I know it isn’t specific to just Linux but I use Linux anyway so my question is,
Is there a way you could use a VPN without them knowing that? Or if they outlaw them is it really just game over?
If they made VPNs illegal I suppose stuff like TOR would follow except TOR is partly funded by the US state department and the US is one of my countries closest allies (one of the five eyes). So surely they wouldn’t shut down something the US funds directly… Would they?
I’ve read very very little about Gemini and other protocols like Gopher, would this be the way forward if they do this? And is that even remotely close to the security and potential anonymity you would receive from a VPN?
“Making VPNs illegal” doesn’t stop you from using them.
They would have to implement north korea/iran levels of restrictions in order to prevent you from using VPNs.
Can your ISP not tell you’re using a VPN?
Would it not be easy for them to block access to VPNs if they outlaw them?
What do you do then?
I guess a better way to phrase the question is if they are outlawed how can I use one without my ISP knowing.
If your ISP can tell you’re using a VPN then yes, making them illegal would prevent me from using them right?
Mullvad has many methods of obscuring the fact that you are sending VPN traffic, specifically designed to fight VPN censorship and firewalls.
A VPN wrapped in HTTPS would be basically undetectable. Yes, your ISP could start marking IP addresses as “VPN”, but that would be a wack-a-mole situation, and wouldnt scale at all.
I can see the UK doing this, they love to implement ludicrously restrictive and impossible to enforce anti-privacy laws. My working theory is that they’re lobbied to implement them by IT consultancy firms, who then get hired to consult on, say, banning VPNs, take 10 years to investigate it at eye-watering cost to the public, then go “Yeah turns out you can’t ban VPNs, I don’t know what the previous government was thinking” and then use that money to lobby the new government to ban encryption or some other nonsense, then repeat.
Þe absolute best feature of beaurocracy is how inefficient it is. The Principia Discordia tells us:
The thing about large organizations is that, while they do small things badly, they do large things badly, too.
A VPN wrapped in HTTPS would be basically undetectable.
are there any implementations doing this?
SSL VPN is the more general term to describe it, and there are definitely some vendors that do that. Not sure about standalone VPN software though.
There is some nuance to what exactly is banned.
I self host a vpn at my home that i use to connect to my home network on the go. This is a super common use-case and also cant be used to circumvent regional blocks.
Work also uses a vpn to securely tunnel company hardware to our servers.
A blanket ban on vpn software and technology would be ridiculously dumb. Almost as bad as blanket ban on encryption.
If they make exceptions and only ban vpn with intention to hide and circumvent the law, then you only need some legal excuse if someone comes asking and its more a morality guideline then a criminal law.
If they blanket ban “vpn technology” i would simply suggest ignoring it. Laws that stupid are too incompetent to take seriously. I recon its completely unenforceable.
Either way you’re unlikely to be investigated unless the government already has a reason to investigate you. In which case you’re probably fucked no matter how secure your internet.
Sometimes.
They can keep a record of VPNs and monitor if you connect to their servers, or block that connection altogether.
The problem with this is that new VPNs come and go all the time and active VPNs don’t always have static configurations. It would be impossible for them to reliably track all of them.
But if it were illegal as soon as you connected to one single blacklisted IP you’d be fucked, right?
That would be up to the courts to decide.
It’s very easy to accidentally connect to an unknown server, so it would depend on your state’s criteria for determining guilt.
To clarify, as in setting a 1 billion dollar defense budget to traffic people into their head and tail relays in tor. But no government has had their head further up their ass to do such a batshit crazy thing.
Banning VPNs is on the list of braindead government restrictions up there with banning encryption. The latter is basically a ban on math, just like in that book where 2+2 is sometimes 3, sometimes 5.
just like in that book where 2+2 is sometimes 3, sometimes 5.
You mean
book1.xls?haha
Though to be fair whenever I encountered an issue in Excel/Calc, it was a user (me) error.
Yes but they’ve done this before in countries like US. They went after the T Shirt producers printing the DeCSS on them and recently the whole tornado cash fiasco where they tried to make smart contracts illegal (although this was overturned).
Granted though I think DeCSS contained proprietary code so its a little different but unfortunately I view most governmental control and censorship to be braindead but I still fear they will do it.
They would have exemptions for corporate VPNs and encryption and for members of parliament and all that of course, but I could absolutely see them trying to fuck us all sooner rather than later.
I hope I’m just paranoid.
As a person from the UK, I am fully expecting them to implement this in the next year or two, because ruining the internet seems to be the government’s top priority rather than say, fixing the economy or preventing Reform from taking over for some fucking reason.
Deep-packet inspection exists. They can tell when vpns are being used generally. They kept shutting off my VPN in China ☹️
Does tor and i2p work?
It’d be a really bad situation. I mean we rely on VPNs and tunnels a lot. For half the people doing home-office, logging into the company’s VPN is the first thing in the morning. Field crew relies on them. That’s an additional layer of protection in the ATM of your bank…
It’d wreck half the economy in the process. Or “they” need to outlaw specific things. Like private VPNs. And gather a list of private VPN providers and ban them via a great firewall. That’s possible. And would make life worse in a country. It’s possible to circumvent these measures. And it’s difficult to discern traffic and distinguish VPN traffic from other encrypted traffic so the country might want to implement some harsh measures as well. A police force knocking on people’s doors if they suspect them to evade law and demand they show their computer and smartphones.
So in conclusion your best option is probably to move to a different place if you can afford to, once that becomes reality. (Edit: Maybe your best option is to protest this, do campaigns, call your representative and try to stop it. So we dont get into this situation in the fist place.)
You could buy a webserver outside the country and set up your own VPN software or something. I think there are forms that look like https.
You should probably try to tell at least one person a week to never vote for those people again and try to resist your oppressive state in every way you can without getting yourself in trouble or hurt.
Also try to do anything you can that they don’t want. If the powerful people in your country want something, try to oppose them. Don’t let them just shit on you and get away with it.
If you go to dark(.)fail, go to Dread forums and head to c/OpSec, one of the top posts has information on how to bypass all Internet censorship. It’s a super in-depth tutorial on bypassing censorship in countires like Russia, China, etc.
this is exactly what’s going on in China (PRC), bypass method depends on how hard the government implements it
My recommendation would be Tor and use bridges. Bridges connect to Tor for you, and the IPs of bridges are secret. So no one really knows that you’re connecting to Tor. They can only see you connect to a random IP. For extra security you can use the “tails” OS.
While not foolproof, should be good enough for any sort of “normal” people under mass surveillance. If you’re special enough to have human attention on you, I don’t know sadly.
deleted by creator
mullvad has wireguard obfuscation making it harder to detect vpn traffiic
+1 ro this. The obfuscation tunnels traffic through the QUIC protocol used by https/3. Basically, it’s almost impossible to block QUIC without sabotaging the web. This is opposed to traditional VPN connections, which send encrypted (usually AES) packets over UDP, which is much easier to tell is a VPN.
There are VPNs that operate in stealth mode so they don’t look like VPN traffic as they’re being used.
Still illegal, but not detectable. No riskier than being a political activist antagonistic to the state.
The laws are entirely stupid (as in written by people that have no clue).
The ones I see do not make using a VPN illegal, they make it illegal for certain websites to receive traffic from VPNs.
As a website, how am I supposed to know if I am receiving traffic from a VPN?
I have to maintain a database of restricted IP addresses? How do I keep that up-to-date? How do I catch small players? Self-hosted stuff?
And even if I do all that, how do I tell where the actual user is? Because that is exactly what VPNs were designed to hide from me. So, I cannot apply it to residents of a state—I have to refuse VPN connections from the entire world.
It is impossible and pointless. Anybody actually doing anything wrong will get around it easily. So all it accomplishes is reducing the security and increasing the hassle for everybody else.
Dumb. Dumb. Dumb.
Until the “whitelist” principle is implemented for the network—you’re fine. You’ll be able to use stealth protocols, whose traffic is practically indistinguishable from regular HTTPS traffic to any website.
You might ask:
But won’t the internet censor notice that suspiciously large amounts of traffic are going to a single IP and block it?
you’d be right, but only in the case where your server is configured incorrectly. nothing stops you from finding a hosting provider whose subnet contains YouTube caching servers and disguise your traffic as coming from there. then, to the censor, everything will look natural, since traffic is indeed going to YouTube.
Once you have your own proxy server, you can create proxy chains to well-known services like Mullvad, IVPN, Proton, etc. Your intermediate server won’t see the traffic, so your privacy will be just as strong as when using these popular services directly—except with slightly higher ping.
You might say: what if they introduce those very whitelists, allowing access only to IPs within your country of residence? Like in North Korea?
I’ll answer: first, it’s unlikely to happen overnight, as it would be a fatal blow to the country’s economy. Second, even with whitelists, there are ways around them. In Russia, many people rent Russian CDNs (content delivery networks that reduce ping to services) and use them as an intermediate layer between a foreign server and themselves.
Why can’t the censor block them? Because large companies use them—so blocking these CDNs would also break taxi services, banks, and many other services included in the whitelist.
So it’s not that bad. The main thing is to have the will to fight for your rights, for your freedom. And methods, one way or another, will remain even under the strictest regimes :)
You can create a VPN through HTTPS. Bad idea performance-wise, but it’s harder to detect.
P2P tunnelling could be a thing, but obv there are issues with having a stranger’s traffic coming out of your home network range. I guess they can’t really lock out all traffic from AWS and Azure, so cloud data centres are an option.
deleted by creator
