IP pool as a whole as it’s often a hub for cybercrime and it would only affect a fraction of users.
muusemuuse@sh.itjust.works 1 day ago
The thing is, VPNs won’t protect your privacy much. Browser fingerprinting technology has achieved its goal. True anonymity online is damn near impossible now.
VPNs are able to help circumvent authoritarian bullshit by making the traffic appear to come from somewhere else. So states that implement laws banning what is essentially protected speech aren’t able to really be effective in their efforts because the people that live there just rote their traffic outside the state the have it all bounced back in. Banning VPNs would help them censor anything they consider porn.
That’s the real danger. A teenager jerking off is not the concern. It’s the excuse.
I wonder, what if we end run this with the cheap GPUs about to hit the market once the AI bubbles pop? Just set up a bunch of Remote Desktop instances people log in to pull shit up on and stream that to the browser. When they disconnect, nuke the container and pull the instance up again, route everything again. It’s basically Netflix of a remote session. And if they ban that, it would invoke the wrath of some incredibly powerful industries.
All because naked people are scary.
acosmichippo@lemmy.world 1 day ago
except for traffic that does not come from a web browser at all. like API calls to download linux ISOs.
muusemuuse@sh.itjust.works 1 day ago
Linux distros are incredibly dangerous for children. They teach them they have options. It’s incredibly dangerous. We much protect them. For the
childrenshareholdersAceticon@lemmy.dbzer0.com 19 hours ago
Given that the only way for those websites to block VPN traffic is to block the IP addresses of all known VPN exit points, what you would see is first the VPN providers regularly rotating those IP addresses, and second people simply setting up their own VPN servers software in rented VPS in cloud providers anywhere in the World.
You don’t need a full blown remote session, just a VPN server with an IP address which isn’t yet blocked by such a site.
Now, the sites might try and block this by only allowing in connections from know ISP blocks of addresses (which would theoretically only be direct connections from individuals not using a VPN), but that’s way less reliable than merelly lists of IP addresses of the VPN servers of big providers, plus it would block thing such as the entirety of Amazon AWS.
muusemuuse@sh.itjust.works 16 hours ago
They don’t care if it’s reliable. Timmy saw boobs!
Tanoh@lemmy.world 1 day ago
There are lots of companies selling data, just one of them is a list of known VPN IP addresses. Updated every X days. Just plug that into your service and it gets a lot harder, but still not impossible, to use with a VPN.