We are building a niche social network and don't want to be in the cross-hairs.
Is anyone in a similar position? How's your company dealing with this?
Edit: apart from cost, storing user IDs etc goes against our goal of building a private social network. We would like to retain least amount info
The less you know about this stuff the better.
(also applies to GDPR, and even though GDPR has wider applicability, devs should focus on the low-hanging fruit first instead of going around in what-ifs and exceptions)
These regulations are meant to serve big corporations and protect their monopoly.
The depressing thing is this seems the one thing a government that's famous for U-turning won't U-turn on. Even if (let's be honest, when) a list of MPs proclivities emerges from a data breach the most they'll do is exempt MPs from the provisions rather than admit this is a terrible law that makes the UK more dangerous rather than safer.
If it was actually true that 80% of the population opposed this law, MPs would be falling over themselves to run against it and it would be gone immediately after the next election cycle.
I think it's a dumb law, but I also don't think the UK's democracy is that broken. It's pretty clear a majority of UK voters support or are at least ok with this law.
This is terrible legislation, there is a petition that has reached 350k already to repeal it. https://petition.parliament.uk/petitions/722903
nemomarx•5h ago
nebben64•5h ago
nemomarx•5h ago
You can't really stop it, but you can start treating it like Piracy. Maybe ISPs could snoop and report traffic that seems to be going to a VPN even if they can't inspect it.
dijit•5h ago
First they will make it seem like only criminals would use VPNs, then they’ll target some actually shady VPN services to use as a scapegoat, then they’ll apply punitive measures to them specifically; then they will use the fact that they have already used punitive measures as a reason to use them blanketly.
Technically: it’s pretty trivial to block almost all VPNs at an ISP level. I think only anyconnect/openconnect is difficult (not impossible) to block.
That this would affect businesses is of no consequence.
jeroenhd•5h ago
There are tools designed to evade DPI detection, but even those don't make out out of the Great Firewall of China most of the time.
Technical solutions to political problems only go so far.
vidarh•5h ago
This is a historically unpopular government, where a significant proportion of their own membership is opposed to the government as well, dependent on business donors because its membership numbers has crashed.
I think the effect on businesses would make going after VPNs entirely dead in the water.
PontifexMinimus•5h ago
Imustaskforhelp•4h ago
Its theoretically possible to create a proxy from one pc to another using iroh/quic/(dumbpipe, which got like 880 upvotes I think on HN and I think is trending which is nice)
I feel like Its a cat and mouse game but that's just my 2 cents
Havoc•5h ago
PhilipRoman•5h ago
Suzuran•5h ago
The goal here is compliance, and nothing more.
Ray20•4h ago
Imustaskforhelp•4h ago
Imustaskforhelp•4h ago
if Britain does block vpn, it would look extremely authoritarian but yeah tbh, its looking the same right now too...
I do think that there is some level of bottom tech that needs to go unsupervised/unrestricted otherwise vpn's can fail (china?)
If however they restrict that level of tech too using (packet filtering?) etc., I don't really know, maybe there could be some side consequences too,like maybe some websites can stop working (like how china is cut off from the world from the outside websites primarily)
And honestly, the vpn providers can just change their techniques to be more sneaky and hope that UK govt. doesn't catch them and the UK govt. can try the vpn and find its techniques and then block them too
Its a cat and mouse game really.. The one where there is money incentive on big vpn players to play this game forever, so I wouldn't be too worried I guess.
What I am more worried about is that UK users might download free vpns or bad premium vpns which might make their phones botnets etc., so I would recommend proton vpn or mullvad but I don't want to recommend them too much because I don't want to imagine these products turning bad if a lot of people use it. (enshittenification)