Skip to content

UK households could face VPN 'ban' after use skyrockets following Online Safety Bill

Technology
360 222 10.9k
  • @arc99

    I said (picture) your deep inspection falls short to real end 2 end. You said your firewall can break end 2 end ... nope they can't and never will and you exactly said this in your last post too. (Sidenote -> i can gpg a text and post it public even with https .. for 99% it will be giberish and only the person who got the right key material will be able to read it ) ... so using deep package inspection to identify something you want to protect kids from is just a lie ...

    Link Preview Image

    I honestly do not know what you are saying. Deep packet inspection through a firewall that does mitm interception demonstrably happens. It is not up for debate.

  • I honestly do not know what you are saying. Deep packet inspection through a firewall that does mitm interception demonstrably happens. It is not up for debate.

    @arc99 you still don't understand end 2 end encryption. Yes man in the middle decryption can be done. First for this to happen you need to accept the certificates of the firewall ( which in terms of a home PC you can't force anyone to do ). Second even if you can encrypt the https packets , you can still put an additional layer on top which only you and the reciever has the keys too.

    To give you an example you can easy write down a base64 encoded binary blob in any text field on a website. If this binary blob has been encrypted before noone will be able to tell what is inside.

    So breaking https is useless if someone really wants to hide informations. So no your deep packet inspection is totally useless in this case besides you know someone did put strange stuff in a text on a website.

  • No. They could put it into a review and quietly shitcan this. It's not particularly popular. They just want to say they're protecting kids.

    They're spineless and Keir is an authoritarian.

    "Oh, i see. You want to help paedophiles do you? Why do you hate children then, hey? Of course keef comes out to help the Jimmy Savile brigade again."

    Congratulations, you just lost the media narrative and now all but one paper is going to write about how all the things that hurt every child in the UK is your fault, for the next 3 years. The whole system is compromised and they're passengers, only a little more engaged than we are.

  • "Oh, i see. You want to help paedophiles do you? Why do you hate children then, hey? Of course keef comes out to help the Jimmy Savile brigade again."

    Congratulations, you just lost the media narrative and now all but one paper is going to write about how all the things that hurt every child in the UK is your fault, for the next 3 years. The whole system is compromised and they're passengers, only a little more engaged than we are.

    Not really the narrative. Reform opposes it and Tories likely will. Only Lib Dems will complain and media ignore them anyway.

    Our media are bad, but not that tabloid.

  • Yeah, businesses will not accept this. Remote work and remote connections rely on VPN for ALL KINDS OF SHIT. If you must adhere to some kinds of government compliance, it is even MANDATED BY THE FUCKING GOVERNMENT. Explain to me how the hell that is going to just poof and not cause all kinds of problems.

    You don't get it. They will just force VPNs to black list sites. Business users will happily do it because they don't care about porn anyway. Any VPN which doesn't enforce UK laws will be blocked at the ISP level.

  • @arc99 you still don't understand end 2 end encryption. Yes man in the middle decryption can be done. First for this to happen you need to accept the certificates of the firewall ( which in terms of a home PC you can't force anyone to do ). Second even if you can encrypt the https packets , you can still put an additional layer on top which only you and the reciever has the keys too.

    To give you an example you can easy write down a base64 encoded binary blob in any text field on a website. If this binary blob has been encrypted before noone will be able to tell what is inside.

    So breaking https is useless if someone really wants to hide informations. So no your deep packet inspection is totally useless in this case besides you know someone did put strange stuff in a text on a website.

    No, YOU don't understand end to end encryption, and you don't understand browsers. You say you could "write down a base64 encoded binary blob on a website". Yes you could and how do you decrypt it? The asnwer is with a key (asymmetric or symmetric) that the recipient must have in memory of the receiving software - the browser that the filter has already intercepted and compromised. So "moar layers" is not protection since the filter could inject any JS it likes to reveal the inner key and/or conversation. It could do this ad nauseum and the only protection is how determined the filter is.

    But this is also a nonsense argument just on a practical level. The problem is kids connecting to adult websites, or websites with some adult content. The filter doesn't need to do much - either block a domain outright, or do some DPI to determine from the path what part of the website the browser is calling. The government thinks it reasonable that every single website that potentially hosts adult content should capture proof of identity of adults. I contend that really the issue is kids having access to those websites at all, and that proxies can and would be a far more effective way to control the issue without imposing on adults. No solution is perfect, but a filter is a far more effective way than entrusting some random website with personal information. Only this week somebody found an app that was storing ids in a public S3 bucket compromising all those users. Multiply that by hundreds, thousands of websites all needing verification and this will not be the last compromise by any means.

  • No, YOU don't understand end to end encryption, and you don't understand browsers. You say you could "write down a base64 encoded binary blob on a website". Yes you could and how do you decrypt it? The asnwer is with a key (asymmetric or symmetric) that the recipient must have in memory of the receiving software - the browser that the filter has already intercepted and compromised. So "moar layers" is not protection since the filter could inject any JS it likes to reveal the inner key and/or conversation. It could do this ad nauseum and the only protection is how determined the filter is.

    But this is also a nonsense argument just on a practical level. The problem is kids connecting to adult websites, or websites with some adult content. The filter doesn't need to do much - either block a domain outright, or do some DPI to determine from the path what part of the website the browser is calling. The government thinks it reasonable that every single website that potentially hosts adult content should capture proof of identity of adults. I contend that really the issue is kids having access to those websites at all, and that proxies can and would be a far more effective way to control the issue without imposing on adults. No solution is perfect, but a filter is a far more effective way than entrusting some random website with personal information. Only this week somebody found an app that was storing ids in a public S3 bucket compromising all those users. Multiply that by hundreds, thousands of websites all needing verification and this will not be the last compromise by any means.

    @arc99 the same way as you did encrypt it ??? with ggp ?

    ???? the needed certificate are exchanged by for example a matrix / telegram or personal ????

  • Not really the narrative. Reform opposes it and Tories likely will. Only Lib Dems will complain and media ignore them anyway.

    Our media are bad, but not that tabloid.

    Why would the tories oppose thier own bill?

    I don't think you're fully aware of all the factors here.

  • Why would the tories oppose thier own bill?

    I don't think you're fully aware of all the factors here.

    Because they've always railed against the nanny state. Kemi is a dreadful populist. It isn't popular.

    You're simply making excuses for Keir and anyone that disagrees doesn't understand. Copium.

  • You don't get it. They will just force VPNs to black list sites. Business users will happily do it because they don't care about porn anyway. Any VPN which doesn't enforce UK laws will be blocked at the ISP level.

    I just don't believe that method will be as successful as you may think.

  • 289 Stimmen
    8 Beiträge
    17 Aufrufe
    ulrich@feddit.orgU
    As much as it may feel like it, Trump hasn't been President for the last 10 years.
  • Google tool misused to scrub tech CEO’s shady past from search

    Technology technology
    19
    1
    206 Stimmen
    19 Beiträge
    40 Aufrufe
    G
    Ok... Here's something you should know. What happened there was suppressing personal data from Google's search engine. In the EU, that is regarded as a fundamental human right. The "right to be forgotten" is exactly about hiding a shady past. The GDPR gives you the right to demand that Google must omit certain links when people search for your name. Google does comply. You don't need a court order or anything. So, you can't celebrate the GDPR while also condemning what happened here.
  • Substack promoted a Nazi blog again

    Technology technology
    54
    1
    499 Stimmen
    54 Beiträge
    554 Aufrufe
    infinitehench@lemmy.worldI
    Unfortunately popular newsletter service that also puts your issues online to look like a blog. Has a lot of startup capital behind it so they've been paying some of their largest writers on top of subscriber revenue. Big "marketplace of ideas" idiots who have allowed a lot of white supremacist and - as this and other situations exemplify - straight up Nazi content.
  • 34 Stimmen
    3 Beiträge
    51 Aufrufe
    P
    I like it. Lots of buzzwords that warn me off the article. Like a brightly coloured bug - message received little guy, I will not touch you.
  • 86 Stimmen
    12 Beiträge
    127 Aufrufe
    R
    TIL. Never used either.
  • Theoretical Private Age Confirmation -- Possible?

    Technology technology
    1
    0 Stimmen
    1 Beiträge
    21 Aufrufe
    Niemand hat geantwortet
  • Resurrecting a dead torrent tracker and finding 3 million peers

    Technology technology
    59
    321 Stimmen
    59 Beiträge
    644 Aufrufe
    I
    Yeah i suppose any form of payment that you have to keep secret for some reason is a reason to use crypto, though I struggle to imagine needing that if you're not doing something dodgy imagine you’re a YouTuber and want to accept donations: that will force you to give out your name to them, which they could use to get your address and phone number. There’s always someone that hates you, and I rather not have them knowing my personal info Wat. Crypto is not good at solving that, it's in fact much much worse than traditional payment methods. There's a reason scammers always want to be paid in crypto if you’re the seller then it’s a lot better. With the traditional banking system, with enough knowledge you can cheat both sides: stolen cards, abusive chargebacks, bank accounts in other countries under fake name/fake ID… Crypto simplifies scamming when the seller, and pretty much makes it impossible for buyers What specifically are you boycotting? Card payments, international tranfers, national transfers taking days to complete, money being seizable at all times many banks lose money on them Their plans are basically all focused on the card you get. Pretty sure they make money with it, else many wouldn’t offer cash back (selling infos and getting a fee from card payments?) if you think the people that benefit from you using crypto (crypto exchange owners and billionaires that own crypto etc.) are less evil than goverment regulated banks, you're deluded. Banks are evil anyways, does it really change anything? The difference is that it technically helps everyone using crypto, not only the rich. Plus P2P exchanges are a thing You'll spend more money using crypto for that, not less That’s just factually false. Do you know the price of a swift transfer? Now compare it to crypto tx fees, with many being under $0.01
  • 202 Stimmen
    6 Beiträge
    70 Aufrufe
    C
    One could say it's their fiduciary duty.