[raesene9]

That is one option, but then you get into the world of Corporate VPNs which are heavily in use and it would seriously cause problems if you banned.

Then you're into "what about all TLS connections" which can be used to send traffic, so you have to do TLS interception at scale, which is a very non-trivial problem to try and solve.

Then you're into non-TLS encrypted protocols, so your only option there is to block anything you can't intercept.....

At that point you've pretty much broken Internet access in your country, might as well just chop the cables :P

[falcor84]

I wish I was as optimistic about the resilience of the open web as you, but I see what the Chinese government achieved and what the Russian government have been doing over the last few years, and I'm very concerned.

[yaris]

China has built their Great Firewall over many years gradually, and they have a lot of resources inside, so almost everything from the "western" Internet has a Chinese analog. Russian government simply does not give a flying fuck about people and economy on either side of the border, so they can just pull the plug completely if they see it necessary from the political point of view. So these countries are hardly reference points for what UK can achieve (although Russia is closer than China).

[raesene9]

Oh I'm not saying they won't try and do it, just it'll either be ineffective or they'll effectively wreck the Internet.

For the UK I'm kind of doubting they'll put enough money into it to make it good, so we'll get the ineffective version and politicians will get stories like this one written about their efforts.

[techjamie]

I saw an excellent video[1] a few weeks ago that outlined this issue perfectly in the context of Tor's anti-censorship methodologies by hiding its traffic as other kinds of traffic. The endgame is basically to cut the cables and have a countrywide intranet, or just accept that people will bypass it. Even the Great Firewall isn't perfect, and Chinese frequently VPN out of it all the time.

They're still going to try anyway though. Wisconsin is already putting up a hilariously bad anti-VPN bill[2], and I'm curious if they don't just end up trying to ban every server provider out there in the process of enforcing it.

[1] https://youtu.be/i9Jh3egGaNk

[2] https://news.ycombinator.com/item?id=46113232

[mcintyre1994]

The more practical law is to ban using VPNs to bypass local censorship/filters/etc, which is the law the UAE has for example. Companies can keep using them for security, so can individuals who aren't using them to pretend to be somewhere else to bypass local laws.

This also has the benefit (to the government) of criminalising individuals, making prosecution much easier and allowing it to be more selective according to the government's whims. It reminds me of the way the US dealt with piracy, you could go after a bunch of college kids to make a point etc.

[raesene9]

I'd guess the tricky part there is proving intent. If I sign up to a VPN so I can watch sports or other geo-restricted content while on holiday, does that count?

In a fully authoritarian state of course you likely don't have to worry too much about proof, but I'd suggest the UK has a ways to go for that.

On the piracy front, well we've seen how successful they were in stopping piracy.... not at all.

[hexbin010]

> That is one option, but then you get into the world of Corporate VPNs which are heavily in use and it would seriously cause problems if you banned.

This should not give you /any/ comfort that they won't attempt to ban VPNs. It's as easy as making it illegal to purchase/use a VPN/proxy service as a non-business entity with some loosely drafted legislation that would scare people.

It's child's play to draft legislation that would not affect businesses, plus some appropriate PR/propaganda campaigns

[raesene9]

What's a VPN though, just an encrypted tunnel between two nodes. For decently technical people, it'd always be possible to rent a VPS somewhere outside the country and route traffic to it.

If they're going down that route I'd expect the first service to be banned will be Tor, I'm actually mildly surprised they haven't tried that already.

[hexbin010]

> What's a VPN though

It really is easy. You can not outsmart lawmakers here, if they are determined enough.

It doesn't have to be 100% perfect, just 80% plus some messaging (edit: and harsh penalties). Do you not accept this?

As to wording of the law, eg:

"A Commercial VPN is defined as a service offered to the public for remuneration that routes internet traffic through servers to obscure the subscriber's IP address or apparent geographic location, where the primary purpose is to provide anonymity or circumvent geo-restrictions."

"A Business VPN is defined as a virtual private network operated by or on behalf of an organisation to enable employees, contractors, or authorised agents to securely access the organisation's internal network resources; connect geographically separate premises of the same organisation; or comply with data protection or security obligations."

[stingraycharles]

That is, until you only allow approved vendors (Microsoft, Cloudflare, etc) to provide these types of services. It’s very easy to pass laws like that, and it seems like centralization is the direction everything is headed.

[raesene9]

So if you could get Google/Apple/MS on board, then you could embed controls onto most people's endpoints, and actually that'd work more than trying to put the burden on websites/controlling the network. The trick is those are all US corporations who may or may not want to be responsible for that level of control.

While we still have alternate operating systems, that won't be a universal control of course. You'd have to stop people owning general purpose computing devices for that to be fully effective.

[techjamie]

> You'd have to stop people owning general purpose computing devices for that to be fully effective.

That's been the corporate and probably governmental wet dream since the iPhone released. I think the only thing keeping the x86_64 scene from doing the same thing is legacy software support, and open alternatives existing. If Microsoft could've viably banned getting software from anywhere outside their store, they would have.

I would argue with all the computers they sold in "S mode" a few years ago, they earnestly tried it in the home market.