Rendered at 21:21:40 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
h4kunamata 21 hours ago [-]
Australia isn't different, but homelab is my jam so solutions were implemented :)
1. Nginx Proxmox LXC container with domains that require digital ID such as X.
I can easily add or remove domains to it via Ansible.
2. Mullvad VPN server/client setup on OPNSense
3. OPNSense Firewall rules with aliases from the local lists from step 1
4. Every time I access X or whatever, OPNSense firewall rule redirects that traffic via the Mullvad VPN Gateway bypassing the digital ID enforcement
5. I host Pihole + Unbound recursive DNS so I have full control over my DNS. Recursive DNS uses the 13 root nameserver, I do not use public DNS such as Google or whatever, in fact, they are all blocked.
My data under my control.
HDBaseT 21 hours ago [-]
>I do not use public DNS such as Google or whatever, in fact, they are all blocked.
Honestly surprised that works given Google loves to hardcode DNS queries using their DNS Resolver into many things (Google TV, Android, etc).
I'm assuming you are using NAT Redirection (Port 53), blocking DNS over TLS - DoT (TCP Port 853), using SNI FIltering to block DNS Over HTTP (DoH). Not sure how you handle Encrypted Client Hello.
h4kunamata 17 hours ago [-]
>Honestly surprised that works given Google loves to hardcode DNS queries using their DNS Resolver into many things (Google TV, Android, etc).
My Samsung smartTV has Google DNS hardcoded in it, that is why I do what I do.
No matter if I set my phone DNS to Google, OPNSense NAT redirects any DNS to Piholes only, and since public DNS, DNS-over-TLS and DNS-over-HTTPS are blocked, only Piholes forward it to Unbound. Only Unbound can request DNS and OPNSense enforces that.
Unbound is recursive DNS with is own caching so everything happens localy, surfing the internet is insane fast.
As for the digital ID, the DNS happens locally but the traffic is forward to Mullvad VPN Gateway.
I don't wanna hide my traffic, I just don't wanna this mass survilance on my personal information. My social media accounts are burner, no real name, no photos, minimal apps installed on my GrapheneOS phone and I have a complete normal digital life without sharing my shit haha
ralferoo 13 hours ago [-]
> ..., DNS-over-HTTPS are blocked
Not trying to be facetious, but how do you know you are blocking them all? I thought one of the reasons for using DNS-over-HTTPS was to be able to avoid detection.
h4kunamata 21 hours ago [-]
Side note, I do agree with under 16 being denied access to social media.
Spend 5 minutes on X, Instagram or even worse Snapchat for you to see what these minors are doing. A lot generation, all for likes.
GenZ is so cooked, by the time they reach their 30s, damn.
Gen Alpha being born within the digital and AI world is even more cooked.
Chu4eeno 16 hours ago [-]
I don't think social media is any healthier just because people are older, I'd rather just ban them outright.
And from what I remember of the coverage of the scientists presenting their case in the UK there wasn't enough evidence to say whether it had an impact on children.
Personally I think ipad as babysitter is more to blame, but until the proper studies are done it's all just speculation.
h4kunamata 15 hours ago [-]
>Personally I think ipad as babysitter is more to blame, but until the proper studies are done it's all just speculation.
Proper study??
Look around us, kids are talking to ChatGPT instead of running, playing, instead of being kids.
Kids cannot speak and yet have a tablet to interact with, by adulthood those kids are cooked.
Teens at school can't read, they have been using ChatGPT to cheat exams. If somebody tells me that more study is required to prove what is right there in from of our eyes, that somebody is part of the problem, full stop!!
benj111 13 hours ago [-]
>Look around us, kids are talking to ChatGPT instead of running, playing, instead of being kids
Isn't that a symptom of other things? I'm an elder 'millenial' playing out was already decreasing when all we had was a nes and 4 channels on TV.
Unfortunately now we have to 'protect' kids from the dangers outside. Which necessarily means them spending time inside.
fennecfoxy 6 hours ago [-]
Millennials never spent like >6-8 hours a day on phones doing nothing productive.
Yes, as adults we now spend loads of time in our places of work on devices but generally in the pursuits of doing productive things.
And while I haven't looked up the stats, I don't feel like it's exceedingly more dangerous for kids to play outside today than it was back in the 00's, 90's, 90's etc. I just feel as though we're more aware of the dangers of what _could_ happen to kids - all of which is a facet of the media/social media pressure and scaremongering.
Plus there are still loads of feral kids allowed to roam around and be little shits anyway.
globular-toast 5 days ago [-]
I'm considering the same thing. I've done the "contact your MP" thing, but it's a waste of time. You just receive a pre-written letter from some minimum wage assistant (or maybe just a bot).
It's either that or I just consider the internet dead and move on. It's nothing like it was 20 years ago anyway. There are other things to do. Many books to read and places to go. We had something really cool and we were lucky to experience it while it lasted, but it's gone now.
cedws 3 days ago [-]
It’s hard to feel any enthusiasm for democracy watching things you disagree with being pushed through and having no power to stop it. I signed the petition to reverse the OSA and all we got was a canned response.
I’ve come to the conclusion the only thing you can really do is leave when you disagree with the direction of your country, but of course not everyone has the ability to do that.
marcus_holmes 19 hours ago [-]
This is what protest is for/about.
If enough people feel strongly about it to go onto the street and wave placards, that starts getting noticed and has to be acknowledged.
Of course, the UK (and others) have started making protests illegal, because they are doing things that we should feel strongly enough about to go and wave placards at them.
leoedin 8 hours ago [-]
The problem I've found is that enough people don't feel strongly about it.
I've had plenty of conversations recently where people say "yeah, but social media is harming kids. Banning it is good". People broadly see the headline "think of the children" and think, "yup, let's protect children".
To me, there's all sorts of downsides - the death of small discussion forums, pushing interesting online experiences out of the reach of teenagers, the creeping surveillance and, worst of all, the complete end of the open internet (when inevitably it doesn't actually work). But most non-tech people just don't see that.
The currently in place age verificaton system is a joke. It's trivial to circumvent them - not just via VPN, but also because there's countless websites that just don't care. The social media ban will bring more of the same - and then they'll have to ban VPNs and bring in website firewalls.
Who wins? The established tech companies, who have big enough legal departments to comply with increasing red tape. How is a new social network going to legitimately compete with Facebook now?
But when I say all this to people I know, they just don't see it. Most people are not tech people.
nozzlegear 22 hours ago [-]
> It’s hard to feel any enthusiasm for democracy watching things you disagree with being pushed through and having no power to stop it.
That often is democracy: what's popular isn't always what's best.
zugi 19 hours ago [-]
That's why democracy shouldn't be worshipped as the end-all be-all key to good government or good society. Or as Churchill put it, democracy is the worst form of government, except for all the others.
Freedom and liberty should be the foundations of a healthy society. Democracy should be reserved only for those things that must be decided collectively and universally enforced.
What kids do on their phones doesn't even come close. Let parents and vendors decide what their kids and customers can do. I've met plenty of well-adjusted kids who aren't on social media because their parents don't let them.
lokar 19 hours ago [-]
I find that many comments on this subject here don’t seem to consider that a majority (perhaps a large majority) of citizens in their nation support these policies
marcus_holmes 19 hours ago [-]
Because they don't understand the technology or the consequences.
When they do, they will change their mind (and probably protest loudly that they never wanted it in the first place).
See Brexit for a clear example.
lokar 18 hours ago [-]
But the argument I see is that the politicians are acting tyrannically against the desire of the voters.
marcus_holmes 14 hours ago [-]
some voters. The voters who actually understand the technology and the consequences
pjc50 12 hours ago [-]
I do think people should consider trying a bit harder to change the opinions of their fellow citizens. Yes, this is a lot of work; yes, I've mostly delegated this myself by paying money to the Open Rights Group. But if you start from the position that everyone else is a newspaper-brainwashed idiot then of course it's going to look a bit dark.
I also think there's more of what I'd call "grassroots British libertarianism" than you'd expect. It's just in tension with Daily Mail-ism, often in the same people. They just don't want onerous rules applied to them.
matthewmorgan 10 hours ago [-]
Do you ever spend time thinking about your own opinions, or just other people's?
pjc50 9 hours ago [-]
?
echelon_musk 4 days ago [-]
> consider the internet dead and move on. It's nothing like it was 20 years ago anyway. There are other things to do. Many books to read and places to go. We had something really cool and we were lucky to experience it while it lasted, but it's gone now.
I'm pretty much at this stage too. The web/internet was a frontier like the Wild West. But those wild days are gone and are never coming back. Cyberspace has been settled.
gizajob 23 hours ago [-]
The web is only a minuscule part of cyberspace. Once millions of people have an AI supercomputer running a graphical node at home in 3-10 years time, then cyberspace will finally start IMO. The web will look like a catalogue file in comparison.
Depends on your MP. I have received surprisingly detailed responses to some of my past letters.
If they can't be arsed to answer you, then you shouldn't be arsed to vote for them, at least in my opinion.
benj111 13 hours ago [-]
Yes definitely. I had one MP for 4 years that would personally reply at all hours. I was getting replies at 10pm. I felt the need to tell him off and turn his phone off. But the other 2 I've interacted with were useless.
HDBaseT 21 hours ago [-]
>Many books to read and places to go
You cannot travel into the US without providing access to your Social Media accounts. Pretty likely you get denied if you say "I don't have social media".
bargainbin 20 hours ago [-]
Incorrect, I don't have social media and tell them as such, it's never an issue.
lokar 20 hours ago [-]
Are they asking? I know they said they would, it I’ve not seen reports of it happening
account42 9 hours ago [-]
They have been asking for well over a year at least for ESTA with GitHub being one possible pre-defined social media type in the form.
Chu4eeno 16 hours ago [-]
Good thing I left my abandoned facebook/twitter/instagram accounts undeleted a decade ago.
TacticalCoder 23 hours ago [-]
> We had something really cool and we were lucky to experience it while it lasted, but it's gone now.
You can also recreate a smaller network and enjoy it as a silo, disconnected from the Internet, at times.
There's no need to be off the grid 24/7 to feel the relief.
It's deeply relaxing to pull the (Internet) plug (I do, literally, physically remove one ethernet cable from a switch right underneath my monitor and I've then got several machines happily communicating only on the LAN: no more Internet).
Maybe I'm having fun with my latest acquisition: modelling parts to fix stuff left and right around the house by 3D printing them (I bought a 3D printer for that: I had many things I needed to fix and I knew I'd be able to fix them properly by printing adequate parts). No need for the Internet to model, slice and 3D print.
Such an activity does feel like the computing of yore: it takes me back to a time when it was me and a 8-bit machine. Creating stuff "by code" (which now take physical form at home, which 11-years old me would have find utterly mindboggling btw).
> There are other things to do. Many books to read and places to go.
And hobbies. As a kid from the eighties I love cars from the late 80s/very early 90s: not much electronics, not spying on you. Sure they're a bit of gaz guzzlers but then half the fun is fixing stuff on them and the other half is talking about them with other enthusiasts: there's no need to drive 10 000 kilometers a year with those.
When you take time to disconnect a bit from the Internet, then I'd say when you're online (like I'm now) it all feels way more tolerable.
No need to go full luddite IMO but YMMV.
bigiain 21 hours ago [-]
> It's deeply relaxing to pull the (Internet) plug (I do, literally, physically remove one ethernet cable from a switch right underneath my monitor and I've then got several machines happily communicating only on the LAN: no more Internet).
> Maybe I'm having fun with my latest acquisition: modelling parts to fix stuff left and right around the house by 3D printing them
Isn't California proposing to put you in jail for having a 3D printer without an internet connection to tattle on you and killswitch your printer if some unaccountable internet service decides you're printing something "bad"?
:sigh:
Retr0id 23 hours ago [-]
I've set up a socks5 "proxy multiplexer" that routes requests to different upstream proxies based on the request hostname. For example reddit routes via a VPS in Dublin, and imgur routes via Tor. I believe socks5 is the ideal layer to do the multiplexing at, for web traffic, because the request hostnames are visible to the multiplexer even if ECH/ESNI is in use. It was a oneshot vibecoded solution but it's been pretty solid thus far, so maybe I should open-source it.
I wrap the outbound sock5 traffic in mTLS, so it should look "normal" to anyone packet sniffing (not obvious proxy/VPN traffic), even though stealthiness isn't part of the threat model at the moment.
bigiain 21 hours ago [-]
Perhaps consider putting it in public domain instead of using an "open source" license?
There's a decent legal ethical argument that LLM output isn't copyrightable, and for me a "one shot vibe code" definitely _isn't_ "your creative work", so the copyright that open source licenses rely on probably doesn't exist there.
I wonder if a new category of "non copyrighted shared source code" needs to exist for people who use Gan AUI to create genuinely useful software which would ne a net positive to society if shared, but that doesn't risk murkying the waters and undermining the copyright basis that licenses like GPL and Apache and BSD and MIT rely on?
Retr0id 20 hours ago [-]
I don't believe in copyright, personally.
bigiain 19 hours ago [-]
Whether you believe that copyright _should_ exist is quite different from whether it _actually_ exists and whether there are consequences due to the existence of copyright.
All "open source" licenses rely on copyright. If copyright did not exist, GPL and BSD and MIT (and all the other software license options, open and commercial) would be unenforceable.
(I'm less convinced that you seem to be about whether there arte any good reasons for copyright. I believe real "creative people" like authors and musicians and artists and film makers _should_ have a legally enforceable monopoly to control use of and to generate income from their creative work. That shouldn't be "Micky Mouse" effectively eternal control, but there should in my opinion be some legally protected "ownership" that a creator has where they can prevent other people copying/recreating/misusing/profiting from their creation. Whether this should ever have applied to softwares something for a more nuances discussion t6hat a website comment section...)
farnsworthfusor 20 hours ago [-]
If LLM output isn't copyrightable then it's already public domain, even if you say it isn't - if this is true you can just ignore the wishes of the person who thinks they're the copyright holder.
marcus_holmes 19 hours ago [-]
this. The whole licensing of software stands on copyright. If the content is already in the public domain because it was generated by an LLM (copyright only protects human works) then it can't be licensed.
However, there's no compunction to publish the generated code, even if it's public domain.
We end up in a strange nega-OSS world where all code can be used by anyone for any reason, if you can get your hands on it.
PeterStuer 17 hours ago [-]
If you believe this, then this was always the case. LLM's only made it cheaper and more accesible.
marcus_holmes 14 hours ago [-]
Sorry I don't understand, what am I believing that has always been the case?
PeterStuer 11 hours ago [-]
That you could reimplement a software and then be license free. Or did I read you wrong?
marcus_holmes 10 hours ago [-]
That's a separate thing. I mean, valid, and a good point to raise, but I wasn't raising it.
I was more talking about the weird space we're getting into where code is completely open, because it was generated and cannot have any copyright protection, but also unpublished, and so effectively proprietary. The opposite of OSS, where code is available but protected by copyright-based licenses.
farnsworthfusor 3 hours ago [-]
That's true. You can write software that duplicates the functionality of existing software and by doing that you can evade the copyright of that software.
lmz 20 hours ago [-]
For browser traffic another alternative is proxy autoconfig scripts to put the proxy routing logic in JS.
BLKNSLVR 23 hours ago [-]
Please do open source it, I'd be interested in running something similar.
cpressland 4 days ago [-]
I’m already using policy based routing on UniFi to send OSA censored websites, imgur for example, via Mullvad VPN - it works for the most part, but for any IPv6 websites it completely breaks as UniFi doesn’t support policy based routes for IPv6.
If the government blocks Mullvad then I’ll just switch to Wireguard on a Helsinki based VPS via Hetzner.
bigiain 21 hours ago [-]
Surely it won't be long before every hyper scalar and even medium sized hosting companies ip address ranges will end up in the block lists for every "questionable" website that is feeling the "chilling effects" from these UK laws?
I used to run my own mail server back until about 2014 or 2015, end even then it was practically impossible to reliably send mail to any of the major email providers from and ip address from Linda/AWS/Hetzner/DigitalOcean et al. I'm pretty sure porn sites and unmoderated web forum type thing that have lawyers advising them will soon be blocking not just UK ip addresses, but the bulk of the easy to identify VPN services and VPS providers.
matt-p 23 hours ago [-]
are you manually maintaining the list of 'OSA censored' sites? Sounds great, just I'm lazy :')
nemoniac 4 days ago [-]
“The Net interprets censorship as damage and routes around it.”
There is no "Net" any more. There probably never was really. The internet protocols were designed for resilience from the start. A key to that is packet-switching over circuit-switching. But this thing we call the "internet" today? This thing where more and more nodes can't even speak directly to each other and nobody even cares (see IPv6)? This thing where 90% of traffic goes to a few large multinationals? It's not that. We have no resistance to censorship.
Chu4eeno 16 hours ago [-]
The problem is that the world is increasingly transitioning from the Internet to regional internet.
There are companies that have gotten very good at virtual border control while selling stuff to e. g. the chinese and russians that are allegedly in talks with the UK govt.
pSYoniK 11 hours ago [-]
I have submitted this before, but for those maybe a bit uncomfortable with setting up a VPS to act as an exit node for Wireguard, my article covers most things:
For this particular use case, I would probably suggest something like OVH/Scaleway as they have nodes in France so physical distance between UK and "somewhere else" is low which will affect latency. If you're willing to wait longer and go further, I recommend Infomaniak (Switzerland - they have nodes in Geneva I think/Zurich). Hetzner (a crow favorite) hasn't been that good for me while I was in the UK, I was getting dropped packets even after switching a few VPSes, but might've just been something temporary.
nly 2 hours ago [-]
Been using a VPN on my phone and PC for 20 years. Always use non-UK exit points
CommanderData 4 days ago [-]
The camp who think VPNs and Tor are a solution to government policies feel like disinformation at times.
VPNs are trivial to ban, the IP space is well known, Wireguard is easily to fingerprint and block.
It will be a cat and mouse game, if the government looses this they'll simply make it illegal to be caught using a VPN including Tor. Which is on the table.
The only way this changes is a less crap party, but almost all including Reform are in favour of more censorship.
Zia Yusuf : "... criticised sections of the legislation that allow ministers to direct regulator Ofcom to modify its rules setting out how companies can comply with requirements to crack down on illegal or harmful content, saying it was “the sort of thing that I think (Chinese president) Xi Jinping himself would blush at the concept of”."
They aren't the solution to bad policy but they are an unfortunately necessary part of regular internet use now.
msephton 22 hours ago [-]
I route a bunch of mine via a proxy server of my own that is hosted outside the EU. This gives me access to Japanese websites and other things.
mschuster91 23 hours ago [-]
> And so, for the first time, I am considering locating something (perhaps a WireGuard node, or a SOCKS proxy, or a recursive DNS server / DNS proxy, or perhaps all of them) somewhere on the Internet outside the UK, so that I can route some traffic through that, as needed, to maintain my access to the web.
Good luck, it will probably impossible as admins fed up with AI scraper bots increasingly choose to outright blanket ban anything not being a residential or business line. There's a reason why there are so many "ethically sourced proxies" aka people installing software on their smart TVs and whatnot that comes with an "monetization SDK" by one of the numerous VPN providers. That's the dirty secret behind a lot of the "bypass youtube/netflix/whatever region lock" VPNs.
farnsworthfusor 20 hours ago [-]
What's dirty about it?
Chu4eeno 16 hours ago [-]
Residential proxies aren't usually used for good.
farnsworthfusor 3 hours ago [-]
What are they usually used for?
mschuster91 12 hours ago [-]
Companies tell their customers (i.e. people who wish to bypass streaming service region restrictions) that they "ethically source IP addresses". The people who provide the IP addresses (i.e. people installing f2p games on their phones or smart TVs that come with the VPN exit gateway SDK) don't know that, because no one reads the T&C.
In the end, both are deceived. The customer thinks there are no ethical issues attached to their VPN provider, the ones whose IP addresses get abused don't even know what's going on.
farnsworthfusor 3 hours ago [-]
In what way is scraping Amazon prices "abuse" of anything?
bArray 4 days ago [-]
> In the name of “online safety”, the fundamental rights of both freedom of expression and privacy appear to be under imminent threat.
The current UK government don't actually care about children, if they did then they would actually investigate the child SA gangs, or holding people to account on the Epstein lists. We have seen other countries such as Australia [1] "magically" have the same idea at the same time, so this is likely a global group influencing this push.
> The current proposal to ban people under 16 - who also have the rights to freedom of expression and privacy - from some (as yet not fully delineated) social media services is likely to result in wide-spread verification.
This is the real objective, it will be just like the UK porn verification [2]. To express yourself online, you will soon need to associate your activity with your real identity. With the discussion of clamping down on VPNs, it won't be long before you need to verify your ID just to connect to the internet.
This has been a long time coming. Years ago you could buy a sim card with money already on it, use it, and then throw it away. Now you need to associate some credit card or ID with the sim card and perform some verification process.
> And so, for the first time, I am considering locating something (perhaps a WireGuard node, or a SOCKS proxy, or a recursive DNS server / DNS proxy, or perhaps all of them) somewhere on the Internet outside the UK, so that I can route some traffic through that, as needed, to maintain my access to the web.
It won't be enough. At some point the UK government will just mandate that they should be allowed to perform deep packet inspection, and then there will be nowhere left to hide. These changes are also being rolled out everywhere - which Country do you trust to run your data through?
I remember the New Zealand Christchurch attack on a mosque, and how multiple governments around the world pressured Facebook to remove it entirely [3]. They were more worried about people seeing and sharing the attack, than the attack itself. The manifesto was entirely banned [4], and people were left entirely dependent on the state to convey a narrative about the attack.
I have a feeling that this all fell out of the "Christchurch Call" [5]. I don't think this recent push spearheaded by them, but I believe it had a large influence on the efforts now ongoing.
I agree with everything you have said. I feel so very, very blessed to have had the experience of this world developing that I have had - from my first 300bps BBS connection at probably around age 8 or 9, through 28.8, 56K, ISDN, DSL & up to the gigabit fibre I type this from, I have always from basically from day 1 communicated with other people over a network. It's almost as intrinsic to my being as actual speech at this point. Maybe even more so on many days. But where we are now and headed to, is just so very, very wrong. It's so wrong it shouldn't even need explanation.
I've seen and experienced all manner of things the state would deem verboten, especially for younger eyes, whether it be the anarchists cookbook sparking my enthusiasm for chemistry and engineering, warez igniting my love of software development or the inescapable porn, memes, and other shit that's filled my screen for decade after decade.
I've managed to make it through unscathed, dare I say even somewhat publicly respectable... I'd vote for my kids and any others having my childhood over the toxic stazi-esque nightmare we seem to currently find ourselves in. I LOVED my childhood growing up with the internet, CD-R's, Napster, etc. it inspired me & helped create the life I live today, but now all the kids using tech just look like methed out zombies.
It's also really funny reflecting on this & realising how very little I ever used or valued anything like Facebook, Instagram, etc. whereas things like BBS's, IRC, Discord, Telegram, etc. with random strangers and some shared interests is where I've always felt at home.
SuddsMcDuff 23 hours ago [-]
So many of the outrageous things the UK government is doing, which seem most inexplicable, can be explained by one simple principle - successive governments over the last 30 years have turned this nation into a tinderbox, the purpose of the state and the judiciary in particular has become singular in its effort to prevent a spark from igniting the whole thing. Though they will become ever more authoritarian and tyrannical in their efforts, defenders dilemma applies - eventually, inevitably, they will fail and all hell will break loose. Plan accordingly.
benj111 13 hours ago [-]
From a UK politics perspective I don't really get this.
New labour certainly have an authoritarian streak. I remember when they tried to introduce ID cards but there was a load of push back. But they are also somewhat friendlier to 'the youf' but this seems squarely aimed at the Daily Mail brigade.
It just seems like they're trying to out conservative, the Conservatives.
Maybe I'm trying to make sense out of something that isn't?
throwaway6af03 22 hours ago [-]
Publishing under a throwaway account for obvious reasons.
I've felt this slide in the UK for a long period of time. I route _all_ of my traffic through Mullvad with DAITA [1] because I think it's the only the likes of chaffing and winnowing [2] that can defeat traffic analysis. The endpoint changes. I have a high-end SBC router. For the moment, I do not obsfucate the fact that the tunnels exist and are wireguard. Mullvad can disguise them effectively with QUIC / SNI obsfucation, or even vless / xray / vmess. They're quite good at that.
I also have an Amsterdam VPS and it runs wireguard. My phone has a wireguard client to it. It's a reputable VPS provider from a major cloud hosting company. It has a reverse WG tunnel to my house not through mullvad (I have a public IPv6 address range, but not IPv4); my phone (and partner, friends etc phones) get access to my local servers and resources and then all traffic goes out anonymously through mullvad. I also have another VPS, paid for in cryptocurrency (XMR) that I mine in the winter (the waste heat is cheaper than gas heating where I live, if you assume the compute is paid for...). This acts as a port forwarding host and it connects via another WG tunnel or two to my server, doing tunnel-in-tunnel, but essentially is a reverse proxy host.
I naturally run a recursive resolver _and_ dnscrypt on the ISP connection for bootstrapping.
This gives me _some_ degree of anonymity, I feel, online: I've inspected the traffic going through the ISP router and you see remarkably little, especially with QUIC SNI spoofing turned on. The volume of traffic is quite large and probably idiosyncratic – the endpoints are known – which is the biggest problem amongst all of this. But I have _privacy_ and for me that matters a lot.
I think this age verification, KYC, show your faces stuff is organised internationally on two very simple predicates:
1) Disinformation or political interference provided by Russia and possibly China have affected national election results in many democracies (Brexit, likely Trump, probably more). Controlling the narrative is increasingly viewed as absolutely required by the political class. This is difficult with social media, and strong identity verification makes it more obvious where at least your enemies are.
2) Online actions are increasingly having real world consequences and the establishment wants to be able to more easily _punish_ those people who have broken "the law". This is related to, but distinct from, point 1. There are plenty of examples of this in the UK – but more widely spread worldwide. Having strong identity verification makes it easy to catch people, and if you do that enough, change behaviour (the single biggest determinant of which is shortening the time between "offending" and being caught).
Minor points I think behind this are:
1) A fear of a large-scale war and worries about information security, population influence, and associated military shadowy figures saying things
2) A fear (or fact) of encryption making any sort of content dragnet much harder. Most large web presences undoubtedly have backdoors but genuine p2p without exposed metadata is a fear of the spook community because they kill people on the basis of metadata and machine learning state-of-the-art...as it was in 2014 [3] -- I am sure they do the same now. The reason for metadata is that it is accessible, by design, everywhere. VPN ± tor usage is probably ubiquitous amongst some genuinely bad actors, and they will have spent considerable resources being able to unmask those actors. Depending on the technique, it may genuinely make it much harder if there is a large fraction of the population actually using those tools.
3) Some genuine transnational rise in avoidable harm, like CSAM; some genuine transnational rise in political harms, like the (oft-religious) right.
"who also have the rights to freedom of expression and privacy", plenty of outlets for people to be expressive in the UK (more so than in the US for example, where the right wing will obviously attack any social media restrictions) that don't involve being fed junk divisive content from mainly US tech companies.
Privacy != anonymity.
Feel free to route your traffic via Wireguard. As long as it is not setup as a service for the mass evasion of age gates by children.
NVHacker 5 days ago [-]
Nice try ! But the fact that the solution to protecting children comes with the maximum boost of government powers in the online world (across the set of all possible ways to protect children) is not a coincidence.
like_any_other 5 days ago [-]
> Privacy != anonymity.
Exactly. You can have your own misgivings about the UK government at home, in private, and share them with no-one. Or you can share them on the online public square, knowing the UK government will know exactly who wrote them. Good thing they never abuse their power of prosecution!
dofm 4 days ago [-]
The government literally doesn't prosecute anyone.
It is done by the CPS, which operates independently of government and the police.
If I were a betting man I'd place a bet that you are further misinformed about the prosecutions you believe are happening and why. But I am not.
like_any_other 4 days ago [-]
> It is done by the CPS, which operates independently of government and the police.
I should have written "state", not "government", you're right. Does that change anything? But, article 35 of the Chinese constitution guarantees their citizens freedom of speech and of the press. You're beyond naive if you believe they're independent.
> If I were a betting man I'd place a bet that you are further misinformed about the prosecutions you believe are happening and why.
UK politicians admitted the Online Safety Act was: “not primarily aimed at … the protection of children”, but was about regulating “services that have a significant influence over public discourse” - https://archive.md/2025.08.13-190800/https://www.thetimes.co...
1. Nginx Proxmox LXC container with domains that require digital ID such as X. I can easily add or remove domains to it via Ansible.
2. Mullvad VPN server/client setup on OPNSense
3. OPNSense Firewall rules with aliases from the local lists from step 1
4. Every time I access X or whatever, OPNSense firewall rule redirects that traffic via the Mullvad VPN Gateway bypassing the digital ID enforcement
5. I host Pihole + Unbound recursive DNS so I have full control over my DNS. Recursive DNS uses the 13 root nameserver, I do not use public DNS such as Google or whatever, in fact, they are all blocked.
My data under my control.
Honestly surprised that works given Google loves to hardcode DNS queries using their DNS Resolver into many things (Google TV, Android, etc).
I'm assuming you are using NAT Redirection (Port 53), blocking DNS over TLS - DoT (TCP Port 853), using SNI FIltering to block DNS Over HTTP (DoH). Not sure how you handle Encrypted Client Hello.
My Samsung smartTV has Google DNS hardcoded in it, that is why I do what I do.
No matter if I set my phone DNS to Google, OPNSense NAT redirects any DNS to Piholes only, and since public DNS, DNS-over-TLS and DNS-over-HTTPS are blocked, only Piholes forward it to Unbound. Only Unbound can request DNS and OPNSense enforces that.
Unbound is recursive DNS with is own caching so everything happens localy, surfing the internet is insane fast.
As for the digital ID, the DNS happens locally but the traffic is forward to Mullvad VPN Gateway.
I don't wanna hide my traffic, I just don't wanna this mass survilance on my personal information. My social media accounts are burner, no real name, no photos, minimal apps installed on my GrapheneOS phone and I have a complete normal digital life without sharing my shit haha
Not trying to be facetious, but how do you know you are blocking them all? I thought one of the reasons for using DNS-over-HTTPS was to be able to avoid detection.
Spend 5 minutes on X, Instagram or even worse Snapchat for you to see what these minors are doing. A lot generation, all for likes.
GenZ is so cooked, by the time they reach their 30s, damn.
Gen Alpha being born within the digital and AI world is even more cooked.
And from what I remember of the coverage of the scientists presenting their case in the UK there wasn't enough evidence to say whether it had an impact on children.
Personally I think ipad as babysitter is more to blame, but until the proper studies are done it's all just speculation.
Proper study??
Look around us, kids are talking to ChatGPT instead of running, playing, instead of being kids.
Kids cannot speak and yet have a tablet to interact with, by adulthood those kids are cooked.
Teens at school can't read, they have been using ChatGPT to cheat exams. If somebody tells me that more study is required to prove what is right there in from of our eyes, that somebody is part of the problem, full stop!!
Isn't that a symptom of other things? I'm an elder 'millenial' playing out was already decreasing when all we had was a nes and 4 channels on TV.
Unfortunately now we have to 'protect' kids from the dangers outside. Which necessarily means them spending time inside.
Yes, as adults we now spend loads of time in our places of work on devices but generally in the pursuits of doing productive things.
And while I haven't looked up the stats, I don't feel like it's exceedingly more dangerous for kids to play outside today than it was back in the 00's, 90's, 90's etc. I just feel as though we're more aware of the dangers of what _could_ happen to kids - all of which is a facet of the media/social media pressure and scaremongering.
Plus there are still loads of feral kids allowed to roam around and be little shits anyway.
It's either that or I just consider the internet dead and move on. It's nothing like it was 20 years ago anyway. There are other things to do. Many books to read and places to go. We had something really cool and we were lucky to experience it while it lasted, but it's gone now.
I’ve come to the conclusion the only thing you can really do is leave when you disagree with the direction of your country, but of course not everyone has the ability to do that.
If enough people feel strongly about it to go onto the street and wave placards, that starts getting noticed and has to be acknowledged.
Of course, the UK (and others) have started making protests illegal, because they are doing things that we should feel strongly enough about to go and wave placards at them.
I've had plenty of conversations recently where people say "yeah, but social media is harming kids. Banning it is good". People broadly see the headline "think of the children" and think, "yup, let's protect children".
To me, there's all sorts of downsides - the death of small discussion forums, pushing interesting online experiences out of the reach of teenagers, the creeping surveillance and, worst of all, the complete end of the open internet (when inevitably it doesn't actually work). But most non-tech people just don't see that.
The currently in place age verificaton system is a joke. It's trivial to circumvent them - not just via VPN, but also because there's countless websites that just don't care. The social media ban will bring more of the same - and then they'll have to ban VPNs and bring in website firewalls.
Who wins? The established tech companies, who have big enough legal departments to comply with increasing red tape. How is a new social network going to legitimately compete with Facebook now?
But when I say all this to people I know, they just don't see it. Most people are not tech people.
That often is democracy: what's popular isn't always what's best.
Freedom and liberty should be the foundations of a healthy society. Democracy should be reserved only for those things that must be decided collectively and universally enforced.
What kids do on their phones doesn't even come close. Let parents and vendors decide what their kids and customers can do. I've met plenty of well-adjusted kids who aren't on social media because their parents don't let them.
When they do, they will change their mind (and probably protest loudly that they never wanted it in the first place).
See Brexit for a clear example.
I also think there's more of what I'd call "grassroots British libertarianism" than you'd expect. It's just in tension with Daily Mail-ism, often in the same people. They just don't want onerous rules applied to them.
I'm pretty much at this stage too. The web/internet was a frontier like the Wild West. But those wild days are gone and are never coming back. Cyberspace has been settled.
https://www.youtube.com/watch?v=HkpcYv9Qm5w
If they can't be arsed to answer you, then you shouldn't be arsed to vote for them, at least in my opinion.
You cannot travel into the US without providing access to your Social Media accounts. Pretty likely you get denied if you say "I don't have social media".
You can also recreate a smaller network and enjoy it as a silo, disconnected from the Internet, at times.
There's no need to be off the grid 24/7 to feel the relief.
It's deeply relaxing to pull the (Internet) plug (I do, literally, physically remove one ethernet cable from a switch right underneath my monitor and I've then got several machines happily communicating only on the LAN: no more Internet).
Maybe I'm having fun with my latest acquisition: modelling parts to fix stuff left and right around the house by 3D printing them (I bought a 3D printer for that: I had many things I needed to fix and I knew I'd be able to fix them properly by printing adequate parts). No need for the Internet to model, slice and 3D print.
Such an activity does feel like the computing of yore: it takes me back to a time when it was me and a 8-bit machine. Creating stuff "by code" (which now take physical form at home, which 11-years old me would have find utterly mindboggling btw).
> There are other things to do. Many books to read and places to go.
And hobbies. As a kid from the eighties I love cars from the late 80s/very early 90s: not much electronics, not spying on you. Sure they're a bit of gaz guzzlers but then half the fun is fixing stuff on them and the other half is talking about them with other enthusiasts: there's no need to drive 10 000 kilometers a year with those.
When you take time to disconnect a bit from the Internet, then I'd say when you're online (like I'm now) it all feels way more tolerable.
No need to go full luddite IMO but YMMV.
> Maybe I'm having fun with my latest acquisition: modelling parts to fix stuff left and right around the house by 3D printing them
Isn't California proposing to put you in jail for having a 3D printer without an internet connection to tattle on you and killswitch your printer if some unaccountable internet service decides you're printing something "bad"?
:sigh:
I wrap the outbound sock5 traffic in mTLS, so it should look "normal" to anyone packet sniffing (not obvious proxy/VPN traffic), even though stealthiness isn't part of the threat model at the moment.
There's a decent legal ethical argument that LLM output isn't copyrightable, and for me a "one shot vibe code" definitely _isn't_ "your creative work", so the copyright that open source licenses rely on probably doesn't exist there.
I wonder if a new category of "non copyrighted shared source code" needs to exist for people who use Gan AUI to create genuinely useful software which would ne a net positive to society if shared, but that doesn't risk murkying the waters and undermining the copyright basis that licenses like GPL and Apache and BSD and MIT rely on?
All "open source" licenses rely on copyright. If copyright did not exist, GPL and BSD and MIT (and all the other software license options, open and commercial) would be unenforceable.
(I'm less convinced that you seem to be about whether there arte any good reasons for copyright. I believe real "creative people" like authors and musicians and artists and film makers _should_ have a legally enforceable monopoly to control use of and to generate income from their creative work. That shouldn't be "Micky Mouse" effectively eternal control, but there should in my opinion be some legally protected "ownership" that a creator has where they can prevent other people copying/recreating/misusing/profiting from their creation. Whether this should ever have applied to softwares something for a more nuances discussion t6hat a website comment section...)
However, there's no compunction to publish the generated code, even if it's public domain.
We end up in a strange nega-OSS world where all code can be used by anyone for any reason, if you can get your hands on it.
I was more talking about the weird space we're getting into where code is completely open, because it was generated and cannot have any copyright protection, but also unpublished, and so effectively proprietary. The opposite of OSS, where code is available but protected by copyright-based licenses.
If the government blocks Mullvad then I’ll just switch to Wireguard on a Helsinki based VPS via Hetzner.
I used to run my own mail server back until about 2014 or 2015, end even then it was practically impossible to reliably send mail to any of the major email providers from and ip address from Linda/AWS/Hetzner/DigitalOcean et al. I'm pretty sure porn sites and unmoderated web forum type thing that have lawyers advising them will soon be blocking not just UK ip addresses, but the bulk of the easy to identify VPN services and VPS providers.
-- John Gilmore (probably https://quoteinvestigator.com/2021/07/12/censor/)
There are companies that have gotten very good at virtual border control while selling stuff to e. g. the chinese and russians that are allegedly in talks with the UK govt.
https://psyonik.tech/posts/a-guide-for-wireguard-vpn-setup-w...
For this particular use case, I would probably suggest something like OVH/Scaleway as they have nodes in France so physical distance between UK and "somewhere else" is low which will affect latency. If you're willing to wait longer and go further, I recommend Infomaniak (Switzerland - they have nodes in Geneva I think/Zurich). Hetzner (a crow favorite) hasn't been that good for me while I was in the UK, I was getting dropped packets even after switching a few VPSes, but might've just been something temporary.
VPNs are trivial to ban, the IP space is well known, Wireguard is easily to fingerprint and block.
It will be a cat and mouse game, if the government looses this they'll simply make it illegal to be caught using a VPN including Tor. Which is on the table.
The only way this changes is a less crap party, but almost all including Reform are in favour of more censorship.
https://www.theguardian.com/politics/2025/jul/28/reform-uk-v...
https://www.msn.com/en-gb/news/uknews/reform-pledges-to-scra...
https://www.independent.co.uk/news/uk/home-news/nigel-farage...
Zia Yusuf : "... criticised sections of the legislation that allow ministers to direct regulator Ofcom to modify its rules setting out how companies can comply with requirements to crack down on illegal or harmful content, saying it was “the sort of thing that I think (Chinese president) Xi Jinping himself would blush at the concept of”."
And the more radical Restore say this:
https://www.restorebritain.org.uk/restore_civil_liberties
Good luck, it will probably impossible as admins fed up with AI scraper bots increasingly choose to outright blanket ban anything not being a residential or business line. There's a reason why there are so many "ethically sourced proxies" aka people installing software on their smart TVs and whatnot that comes with an "monetization SDK" by one of the numerous VPN providers. That's the dirty secret behind a lot of the "bypass youtube/netflix/whatever region lock" VPNs.
In the end, both are deceived. The customer thinks there are no ethical issues attached to their VPN provider, the ones whose IP addresses get abused don't even know what's going on.
The current UK government don't actually care about children, if they did then they would actually investigate the child SA gangs, or holding people to account on the Epstein lists. We have seen other countries such as Australia [1] "magically" have the same idea at the same time, so this is likely a global group influencing this push.
> The current proposal to ban people under 16 - who also have the rights to freedom of expression and privacy - from some (as yet not fully delineated) social media services is likely to result in wide-spread verification.
This is the real objective, it will be just like the UK porn verification [2]. To express yourself online, you will soon need to associate your activity with your real identity. With the discussion of clamping down on VPNs, it won't be long before you need to verify your ID just to connect to the internet.
This has been a long time coming. Years ago you could buy a sim card with money already on it, use it, and then throw it away. Now you need to associate some credit card or ID with the sim card and perform some verification process.
> And so, for the first time, I am considering locating something (perhaps a WireGuard node, or a SOCKS proxy, or a recursive DNS server / DNS proxy, or perhaps all of them) somewhere on the Internet outside the UK, so that I can route some traffic through that, as needed, to maintain my access to the web.
It won't be enough. At some point the UK government will just mandate that they should be allowed to perform deep packet inspection, and then there will be nowhere left to hide. These changes are also being rolled out everywhere - which Country do you trust to run your data through?
I remember the New Zealand Christchurch attack on a mosque, and how multiple governments around the world pressured Facebook to remove it entirely [3]. They were more worried about people seeing and sharing the attack, than the attack itself. The manifesto was entirely banned [4], and people were left entirely dependent on the state to convey a narrative about the attack.
I have a feeling that this all fell out of the "Christchurch Call" [5]. I don't think this recent push spearheaded by them, but I believe it had a large influence on the efforts now ongoing.
[1] https://www.bbc.com/news/articles/cwyp9d3ddqyo
[2] https://www.ofcom.org.uk/online-safety/protecting-children/a...
[3] https://www.bbc.co.uk/news/business-47620519
[4] https://www.theguardian.com/world/2019/mar/24/censor-bans-ma...
[5] https://www.christchurchcall.org/
I've seen and experienced all manner of things the state would deem verboten, especially for younger eyes, whether it be the anarchists cookbook sparking my enthusiasm for chemistry and engineering, warez igniting my love of software development or the inescapable porn, memes, and other shit that's filled my screen for decade after decade. I've managed to make it through unscathed, dare I say even somewhat publicly respectable... I'd vote for my kids and any others having my childhood over the toxic stazi-esque nightmare we seem to currently find ourselves in. I LOVED my childhood growing up with the internet, CD-R's, Napster, etc. it inspired me & helped create the life I live today, but now all the kids using tech just look like methed out zombies.
It's also really funny reflecting on this & realising how very little I ever used or valued anything like Facebook, Instagram, etc. whereas things like BBS's, IRC, Discord, Telegram, etc. with random strangers and some shared interests is where I've always felt at home.
New labour certainly have an authoritarian streak. I remember when they tried to introduce ID cards but there was a load of push back. But they are also somewhat friendlier to 'the youf' but this seems squarely aimed at the Daily Mail brigade.
It just seems like they're trying to out conservative, the Conservatives.
Maybe I'm trying to make sense out of something that isn't?
I've felt this slide in the UK for a long period of time. I route _all_ of my traffic through Mullvad with DAITA [1] because I think it's the only the likes of chaffing and winnowing [2] that can defeat traffic analysis. The endpoint changes. I have a high-end SBC router. For the moment, I do not obsfucate the fact that the tunnels exist and are wireguard. Mullvad can disguise them effectively with QUIC / SNI obsfucation, or even vless / xray / vmess. They're quite good at that.
I also have an Amsterdam VPS and it runs wireguard. My phone has a wireguard client to it. It's a reputable VPS provider from a major cloud hosting company. It has a reverse WG tunnel to my house not through mullvad (I have a public IPv6 address range, but not IPv4); my phone (and partner, friends etc phones) get access to my local servers and resources and then all traffic goes out anonymously through mullvad. I also have another VPS, paid for in cryptocurrency (XMR) that I mine in the winter (the waste heat is cheaper than gas heating where I live, if you assume the compute is paid for...). This acts as a port forwarding host and it connects via another WG tunnel or two to my server, doing tunnel-in-tunnel, but essentially is a reverse proxy host.
I naturally run a recursive resolver _and_ dnscrypt on the ISP connection for bootstrapping.
This gives me _some_ degree of anonymity, I feel, online: I've inspected the traffic going through the ISP router and you see remarkably little, especially with QUIC SNI spoofing turned on. The volume of traffic is quite large and probably idiosyncratic – the endpoints are known – which is the biggest problem amongst all of this. But I have _privacy_ and for me that matters a lot.
I think this age verification, KYC, show your faces stuff is organised internationally on two very simple predicates:
1) Disinformation or political interference provided by Russia and possibly China have affected national election results in many democracies (Brexit, likely Trump, probably more). Controlling the narrative is increasingly viewed as absolutely required by the political class. This is difficult with social media, and strong identity verification makes it more obvious where at least your enemies are.
2) Online actions are increasingly having real world consequences and the establishment wants to be able to more easily _punish_ those people who have broken "the law". This is related to, but distinct from, point 1. There are plenty of examples of this in the UK – but more widely spread worldwide. Having strong identity verification makes it easy to catch people, and if you do that enough, change behaviour (the single biggest determinant of which is shortening the time between "offending" and being caught).
Minor points I think behind this are:
1) A fear of a large-scale war and worries about information security, population influence, and associated military shadowy figures saying things
2) A fear (or fact) of encryption making any sort of content dragnet much harder. Most large web presences undoubtedly have backdoors but genuine p2p without exposed metadata is a fear of the spook community because they kill people on the basis of metadata and machine learning state-of-the-art...as it was in 2014 [3] -- I am sure they do the same now. The reason for metadata is that it is accessible, by design, everywhere. VPN ± tor usage is probably ubiquitous amongst some genuinely bad actors, and they will have spent considerable resources being able to unmask those actors. Depending on the technique, it may genuinely make it much harder if there is a large fraction of the population actually using those tools.
3) Some genuine transnational rise in avoidable harm, like CSAM; some genuine transnational rise in political harms, like the (oft-religious) right.
[1] https://mullvad.net/en/vpn/daita [2] https://en.wikipedia.org/wiki/Chaffing_and_winnowing [3] https://arstechnica.com/information-technology/2016/02/the-n...
"who also have the rights to freedom of expression and privacy", plenty of outlets for people to be expressive in the UK (more so than in the US for example, where the right wing will obviously attack any social media restrictions) that don't involve being fed junk divisive content from mainly US tech companies.
Privacy != anonymity.
Feel free to route your traffic via Wireguard. As long as it is not setup as a service for the mass evasion of age gates by children.
Exactly. You can have your own misgivings about the UK government at home, in private, and share them with no-one. Or you can share them on the online public square, knowing the UK government will know exactly who wrote them. Good thing they never abuse their power of prosecution!
It is done by the CPS, which operates independently of government and the police.
If I were a betting man I'd place a bet that you are further misinformed about the prosecutions you believe are happening and why. But I am not.
I should have written "state", not "government", you're right. Does that change anything? But, article 35 of the Chinese constitution guarantees their citizens freedom of speech and of the press. You're beyond naive if you believe they're independent.
> If I were a betting man I'd place a bet that you are further misinformed about the prosecutions you believe are happening and why.
UK politicians admitted the Online Safety Act was: “not primarily aimed at … the protection of children”, but was about regulating “services that have a significant influence over public discourse” - https://archive.md/2025.08.13-190800/https://www.thetimes.co...
Even viewing "terrorist" material carries a potential 15 YEAR jail term: https://www.bbc.com/news/uk-41479620
It's OK to be white and similar stickers landed a man in jail: https://www.bbc.com/news/articles/c51zn2l33r9o
https://www.spiked-online.com/2024/03/04/the-tyrannical-jail...
I don't know how much worse you need it to be.
They're still people, don't be weird.
In practice, if you lose one, then you also lose the other.