This is a most excellent place for technology news and articles.
If that happens I'm gonna buy a foreign VPN with Monero. Fuck you I'll never let you strip my anonymity. Unles they implement a way for the age verification to be anonymous and only send a token that says 18+ (yes/no)
Realistically speaking, if VPNs do get banned de jure, how will they enforce it? If forced to, will ISPs catch you sending traffic towards a VPN (not what traffic you're sending)?
Age verification is a parents job, not yours.
And yes, the tooling for it sucks.
They were always going to come after VPNs, they just had to ram something through like age verification for protect the kids to make it happen.
Which "British research firm" labels them a loophole?
The paper is from the European Parliament Research Service, which is an in-house EU Parliament service. And the "briefing" they published has a section titled "A loop hole that needs closing" that starts "Some argue that this is a loophole in the legislation that needs closing and call for age verification to be required for VPNs as well". The words "Some argue" are a hyperlink to a South African news article / opinion piece by some random journalist who writes in a slightly snarky way about VPNs allowing people to bypass the Online Safety Act.
So the TomsHardware article is nonsense - it's an EU briefing paper which seems to think a random south african opinion piece counts as "research". No British research firm, and in fact no real research at all - just crap layerd on crap and making it's way into a crap briefing paper. If this is the quality of the information been given to MEPs, EU citizens should be worried.
Links:
This is what I love about the fedverse. People directly calling out such crappy articles that just spread misleading information for the sake of whatever.
Tom's Hardware should be banned for their trash-tier status. Not only poor journalism, but hostility to users through things like hijacking your back button.
They're not "coming to VPNs" as the notion of VPNs would make it impossible to implement.
Is it not possible to require Proton, Mullvad, etc. to verify your age before doing business with you?
Would most privacy oriented VPN companies like that in privacy friendly countries comply? Doubtful. And most don't keep logs so good luck to governments finding out anyone who didn't verify age.,
However, such efforts are technically flawed because the only reliable method for identifying VPN protocol signatures is deep packet inspection at the network level, which the EPRS paper doesn’t mention.
I mean, you can tunnel whatever over whatever. You can tunnel a VPN over anything else that's encrypted, so unless you also want to ban SSH and HTTPS connections and suchlike (well, okay, for UDP-based VPNs, you'd probably prefer something UDP-based, but I think that the point stands), you're going to have trouble, say, blocking OpenVPN connections.
Tor exists for the explicit purpose of not being blocked.
Maybe you could try to characterize VPN traffic and do traffic analysis without being able to look inside the encrypted payload, say "VPN traffic tends to look like this", but again, it's not that hard to add noise to the signal.
And you don't even mostly need a full-on VPN for most of this, since it's mostly just people trying to access Web services.
Get yourself any Linux system in some less-restrictive location (which I'll call server) running OpenSSH. SSH into it from client like so:
[tal@client ~] $ ssh server -N -D127.0.0.1:1080
On the client, install the Proxy Toggle Firefox plugin. Set it to use localhost, port 1080 as a SOCKS5 proxy. Click the toolbar button to toggle on proxy use. Now all your browser traffic is coming from that remote server. All a network provider can see is an SSH connection. Click again, and you're back to normal mode.
But tal, that's complicated. Some people won't know how to use SSH.
So is virtually everything that a computer does. Raytracing. Image composition. Decoding discrete cosine transformation encodings. Rendering real-time video game worlds. If there's a need, someone goes out and writes software that makes it easy for the end user. And if you create a situation where there is an unlimited quantity of stuff that a lot of end users want access to behind a wall which someone can make a one-click program to bypass, it's probably a reasonably safe bet that that those one-click programs are going to show up.
There is no loophole that can be trivially closed here. It's a fundamental limitation
if users are going to be able to send traffic that you cannot inspect the inside of
and avoiding that would mean encryption spanning your borders being disallowed, which you probably do not want
then they can appear to be coming from wherever in the outside world they want.
And plenty of people pointed out that this was a problem before age-verification stuff was put into force. This isn't a situation where one just does the thing and there are a few lingering minor issues to iron out. It's fundamental to the concept of doing age verification.
But voters don't want their kids seeing porn.
Well, frankly, if said kids have Internet access and they want to see porn, they probably are going to be able to see porn or otherwise enjoy use of the least-restrictive set of rules out there. That's part of having a world-spanning network where people can communicate with each other. There is going to be blasphemy and pornography and political extremism and stuff saying that Santa Claus doesn't exist out there. Some of that is going to be material that doesn't conform to the set of social norms where you live and will conform to social norms elsewhere in the world. I don't personally see that as all that catastrophic.
Theoretically - yes there will be some loophole to do some stuff online. Something tells me people don't exactly want to pay for gigabit connections and then be forced to tunnel through kilobit loopholes. Look at north korea to see the end goal, look at iran to see phase 3, look at russia to see phase 2, you are currently in phase 1 of the plan to isolate the internet.
Tor also has been banned in authoritarian shitholes for ages. New bridge IPs pop up and get banned daily. Good luck getting a working bridge in the first place, too.
Just gonna say that the Tor situation in such places is actually not as bad as you say. Look at what the Tor project did in Russia when it tightened internet control: it brought new tech out of beta, implemented a couple of changes, and restored connectivity to any decently techy person. The only thing that authoritarian states have shown us is that there will always be a loophole, hell, even when that loophole is considered illegal, its still there and is still used. The only way to truly control the internet is to kill it, otherwise there will always be someone smart enough and motivated enough to beat whatever restrictions are put in place.
Reform got a shitload of votes in this week's elections, and one of their few actual policies is repealing the online safety act, so it's not even particularly safe to say that voters don't want their kids seeing porn if it means it's any more inconvenient for adults to see porn.
Also no one wants their driver's license in a porn website breach
One other note: One of the first conversations on here I had was when Ada, the lemmy.blahaj.zone admin, was talking to some gay guy in some Middle Eastern country where content related to homosexuality were banned. The lemmy.blahaj.zone instance was blocked at his country's network, but he could view the text content from any other home instance (since any accessible home instance on the Threadiverse itself intrinsically basically acts as a proxy for the content on other instances). I remember pointing out that he could tunnel via SSH. His problem was that he couldn't view images, since the images were hosted on the lemmy.blahaj.zone server, but these days, some lemmy home instances (including my home instance, lemmy.today) automatically locally proxy images posted elsewhere to hide the IP address of their users, so he wouldn't even have that problem now.
Get yourself any Linux system in some less-restrictive location
Now you have a fixed IP. You need a VPN afterwards to be anonymous. But don't expect the other location to not report this VPN connection back to your country. Otherwise you can expect the location to be banned from doing business with your country.
Also, I don't of any VM provider that doesn't require some sort of I'd already, at least an email address.
Incognet.io. They require an email, but they are perfectly happy to accept privacy masking emails just as long as they can get communications to you. They don't care.
I know they do domain hosting, and I am pretty certain they do VMs as well, and you can pay for them with Monero.
Can parents not parent?
That was never the issue. They want to control other people's kids
It wasn't about parenting it was about eradication of gay and trans people.
In this economy?
Putting aside that the whole protect the children act is just a premise to kill anonymous browsing, a lot of people are in a situation were they need to work multiple jobs to make ends meet. Parenting is literally a luxury at that point. Which coincidentally is also the reason birthrates in the developed world are plummeting.
No. They can't.
This is the creeping fascism America is trying to warn you about. We seem to be going down this road as well.
A reminder that Tor's Snowflake exists, and running a node can help and is as easy as just installing a browser extension and never thinking about it again.
oyy guv, you got a license for them bits?