this post was submitted on 09 Aug 2025
76 points (98.7% liked)

Privacy

40674 readers
500 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
k_o_t@lemmy.ml
tmpod@lemmy.pt
Yayannick@lemmy.ml
ranok@sopuli.xyz
76
What happens if the UK requires age verification for VPN’s (lemmy.world)
submitted 1 day ago by mysticmartz@lemmy.world to c/privacy@lemmy.ml
54 comments fedilink hide all child comments
 

Hello ,

As the title says what happens if theUK requires age verification for VPN’s or makes it illegal to use them?

Does that mean everyone will move to tor or I2P?

It seems if the UK gov keep pushing their agenda under the guise of protecting children people will increasingly go dark .

I guess what I’m asking is how does everyone think this will unfold?

M

top 50 comments
sorted by: hot top controversial new old
[–] dsilverz@calckey.world 16 points 19 hours ago (3 children)

@mysticmartz@lemmy.world

First and foremost, it's not something limited to UK. Maybe it's because I'm watching things from "outside" the so-called "first world" (I'm Brazilian), and I can't help but notice how it's something that have been spreading throughout the countries: Canadian bill whose number I forgot, EU's "Chat Control", some Australian laws, etc... It's getting everywhere! It didn't start yesterday, also: I remember SOPA and PIPA back in 2010s (or was it 2000s? I'm getting old).

It's worldwide, and it won't be long before there are no more countries where "nothing to fear, nothing to hide" is the official motto via some kind of global treat/pact. It won't stop in adult entertainment: eventually, it'll cover every online activity. In this sense, "children" are just the frogs being morally leveraged by scorpions to cross an Orwellian river.

That said, VPNs are someone else's computers sitting between latitudinal and longitudinal coordinates delimiting some geodesic convex hull we know as "country/nation" ruled by an entity who happens to have the monopoly over asymmetrical forces ruling over that very someone. Even nodes from Tor, I2P, Yggdrasil, Hyphanet, GNUNet, Usenet servers or grand-old SOCKS4/SOCKS4a/SOCKS5 proxies are someone else's computer sitting inside some "country".

And if all countries end up agreeing, out of shared dominance interests (even the so-called "inimical" countries, because even those "inimical" countries agree on certain treats such as the Global Treat regarding Antarctica), to some kind of "Online Kid Protection Global Treat" or whatever frog they can take any moral advantage of, there will be no computer proxification left for circumventing the new KYC requirements for accessing the Web, because there'll be no more alternative countries left... Not even micronations such as Principality of Sealand.

Yeah, future doesn't seem good, and the majority of global citizens won't fight against it (we, privacy-conscious and tech-savvy people, we're not the majority), so it's kind of a Cassandra curse going on right now.

Maybe we must go back to radio communication? Radio mesh networks? Perhaps well-hidden geo-treasure pen-drives for exchanging and archiving files? Creating our own novel ciphering methods, steganography and security through obscurity, becoming able to physically speak through coded language on a daily basis? Even carrier pigeons and smoke signaling (I'm not joking) feels "safe" and out of the Orwellian reaches for now... For now.

(I guess they could still be spotted by LEO satellite imagery. And god-forbid a smoke pattern is caught modulating and transmitting the original uncropped Lena picture over the atmosphere /s).

[–] Zanathos@lemmy.world 1 points 26 minutes ago* (last edited 26 minutes ago) (1 children)

I've been having the same thoughts recently. Your mention of carrier pigeon and smoke signals now has me thinking that embedding data inside a birds sing like the recent jpeg someone tested could be our future soon.

[–] icelimit@lemmy.ml 1 points 15 minutes ago

Which species of bird was that? Time to raise them en masse and genetically breed them to sing more and also adapt to any environment on the planet to propagate. We need to widen coverage and bandwidth!

[–] EngineerGaming@retrolemmy.com 2 points 2 hours ago

I wonder if Tor and I2P's other hops could eventually be obfuscated like bridges are now, so that a network could entirely exist within plain sight without being as blatant.

[–] mysticmartz@lemmy.world 2 points 19 hours ago (2 children)

Those LoRa devices like meshtastic look good. I don’t like the idea of TOR and I2C because it’s known to hold disgusting and concerning stuff. But the original principles of the internet and a Cipherpunk approach is on the way .

[–] dsilverz@calckey.world 8 points 15 hours ago

@mysticmartz@lemmy.world

Those LoRa devices like meshtastic look good

Yeah, tinkering with radio and Open-source hardware in general is funny and awesome. I did some personal projects in this regard, not exactly meshtastic, but experiments using a cheap RTL-SDR and some transmission-capable things such as Baofeng UV-5R and remote controllers from some of my childhood toys. I wish I could afford to experiment more with hardware, electronic and, especially, radio equipment.

Unfortunately, it's like @dubyakay@lemmy.ca said, radio equipment can become targets, too.

In reality, this is already happening in EU: recently, I saw something about EU passing a law requiring all radio-capable devices to be, as far as I can recall, "tampering-proof" or something similar, and this is threatening alternative mobile OSes (such as GrapheneOS) because this law requires bootloaders to be unlockable or something. So, in practice, governments are already targeting radio.

Not to mention how "easy" is to triangulate a signal and how telecommunication regulators often do "wardrive" scanning in order to seek "irregular transmissions" (not just those disrupting others' transmissions, but anything they could deem "irregular" because they're the authorities in charge of allowing or refusing others rights, and this deemed "irregularity" could easily be using Briar through Bluetooth, or meshtastic nodes, during a strike/protest).

This takes me to another point from your reply:

I don’t like the idea of TOR and I2C because it’s known to hold disgusting and concerning stuff

It's worth mentioning that disgusting and concerning stuff isn't exclusive to Darknet, Clearnet also has such stuff, especially mainstream social media.

I mean, you're not wrong, Darknet is indeed used for that, not because it's inherent to Darknet, but because people who do concerning stuff also seek anonymity just like legitimate, well-intentioned privacy-concerned people, and Darknet happens to provide such anonymity for both uses in a double-edged sword manner.

Problem is: there's no way to differentiate two anonymous actors without breaking the very fundamentum of anonymity.

And this very argument you used unfortunately can be twisted by authorities to justify breaking anonymity and, by extension, privacy.

For authorities willing to control everyone's lives so badly, it just takes a small leap for the phrase to be reshaped and re-adapted as...

"private content/people's intimacies must be scanned/watched because they're known to hold disgusting and concerning stuff"

This is almost the argument behind EU's "Chat Control". And the majority of people end up joining this bandwagon unaware of where this bandwagon leads to: something that makes 1984 feel like a sugarcoated documentary.

Unfortunately, there's no easy solution regarding "disgusting and concerning stuff", but we should be really careful lest to throw the baby out with the dirty bathwater.

[–] dubyakay@lemmy.ca 2 points 18 hours ago (1 children)

Just wait until they mandate embedding some sort of hardcoded device identification into LoRa devices.

I don't think I2P can hold anything. It's just anonymization through multiple hops, not a network within the network, no?

[–] mysticmartz@lemmy.world 1 points 17 hours ago (1 children)

I don’t know. I’ve not used I2P before but I heard it was a decentralised internet just on a smaller scale like a WAN

[–] dubyakay@lemmy.ca 4 points 16 hours ago

Reading about it further, I was completely wrong about it. I2P is entirely self contained and exit proxies are not really a thing.

Your concerns may be warranted.

[–] Zerush@lemmy.ml 6 points 21 hours ago* (last edited 21 hours ago) (1 children)

With the Tories soon you can't go online if your webcam is off. The UK has not longer something to do with the EU, it's more and more like the US. The UK always was very curious monitoring the nettraffic since a lot of years.

[–] EngineerGaming@retrolemmy.com 2 points 2 hours ago (1 children)

can’t go online if your webcam is off

I think spoofing a webcam should be pretty easy.

[–] Zerush@lemmy.ml 3 points 1 hour ago

Yes, but not so easy to synchronize your activity with the video.

https://github.com/fox3000foxy/foxyspoofers

[–] hellfire103@lemmy.ca 11 points 1 day ago (1 children)

I'm already using the Shadowsocks bridge in Mullvad. If things get more serious, I'll do some research and consider switching to Tor with either obfs4 or WebTunnel on Tails, and Snowflake on mobile.

[–] Zerush@lemmy.ml 5 points 20 hours ago* (last edited 20 hours ago) (1 children)

Yes, this way they need 2 seconds more to track you, if they want. TOR is the most monitored Network by all security agencies and secret services, it was created by these. I2P is maybe somewhat more secure. Decentralized network is anyway the future, also P2P communications.

[–] hellfire103@lemmy.ca 5 points 20 hours ago* (last edited 20 hours ago) (2 children)

I2P is brilliant, yes, but I can't use it for clearnet sites.

Besides, in this case I would be using it purely for tunneling without detection by my ISP. Anonymity would be more of a bonus.

[–] EngineerGaming@retrolemmy.com 2 points 2 hours ago

using it purely for tunneling without detection by my ISP. Anonymity would be more of a bonus.

I feel like people like you and me end up helping people who actually need anonymity - by creating a larger crowd :)

[–] Zerush@lemmy.ml 4 points 17 hours ago* (last edited 17 hours ago)

I2P certainly is not the clearnet, but if they continue to contaminate the clearnet with massive surveillance, there are not much more alternatives if you don't want to go back to communicate with Finger commands like in the 70th (still works, see also this)

[–] Airowird@lemmy.blahaj.zone 11 points 1 day ago (1 children)

I hope they're dumb enough to just ban VPNs .... and completely halt half the corporations from working, because any WFH or remote accessing is built on VPNs.

Hell, it might just make using Zscaler illegal, one of the biggest cybersecurity tools in the corporate world!

[–] Duke_Nukem_1990@feddit.org 11 points 1 day ago

Easy fix: just sell a license to companies that want to use VPNs

[–] MonkderVierte@lemmy.zip 6 points 23 hours ago

Note: if you live in the UK, your government sees you as their possession. Make sure that they know you are not.

[–] haych@feddit.uk 4 points 22 hours ago

They can try, they can't effectively stop it.

[–] irotsoma@lemmy.blahaj.zone 8 points 1 day ago (2 children)

Just use a VPN outside the country or lease a low end VPS outside the country with decent bandwidth and host your own VPN endpoint. They can't force ISPs to block all of the VPN protocols in general or they'll lose a ton of businesses that rely on it for basic security of remote/traveling employees.

[–] EngineerGaming@retrolemmy.com 8 points 21 hours ago

They can’t force ISPs to block all of the VPN protocols in general

They very much can, I've seen it happen last year. The main protocols are VERY easily recognizable by DPI. However, there are obfuscation methods that can get through even Chinese Firewall, and they're constantly improving.

[–] thebardingreen@lemmy.starlightkel.xyz 4 points 23 hours ago

Even if they did, you can run VPNs over https, or make Tor disguise itself as other kinds of web traffic.

[–] golden_zealot@lemmy.ml 4 points 1 day ago* (last edited 1 day ago)

Make good connections with people you trust internationally. If it really comes down to it, between friends, people who care could work together to set up SOCKS5 tunnels or some such to walk around it pretty cleanly, but you would really have to trust whoever you give credentials to since they would be using your internet connection for whatever. Could also straight up just install the OpenVPN server for this.

Once or twice I have opened a tunnel to friends on one of my servers through a bastion host - any outgoing traffic from the server goes through my own VPN, so it wouldn't matter if they couldn't access a VPN in their country.

For anyone who doesn't care to learn, which in my experience is the vast majority of all people, not much can be done. Even the people I meet who say they do feel that they care deeply mainly just like to be loud about that, but never actually put in the work to learn how to do something as simple as use ssh -D, let alone learn how a proxy actually functions.

I suppose the best those in the know can do is to make it clear that they do know. Should friends actually begin to care, then they will know who to go to for possible solutions.

[–] Majestic@lemmy.ml 7 points 1 day ago (2 children)

If the UK is serious about blocking VPNs that don't comply they'll mostly succeed for the big ones. They'll get them removed from app stores which will prevent most normies from finding and using them. They'll apply network blocks to their entrance IP addresses (laughably easy, there are commercial vendors who sell data like this so they don't even need to invent the wheel here) and make it difficult. They wouldn't be able to prevent truly determined VPN providers from providing service but the days of $4/month for privacy/torrenting would be gone as the prices would likely be higher and you'd have to do things like mail cash.

Beyond the known IPs, VPN traffic is fairly easy to flag with DPI solutions and could be detected and blocked or dropped by ISPs acting under the law. This could also be used to stop people running tunnels to hosted VPS solutions outside of the country or run by friends from their homes. There are obviously ways around these, disguising traffic, various techniques but for most people they'd give up and either stop browsing porn or cough up their ID. Of course this would create a dangerous state of affairs where anyone using a VPN without being KYC'ed is clearly a criminal, at the very least a suspected video pirate, at the most a dangerous child predator or terrorist.

Additionally the UK isn't like Russia or China, lots of western CEOs and employees pass through and within its jurisdictions and if a particular VPN is providing service without this they could try and arrest c-suite people or engineering staff associated with it and slam them with jail time. So that's a problem.

[–] mysticmartz@lemmy.world 6 points 1 day ago (1 children)

I know you aren’t saying this. But it’s not just porn that’s the issue. It’s the wider scope this act encompasses and a trend other govs could follow. I use porn sure , but imagine your facial and sexual preferences leaking. What if you come from a religious family and you’re a lesbian and pitted by this?

[–] mires_trie_4k@reddthat.com 4 points 23 hours ago* (last edited 23 hours ago)

Even worse than this. What if the government suddenly makes abortions illegal, or use it to round up LBGTQ people, or people with immigration status’s that aren’t standard. Even without going USA dystopian, a person under the age of 18 that is abused by a caregiver and needs to privately visit websites that would give help and advice. The use of the rule to limit free speech and the inability for small websites and groups to not be able to manage the technical ramifications of stopping actual 18+ content, so just put up an age restriction to protect themselves means lots of free resources with no actual 18+ content are being shuttered.

And yet a child can still easily get to 18+ content and content of harm through Nintendo chat or their text messages and chat with others.

It’s a bit like when a games manufacturer makes your new game you purchase have to be connected to the internet so they know you are not cheating or stealing their game. It adds barriers for legitimate users and purchasers yet people pirating or cheating have ways to get around it and actually have a better game experience than those that are playing by the rules.

[–] ryannathans@aussie.zone 1 points 1 day ago

Businesses would be heavily impacted

[–] ISOmorph@feddit.org 20 points 1 day ago (4 children)

You live in a bubble my friend. Not everyone will move to tor. Not even close. Linux has reached 3% in the steam statistics recently. Remove the deck users and you'll be lucky if it hits 1%. Of those 1% not even everyone will be able to give up the regular web. I'm sure there will be a surge in alternative browsing prorocols, but not enough to change the status quo.

[–] Cethin@lemmy.zip 1 points 47 minutes ago

The Deck has done incredibly well, but they can't manufacture enough to make your numbers make sense. Also, last I saw, Linux streaming was around 5%.

However, yeah, most people won't know how to use these tools. There will probably be a ton of sites that pop up temporarily that don't have age verification. Any time they go after them it'll go down, and a new one will appear. They'll be sketchy sites, but that's how most people will avoid it if they want to avoid it.

[–] EngineerGaming@retrolemmy.com 3 points 21 hours ago

Most of the mainstream social media is blocked where I am. Good news: a huge part of even uneducated population does indeed learn to evade censorship. Bad news: they tend use the most easily-accessible services, which are sketchy, like reselling the users' IPs as residential proxies.

[–] Jason2357@lemmy.ca 13 points 1 day ago

I found out students in my kids highschool were using VPNs to play roblox on the network (bypassing IT's block). They way they did it was 1. Search "VPN" in the app store or play store. 2. Install the first result.

That's probably a good model of what mass adoption of VPNs would look like.

  • my own kids got a tailscale app connecting to my headscale network in 10 minutes and me wiping my brow that I dodged a bullet.
[–] mysticmartz@lemmy.world 10 points 1 day ago (1 children)

The normies are mad . I use Arch BTW.

[–] nickwitha_k@lemmy.sdf.org 1 points 13 hours ago

I use Arch BTW.

Gotta start em on something lighter. A gateway distro, if you will.

[–] user224@lemmy.sdf.org 14 points 1 day ago (2 children)

How though? Commercial VPNs that simply function as proxies, sure. VPN as in the protocols themselves? Not possible without breaking too much stuff.

[–] fluffykittycat@slrpnk.net 6 points 1 day ago

If you have a friend outside airstrip one you can tunnel through them. I could see some kind of tailscale like mesh vpn type deal being deployed for this purpose

[–] mysticmartz@lemmy.world 7 points 1 day ago

Sure but someone hosts these services . I can make a VPN right now and the service is paid by my debit card.

[–] frongt@lemmy.zip 9 points 1 day ago (8 children)

Get a VPN from outside the UK.

load more comments (8 replies)
load more comments
view more: next ›