Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
kstrauser 11 hours ago

This is the stupidest idea I’ve heard recently. Way to go, Utah.

My home router has a built in VPN server. When I’m out running around, my iPhone can route traffic through my house. Pray tell, o sage Utah legislature chucklefucks, how is anyone expected to tell that I’m accessing a website from a hotel in Berlin instead of my house in California? (Which is why we used it last time: I configured my travel router to use that same VPN so we could watch American Netflix at night before bedtime when we just wanted something familiar to relax with.)

Honestly, this is the new “pi equals 3” legislation. “Let’s make laws codifying technical ideas we clearly have no freaking clue about”.

Again, way to go, Utah.

jeroenhd 11 hours ago | parent [-]

> how is anyone expected to tell that I’m accessing a website from a hotel in Berlin instead of my house in California

Remote attestation in combination with location access as a start. DPI on TCP/UDP timinings/round trip time measurements for distant locations, combined DNS leak detection to catch bad VPNs. Use browser APIs to detect WiFi vs mobile data to let some 2G users through. IPv6 accessibility checks to catch many other VPNs.

There are always technical means, as the more restrictive streaming services like to prove. There are many, many more ways websites can verify that users are not on a VPN that most websites don't bother with, and until they all do and people still use VPNs, legislators will find ways to punish websites.

The real end goal isn't to block content these people dislike within their state, of course. The goal is to go after the existence of adult websites and, in worryingly more common cases, websites discussing basic LGBTQ topics.

kstrauser 11 hours ago | parent | next [-]

No. That’s how someone with pervasive access to Internet infrastructure could tell when I’m on a VPN. It’s impossible for a given website to tell that I’m accessing it over a VPN. Not difficult: impossible. It cannot be done.

ijk 10 hours ago | parent [-]

So the individual website has to subscribe to the surveillance operator's IP location verification service, or be fined.

kstrauser 9 hours ago | parent | next [-]

Basically. Party of small government, my ass.

Edit: actually, not even then. In my home VPN scenario, the IP is a legitimate residential connection.

zeafoamrun 9 hours ago | parent | prev [-]

This is exactly it. Compliance is a big business. When your company's lawyers tell you you've gotta do something then you do it. Half my team is wasting time on this bullshit and big money is getting paid to those who make the lists.

lstodd 10 hours ago | parent | prev [-]

Technical measures while technically existing failed first in China and then in Russia lately, Russian authorities recently all but admitted that they can not block xray+reality-style VPNs (which were and are developed in China to go over their "great firewall") and now talk about a blanket ban on foreign traffic and basically a whitelist for internet.

The goal is always a perception of control of public narrative. Those people deeply care what "masses" think of them. That they measure mostly by sampling more or less public media (and I actually worked at a company in 2010s which was selling exactly that). And when they don't like what they see, they try to fix that by controlling that media, up to and including banning the whole world.

That is what is happening with all this protecting the children stuff.