rwillett

As would the hawks and other birds of prey

I'll bow to your greater experience here. I have done it on Linux a few times when working abroad, but it tended to be ad-hoc, then it got to be a fag, so I set it all up on a dedicated laptop and took that with me. I have a tiny matchbox sized unit I use now, which does all the hard work and gives me a private wifi network abroad with a VPN home. One day I'll go back to a sensible simple home network, I'm currently upgrading my Netgear Orbi 5 mesh network to OpenWRT, but until then I'll play. Anyway, I'm off to investigate how to run a true VPN over pigeons Rob

My pfsense VPN took around 15 mins to setup as I had to read the documentation, I then had to transfer files safely to my devices. I do feel I was letting the side down by reading the docs though https://www.comparitech.com/blog/vpn-privacy/openvpn-server-pfsense/ Not sure if thats a "true" VPN or not. Looks like one to me, works like one as it uses stuff like Tunnelblk, OpenVPN and Viscosity, all VPN clients. Works on my iPad, iPhone and Macbooks. I don't use Windows at home so can't comment on that. Its not advertised anywhere though. I also sometimes change the ports as some foreign ISP's in ski hotels have blocked the more common VPN ports. The French seem to like to do this for some reason, I have a feeling there's a law. Took a few seconds to sort that out. Thats how easy it is.

How is the ISP going to do this? Who is going to tell the ISP the block list that changes every second? Who is going to pay for the hardware and the software to do this? The second it's published it's out of date, mind you it was never accurate to start with. Who.is going to collate all the VPN'S in the first place? No obligation of foreign VPN'S to even publish their IP addresses they use, so how's an ISP going to know? The UK govt wouldn't know. How are you going to know that an https request to a non UK website isnt actually a vpn tunnel? The ISP can't know as it appears to be on port 443. How do you stop somebody tunneling through an ssh session? I run some of my ssh sessions on different ports as it's easier to configure on the firewalls. You'd have to do a man in the middle hijack to look at the initial handshaking, however to do that you'd have to spoof the TLS certificates. You see this with some WiFi connections as they try to manage the certificates and get it wrong. Also not everybody has an ISP. I've setup direct leased lines between businesses. Some people buy their lines. Some people pay to lay dedicated lines. I've had them explicitly laid down that follows certain routes in the road for redundancy so they go through roads. Some large companies have direct international lines. Some companies lease capacity on their lines at different times of the day and night. None of these use an ISP as they want to control what they do. How are you going to control those? The VPN genie is out the bottle now, its like saying to the ISPs to block porn. Too late, you can block the main sites but there are 10,000s of sites out there. You can't put the onus onto the ISP to do this, it would cost 10's of billions. The govt looked at this and backed off years ago. Netflix has tried to block VPN's and failed. There are simply too many and they change all the time. Also setting up a VPN on a home server is a true VPN. Just because its not sold or advertised doesn't make it any less of a VPN. It uses high grade encryption, if I wanted to use even higher grade, i'd probably go for dedicated hardware which isn't that expensive. There are so many different and easy ways to get around anything your ISP puts in place. Never underestimate the skills of a 16 year old boy wanting to look at adult sites.

The only way to stop VPN's this is to put a UK wide firewall and take charge of every single communications line in the UK, thats every company leased line, every fibre line, every microwave transmitter, every homemade Pringles wifi (https://www.makeuseof.com/tag/how-to-make-a-wifi-antenna-out-of-a-pringles-can-nb/), every analogue modem line, every satellite link, ever type of mobile connection, every modem. You'd also have to stop people standing at Dover occasionally getting French mobile providers. You'd also have to stop all the ham radio people as well, You them have to route every packet through possibly the worlds largest firewall system (that would dwarf the Chinese one). Check every packet and see where its going. Oh and nobody can use https or any encryption as they need to see everything in clear. So the banks, military, lawyers would love that.... We'd probably have to build a new nuclear power station or two to run all this new hardware. You'd also need Cisco or Juniper or somebody to have a dedicated production line setup just for the UK. The legislation necessary to seize all these comms would also have to be rammed through Parliament without recompense as this is about £1T of value. We'd also need most people in the country to actually run this system. I suppose by this time we'd have a military junta in place so a lot of the legal stuff will have gone by the wayside anyway. I'm trying to work out the most obscure way to set an TCP/IP network that could run a VPN. Of particular note is https://en.wikipedia.org/wiki/IP_over_Avian_Carriers however I'm not sure how to integrate VPN into that particular protocol. As an intellectual exercise it's quite fun. Similar to Pave the Earth https://www.reddit.com/r/pavetheearth/ Of course this is just my opinion. Others may disagree.

Unless you ban foreign based VPN’s thats a pointless activity. Anything like a white listed VPN isnt a VPN at all. i run a VPN system at home , i use it to access my home systems from abroad whilst not exposing any ports. I can chose the ports i use so no such rhing as standard ports to block. The Internet was explicitly designed to work around problems such as Washington being nuked and large swathes of infrastructure not being there. Unless the UK govt puts a firewall around the uk (aka China) and stops all traffic, it is a pointless activity.

Since the govt uses VPNs all the time, unlikely to happen.

I was thinking about doing that myself There will be people doing this for a living and there will be online forms to go through and tick the boxes. Rob

As she is your MP, she should reply in her capacity as your MP to one of her constituents, rather than as Home Sec. I would be somewhat surprised if her response is anything but 100% supportive of the Home Secretary. There is zero chance of the act being repealed, but there is a small chance that guidance will be more forthcoming and may be more explicit in defining things like small websites. The main targets of the legislation are: 1. The newspapers so the govt can be seen to do something, anything. 2. The various local party faithful who need to be assuaged that the govt is doing something, anything and are "thinking of the children". 3. A big stick to go after the large social media companies who to be honest do sod all when they could do an awful lot more. Twitter comes to mind here, Facebook is almost as bad, YouTube probably behind them. The govt has given itself a very big stick to beat these companies with. The companies will bleat and shout and whinge but they want the revenue that all of their social media brings to them, so they'll roll over and complain loudly about their first amendment rights and they'll be reminded that they have zero first amendment rights in this country, so no, you can't put out articles or crap falsely saying that a trans-left wing-immigrant-soros-supporter stabbed 97 people to death in a church in Stafford and then claim it was just opinion or somebody else reported it or "I was just asking the question" when other people turn up and start rioting. Words as well as actions now have consequences. 4. It also does give some stick to beat smaller websites up, but if Basschat promptly removes things that breach the T&C's, and so long as it's not clearly illegal, such as child pornography, I'd be more than astonished that it goes any further. Websites cannot be held liable (as far as I can work out from the briefing papers) if somebody posts something illegal and that is immediately flagged and removed. This would mean I could logon to Facebook using a fake account, post a whole load of stuff, log off (from my VPN1 and VPN2 and VPN3 all in very different countries), and Facebook has all the consequences. Whilst part of me thinks this is a great idea, I can't think it's true. If Facebook leaves it up after its been reported or flagged using some sort of content automation. then the law kicks in. 5. Most of the stuff they are really interested in is on the dark web. Sadly you can get just about anything there. and I mean anything. There is little chance of that being policed due to the way its designed and built. It was built to bypass censorship and this is the consequence. The govt in party can rant all they like about it, but there's zero chance of blocking that fromworking. There is the danger that this could be another dangerous dogs act or more likely it'll be focussed on the bigger social media companies, I suspect the latter but simply don;t know. Rob

I disagree that the politicians know what they are doing, they are, on the whole rather clueless about IT, but they want to be seen to be doing something and this is it. It's very much "won't somebody think of the children" and opposing this act will be played out as supporting paedophiles and terrorism. It's bad legislation, and Ofcom, who have wanted to expand their empire for some time, have taken it on with gusto. I would suspect they have asked for a significant budget increase to handle it. I'll try and find their budget and do some simple maths to see what extra they are going to need with 100,000 extra sites to police. A similar situation occurs with the toothless winder that is the ICO, lots of words and zero action. If Ofcom is the policeman here, they will have enough to do with the bigger social media companies before they get down to basschat. The potential scope of this act is scary. Your local village bowls club, 70 members, has a chat section about where the next game is against the village five miles up the road. Is Ofcom really expecting the 76 year old chair and 90 year old treasurer to go through all of the risk profiles? And then report them to Ofcom and keep it up to date. The reputational risk to Ofcom is enormous here. Fighting a large social media company fine, fighting a local bowls club or pigeon racing or local dance class? Not so sure. Just my 2p Rob

This looks interesting but I'm still trying to understand it. It's from Ofcom https://www.ofcom.org.uk/siteassets/resources/documents/consultations/category-1-10-weeks/270826-consultation-protecting-people-from-illegal-content-online/associated-documents/consultation-at-a-glance-our-proposals-and-who-they-apply-to?v=330411

I've just skimmed the Ofcom pages, all 84 pages. It's draconian, bureaucratic, process intensive, intrusive and impossible to police. The fact that further guidance is still to be published will mean this Ofcom will probably have to be revised, though it does look rather thorough at the moment. The basic premise of the act is that any U2U service is capable of being used for any of 17 different crimes. So the smallest website that allows input and comments becomes a potential vehicle for any of the 17 categories. This is unenforceable in my opinion. Note that this is my opinion. Ofcom will need to increase its budget 10x or more to handle all of the workload coming through. Ain't going to happen. I would suggest that every single website asks Ofcom as many questions as possible and drowns them in paperwork. I'm also going to look at what the legislation says, if I can get it.

You must be new here....

It's odd how some things work per measurements. Milk - Pints Miles per gallon , not miles per litre Beer - Pints Paint - Litres Height - feet and inchs Weight - Kg (now), took some time to convert but my electric scales are now in Kg rather than lbs and Oz Bass weight - Kg Wood measurements - inches as well as mm. Its mad how you go to a timber yard and they quote the width of wood in inches but the length in metres. At least they do around here. Cooking - Mainly grammes but occasionally cups. I have two daughters who like to cook and they seem happy with anything. Shirt collar size, waistband on trousers and inside leg - inches, sadly some are too big now Bottles of gin etc - Millilitres Shorts (alcohol not clothing) - millilitres but beer is in pints? Road speed - Miles per hour Road steepness - Percentage. Which is far more sensible but I still convert to 1:x which is far more difficult to understand Guitar scale and length - Inches

I live and learn, thanks for this.