The VPN trick potentially won’t last long. We’ve seen it go stale already in the world of intellectual property rights. For at least the last ten years Netflix et al have been well aware of which AS numbers / IP netblocks correspond to people sat at home in front of the TV, and which correspond to servers in a rack somewhere (including those hosting VPN endpoints.)
One tweak to the rules and all of a sudden not only do porn sites have to verify the age of their UK visitors but also anyone connecting from something other than a residential ISP.
The more troubling thing about these laws is enforcement. The threat of fines only works against websites that map to a business entity. For anything else there will surely see a ramp up in the size of The Great British Firewall Ruleset, edited by the courts, and distributed to the Big N (5?) ISPs.
What will become of the smaller ISPs that refuse to block illegal sites?
This is just a cat a mouse game. VPN services will start to offer residential endpoints when enough websites start blocking them enough to damage the value proposition. There is no way on the current internet to verify an ip address means anything at all other than it's an ip address.
There is no way to offer “residential endpoints” at scale with sufficient bandwidth for anything other than simple browsing of text websites. As shown by the very effective Netflix strategy of blocking VPN addresses, it’s been very hard to slip through for a good four or five years now.
It is absolutely possible and multiple providers already do it, just search for “residential ip vpn”. The legit ones pay people $20 a month or so to plug a mysterious box into their network which the provider will route traffic through. The shadier ones will just route your traffic straight through a botnet.
As someone totally uninformed, are you saying that all those YouTube ads about e.g. Private Internet Access (et al), which specifically cite getting around geo restrictions in the ad copy, are BS?
Which sounds like a silly question ("of course the marketing is BS") but why even bother marketing if the core value proposition of your billed-monthly service doesn't work? Seems like a waste of money since you'll at most get people for one month when they cancel after realizing they can't watch Canadian Netflix from Florida, or whatever.
> As someone totally uninformed, are you saying that all those YouTube ads about e.g. Private Internet Access (et al), which specifically cite getting around geo restrictions in the ad copy, are BS?
Yep, they are all lying to you, but with a wiggle room for a workaround or to point the blame at Netflix. Once you get in, you'll notice that Netflix, Prime Video, Steam, some of YouTube, and pretty much any legitimate service with geo-fencing not working. You then email support complaining that this is not working for you. The answer varies depending on the company. For example:
- Private Internet Access will try to up sell you for your own static IP. That hopefully remains undiscovered by Netflix et al for a bit. (Obviously you're trading anonymity and privacy aspects of a VPN if it's a static ip attached to you, but I don't think people trying to stream Netflix from Italy or where ever care about that)
- Mullvad will tell you: yeah that doesn't work. We never advertised that. Don't renew next month.
- Proton will keep asking you to try endpoints manually (each country has hundreds of endpoints and their app picks a random one. Just keep trying different ones manually. They might give your account access to some "new endpoints" (if they have them) that are not blocked yet. Hopefully once the refund period has passed, they will tell you "sorry we're having trouble with Netflix currently. we're working on it"
Some of them will suggest using "another streaming service??" because "Netflix is having issues in [INSERT_COUNTRY]"
This hasn’t been my experience at all. I use one of the big VPN services advertised on YouTube sponsorships (but not one of the ones you named) and watch Netflix Canada through it all the time. I’ve also been able to use iPlayer.
I can confirm that PIA does not reliably get around geo restrictions. There's only so many IPs in the pool, and the content providers will block them.
There are alternatives like Hola VPN, a "free" peer to peer VPN except non-paying users have traffic routed through them. But performance of peer to peer VPNs are not as good.
Apart from the first month don't forget those that subscribe and forget about it or subscribe for Netflix and use it for something else on top of those that cancel after the first period.
The 1 month period is also usually priced much higher anways. E.g. PIA is currently $11.95/m for 1 month, $39.96 for 1 year, and $79.17 for 3.25 years (instead of half a year @ monthly). With a curve that steep it's obvious they have severe retention issues at short intervals.
considering PIA also still has their sponsors spill the usual "don't connect to a public wifi without a VPN! or else hackers can see everything!!" (SSL/TLS solved this problem a long time ago) yeah I would take anything they and many others claim in ads.
True! They only need to make a show of trying their best, in order to appease grumpy copyright holders. I don’t think I’d pay for Netflix anymore if I could only watch the pathetic US catalog, and there are surely many others like me. And Netflix knows that.
I have a residential fibre connection that’s 3Gbps symmetrical, unmetered. If there was something in it for me (and I was legally shielded) I would consider renting some of that out. And there’s definitely other people out there who would change that “consider” to “definitely.” It’s possible to even get a residential 8Gbps symmetrical connection here for not a ton of money; that can support a lot of video traffic.
Literally - in most of the world terms of service have no legal effect and violating them is not a crime - they are merely a declaration that the service provider feels bad if you do certain things, and if they feel bad they might decide to terminate your account.
Most of them prohibit running servers at home and using p2p apps. Has anyone here ever gotten their connection shut off for either of these?
Netflix blocking just wasn't a big enough of a motivator to solve that problem. But messing with people's porn access would be. The internet was built on porn distribution.
This cat and mouse game applies to OP's first category of sites that want to comply for fear of the British government, but not the second category of sites that actively don't want to comply. Let's refer to the second category as deliberately non-compliant.
The UK instructs ISPs to block access to deliberately non-compliant sites, however users want to make connections to the sites and those sites want to receive connections to those users. VPNs will be effective in allowing access to non-compliant sites as long as ISPs can't identify the VPN traffic.
Of course, the British ISPs can initiate the tactics used by China to identify and block illegal traffic. However there are limits to this. Unlike Chinese users, British internet users regularly make connections to international servers so various bridging techniques are possible. Like VPNs, proxies or even Remote Desktop.
> One tweak to the rules and all of a sudden not only do porn sites have to verify the age of their UK visitors but also anyone connecting from something other than a residential ISP.
The UK does not have jurisdictional power over anything outside their country - they can not a foreign site to do age verification of foreign residents.
Now, the UK can say that they need to check for all UK residents, regardless of them using VPNs. But if there are no practical way to do this, I think the UK will have diplomatic issues enforcing anything to non UK companies breaking that laws - as they would need, eg. Germany, to help them enforcing the law on certain providers.
However, if I was running a foreign site not subject to UK law or other privacy law, with UK visitors, and I was a ruthless businessperson, I'd definitely implement this verification thing in order to collect and store a photo of every visitor.
If you wanted to do this for some reason you'd just do it across the board and say it was for age verification. The reason nobody does it is because people are (rightfully) not okay with this nonsense.
Nobody has ever objected to blocking access to those sites. Most people think the justice system in any developed country is much too lax on people that operate those sites and create its content.
This is a red herring for authoritarian tyrants in the UK to get more control over their population, which is all they're ever looking for.
We don't have national photo ID, but you do need it in order to vote, rent, buy a house, or have a bank account; several of those processes include mandatory immigration status checks too.
Yes... and for clarity, perhaps I should have instead said for the implementation of this law to actually make any moral sense, which is like saying for this chocolate tea pot to be functional on a daily basis, one would have to provision a way of shutting down sites which refuse to participate in the age-verification laws of the UK.
Porn sites don't have any interest in keeping this law either. Nobody with a functioning brain thinks you should have to upload your government ID to a website to browse content, no matter what that content is.
That's what OP said. Netflix and its customers have opposing interests. The customers want to use VPNs, whereas Netflix doesn't want to allow VPNs. The customers don't care about following anti-piracy laws, whereas Netflix wants to enforce them.
The situation is the opposite for age verification laws. In this case, both porn sites and their customers have aligned interests. Both sides want to allow VPNs. Both sides want to abolish age verification laws, and if that is not possible, to circumvent them.
I don't know. A lot of countries in the Middle East block all sorts of stuff and yet VPN usage is ubiquitous, but the governments appear to turn a blind eye. Like "we've done our bit and made the law." So it remains to be seen how far they'll go with this.
A lot of countries in the Middle East throw gay people off the roofs of buildings as punishment, let's assume for the sake of argument that anything we do that moves us closer to the Middle East is the wrong thing to do.
I don't know that "a lot" of countries in the Middle East are regularly throwing gay people off buildings, but I agree with your second point that we shouldn't look at their censorship as an example of something great to follow.
I would add that from my experience with the Gulf, at least, the ME has created one of the gayest places on Earth. The separation between genders has led to a disproportionate number of women and men semi-openly sleeping with their own gender in a kind of "don't ask, don't tell" way.
It feels like the "punish them for being gay" is used, like the poster below you mentions, as a way to turn the screws on you when they need something to use against you for another reason.
That is what the UK has been doing and is doing, along with most if not all Governments. One just has to take a look at UK's 2003 Communication Act. It can be selectively enforced against you if they do not like you.
>For at least the last ten years Netflix et al have been well aware of which AS numbers / IP netblocks correspond to people sat at home in front of the TV, and which correspond to servers in a rack somewhere (including those hosting VPN endpoints.)
If the vpn endpoint is in Rome or New York City, how will the UK government force that non-British vpn service and that non-British porn site to verify the age of anyone using it?
It's easy enough to get a list of IP addresses from those vpn services and just block them if you're Netflix, but to force compliance on anyone traversing the tunnel is another thing entirely. The UK government would have an easier time banning vpns outright.
These can be wildly effective at such matters. I'm sure most countries can come to some understanding with the UK on the matter; be that foreign aid, trade concessions, assistance with their own law enforcement, or perhaps acknowledgement/support on the international stage.
> One tweak to the rules and all of a sudden not only do porn sites have to verify the age of their UK visitors but also anyone connecting from something other than a residential ISP.
That would be quite the overreach as those endpoints are no longer under the UK jurisdiction and there is no way for a website to tell if the user connecting through them is or is not in the UK.
> but also anyone connecting from something other than a residential ISP
It's up to service provider to implement such involved checks. Not sure about e.g. Netflix allocating resources to implementing this, clearly resulting in customer loss.
I expect service providers to cut corners to both comply with local laws and not frighten customers away.
IP addresses are routed in aggregate groups using BGP. The groups are called Autonomous Systems and are handed out to ISPs. Your home ISP has a bunch. The ISP that hosts your virtual server has some too. You can see the one you’re connecting from right now with tools like https://bgp.tools and https://bgp.he.net.
The number of these systems scales in a reasonably tractable way — on the order of the number of ISPs and physical Internet infrastructure around which traffic needs to be routed.
As well as making aggregate routing possible you can use the ISP’s registration details see what location (or legal jurisdiction) a whole chunk of address space has. Hopping around IP addresses will give you unique ones every five minutes but they’ll all still be inside 2001:123::/32 from AS1234 aka Apathetic Onion’s Finest Habidashery and Internet Connections LLC, Delaware, USA.
I don't think the incentive structure is there for porn sites to start blocking VPNs the way Netflix does. And legislation requiring them to would be pretty toothless since the only mechanism they rely on to enforce the rules is making local ISPs block the offending sites.
https://dn42.network/ - don't actually use dn42 since many participants won't be fans of your high-traffic idea, but make a new network with a similar design. (You may get some of the same people to participate in both networks)
I've found Tor is mostly useful for reading, not participating. Exit nodes get blocked from registering on most sites. One workaround is to register at a café or library then use the account over Tor, but sometimes even if you're being civil (see my comment history for a a pretty good picture of the style of discussions I have anonymously) sometimes you'll wake up to find the account nuked.
Tor exit nodes are the _first_ thing they ban! If your origin is not from within one of the top residential ISPs then you can expect to be selected for enhanced screening.
I think you may have misunderstood what "socialists" means (or accidentally written it instead of a different word which wouldn't be so out of place in that sentence?).
Hey, not sure if this is bad HN ethiquette (probably is) but I haven't found any other option to contact you. I posted the list you asked about in another thread about a week ago.
1. Conservatives and Labour have an equally disastrous role in the current mess and have mostly overplayed their differences.
2. Particularly in the UK, the law is one thing. The application another. In practice, Keir Starmer, just yesterday, was claiming that there was no censorship in the UK, they were "just safeguarding children from suicide" (by censoring videos of protesters outside the Britannia hotel in Canary Wharf :o) )
One tweak to the rules and all of a sudden not only do porn sites have to verify the age of their UK visitors but also anyone connecting from something other than a residential ISP.
The more troubling thing about these laws is enforcement. The threat of fines only works against websites that map to a business entity. For anything else there will surely see a ramp up in the size of The Great British Firewall Ruleset, edited by the courts, and distributed to the Big N (5?) ISPs.
What will become of the smaller ISPs that refuse to block illegal sites?