• yokonzo@lemmy.world
    link
    fedilink
    English
    arrow-up
    34
    ·
    1 year ago

    Thank god this list isn’t any larger, it’s amazing more governments haven’t tried to ban this tool that ensures people’s freedoms

    • Knusper@feddit.de
      link
      fedilink
      English
      arrow-up
      22
      arrow-down
      2
      ·
      1 year ago

      Thing is, a VPN isn’t just some magic tool that lets you view location-restricted content and hides your IP address. It’s a relatively basic networking concept.

      Essentially, it allows you to connect two or more local networks, i.e. LANs, as if they were one big LAN.
      In particular, that means no firewalls in the way, no weird NAT behaviour, no need to deal with public IP addresses and so on.
      And it secures the whole communication with encryption + implements a form of authentication, so that you can leave the individual services within the VPN relatively unsecured (assuming you don’t separately expose them outside the LAN/VPN).

      Or more concretely, my dayjob uses a VPN for the whole home office thing. And I’ve used VPNs plenty times just as a networking tool in my software developer job. Prohibiting the entire concept of VPNs makes many software solutions impossible or annoying to build, and will cause folks to expose insecure services to the internet.

      • satans_crackpipe@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        12
        ·
        1 year ago

        Please stop. VPN + TLS is essential. VPN does not mean you’re automatically L2 bridged with a local segment. Changing source headers because your exit gateway is somewhere else does not hide IPs in any way. Many consumer level protocols have original source IPs in the payload.

        • Knusper@feddit.de
          link
          fedilink
          English
          arrow-up
          7
          arrow-down
          1
          ·
          edit-2
          1 year ago

          I was talking about the networking concept of a VPN. If you use a VPN to connect into a foreign country, where you then make a web request from that remote LAN to some questionable webpages, you absolutely do want TLS for that connection. But that’s separate from the VPN concept.

          I don’t know much about the consumer-grade services, but I have heard that lots of them are actually just proxies, not proper VPNs, which I guess, is what you’re talking about. With a proper VPN, you initiate the web request, using an IP address in the range of the remote LAN that you’re connected to. Therefore, fiddling with the headers is not necessary, in that case.

          Ultimately, my point is that proper VPNs can do everything the consumer-grade stuff does, so for an effective ban, you would need to prohibit them, too, which is where lots of organizations/companies will be strongly opposed.

    • Echo Dot
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      The UK government tried to restrict VPN usage (not that they ever explained what restrict meant in that scenario) but as with most stupid things that the UK government says, everyone just ignored them and then it didn’t happen.

      I suspect somebody with two brain cells to rub together explain to them the process and since it sounded complicated they gave up with it.

    • Agent641@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      I believe Australia tried to ban encryption. Not just VPNs, but all encryption. Like, bruh good luck with that. Source: trust me bro (im an Australian and therefore too lazy to figure out if this is hyperbole or not)