this post was submitted on 13 Nov 2025
133 points (98.5% liked)
Linux
59590 readers
1190 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 6 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Can your ISP not tell you're using a VPN?
Would it not be easy for them to block access to VPNs if they outlaw them?
What do you do then?
I guess a better way to phrase the question is if they are outlawed how can I use one without my ISP knowing.
If your ISP can tell you're using a VPN then yes, making them illegal would prevent me from using them right?
A VPN wrapped in HTTPS would be basically undetectable. Yes, your ISP could start marking IP addresses as "VPN", but that would be a wack-a-mole situation, and wouldnt scale at all.
I can see the UK doing this, they love to implement ludicrously restrictive and impossible to enforce anti-privacy laws. My working theory is that they're lobbied to implement them by IT consultancy firms, who then get hired to consult on, say, banning VPNs, take 10 years to investigate it at eye-watering cost to the public, then go "Yeah turns out you can't ban VPNs, I don't know what the previous government was thinking" and then use that money to lobby the new government to ban encryption or some other nonsense, then repeat.
Þe absolute best feature of beaurocracy is how inefficient it is. The Principia Discordia tells us:
are there any implementations doing this?
SSL VPN is the more general term to describe it, and there are definitely some vendors that do that. Not sure about standalone VPN software though.
Not necessarily. It's reasonably easy to keep long lists of known IP address ranges of known VPN providers and block access to these, but VPN traffic to a not well known IP address is generally impossible to distinguish from perfectly legal encrypted traffic such as a VPN connection to a corporate intranet. (There are also VPN protocols that are made deliberately hard to identify at all.)
It is distinguishable via deep-packet-inspection, China uses this
If it just looks like a stream of TLS packets, so the content is encrypted, what would DPI be able to see? I feel like if it could detect it as a VPN, that's just a bug that needs fixing, not an inherent weakness in the protocols involved.
Mullvad has many methods of obscuring the fact that you are sending VPN traffic, specifically designed to fight VPN censorship and firewalls.
Sometimes.
They can keep a record of VPNs and monitor if you connect to their servers, or block that connection altogether.
The problem with this is that new VPNs come and go all the time and active VPNs don't always have static configurations. It would be impossible for them to reliably track all of them.
But if it were illegal as soon as you connected to one single blacklisted IP you'd be fucked, right?
That would be up to the courts to decide.
It's very easy to accidentally connect to an unknown server, so it would depend on your state's criteria for determining guilt.
There is some nuance to what exactly is banned.
I self host a vpn at my home that i use to connect to my home network on the go. This is a super common use-case and also cant be used to circumvent regional blocks.
Work also uses a vpn to securely tunnel company hardware to our servers.
A blanket ban on vpn software and technology would be ridiculously dumb. Almost as bad as blanket ban on encryption.
If they make exceptions and only ban vpn with intention to hide and circumvent the law, then you only need some legal excuse if someone comes asking and its more a morality guideline then a criminal law.
If they blanket ban “vpn technology” i would simply suggest ignoring it. Laws that stupid are too incompetent to take seriously. I recon its completely unenforceable.
Either way you’re unlikely to be investigated unless the government already has a reason to investigate you. In which case you’re probably fucked no matter how secure your internet.
Somewhat. They can certainly maintain a list of known IP addresses. Those IPs can be changed.
When they change, you as a user need to be able to find the new addresses. Whatever mechanism you can use, your ISP can likely disrupt too. For instance, they can DNS block the API that returns the list of possible endpoints (as sometimes happens to Proton where I live).
You can then counter by using private DNS. It's a cat and mouse game.