VPN providers see blocking orders as a threat to security and some consider exiting France, if blocking measures are granted.

  • @[email protected]
    link
    fedilink
    English
    0
    edit-2
    5 days ago

    VTI notes that the French request isn’t the first time that VPN services have faced external interference. China, Russia, and Iran, have imposed VPN regulations in the past for varying reasons.

    “This case in France is part of a broader global trend of regulatory overreach, where governments attempt to control encrypted services under the guise of content regulation. We’ve already seen how China, Russia, Myanmar, and Iran have imposed VPN restrictions as part of broader censorship efforts.”

    I’m not really enthusiastic about this route, but I’m not convinced that this isn’t more-or-less the end-game globally for the Internet.

    A government that wants to control what information is accessible to citizens can put pressure on payment providers, but that only covers commercial services.

    They can block at the network level, a la China’s Great Firewall. But VPNs defeat that. Yeah, okay, it still means having to pay for and install VPN software, and that still creates a barrier to users, but have enough stuff that users want blocked, and you’ll have ever-easier-to-use VPN software packages.

    The only real option that a government then has if they want to control content accessible on the Internet short of radical things like the North Korea route (which in significant part consists of “you don’t get Internet access”) is to register and whitelist VPN providers at their network borders, require those to perform blocking internal to the VPN, and then ban non-approved VPN providers. And a lot of countries want to control what information is accessible to people in their country, whether for copyright-infringement reasons, because some information is politically-objectionable to the government, because they want to try to fight disinformation, because they want to have morality laws enforced (e.g. some Middle Eastern countries don’t like having LGBT sites on the Threadiverse accessible and apparently block them), or you name it.

    • @[email protected]
      link
      fedilink
      English
      04 days ago

      Not sure if blocking/whitelisting providers is even feasible. Just about every big company uses VPN to let employees connect to the intranet

      • @[email protected]
        link
        fedilink
        English
        0
        edit-2
        3 days ago

        There is already precedent for that. Wireguard/OpenVPN traffic going out of the country is blocked, the same traffic within thwecountry is allowed. However, then we have issue with protocols mimicking normal HTTPS… So they may block the ranges of popular hosters instead. But I doubt it would be done to a full extent even in an extreme situation because way too much breaks… And the Internet is still much more than Hetzner or OVH.

        P.S. From what I have seen, people have even been doing setups of two servers - one inside the country running WG/OVPN that their and their family or friends’ devices connect to, and one abroad - connected to the first one using a stealthy protocol that you could change at any time if the censorship situation changes, without the end devices having to bother or noticing anything.

      • @[email protected]
        link
        fedilink
        English
        0
        edit-2
        4 days ago

        Corporate VPNs are going to create some level of problems, but there are definitely countries that are doing VPN restrictions even though corporate VPNs exist.

        Corporate VPNs have come up before as something that Russia’s policies could create issues with, and my guess then — though I haven’t dug into the situation — was that what Russia was going to do is not actually crack down on VPN use unless there are a lot of users using one VPN provider. That’s enough to make life a pain in the ass for the average user. They can’t go use something like NordVPN.

        And…that’s good enough for the Kremlin. That is, they don’t need to get censorship of content to 100% of users to achieve their political goals. They just need to ensure that it’s not available to the bulk of users out there.

        There are gonna be people who go get some VPS abroad and tunnel traffic over ssh or something. But…those people don’t really matter from the Kremlin’s standpoint. That is, their model isn’t “there is some deep secret that is only available on the outside world’s Internet and if one copy of that gets in, everything falls apart”. They just need to be able to generally crack down on servers in Russia and make sure that content that they specifically don’t like outside of Russia is hard to get at for most users in Russia.

        kagis

        I can’t find discussion on Russia, but here’s some on China, and it does sound like that’s basically what the situation is there:

        https://old.reddit.com/r/sysadmin/comments/12dehxu/corporate_vpn_in_china/

        We have a Chinese office and an IPsec VPN to our main office in Belgium (for our ERP), it works but the legality is a question mark.

        This is what we did for like 7+ years. We never got bothered, but TBH I would have rather the CCP found out we were running a VPN and shut our business down. That way I wouldn’t have to be on call from 7pm-3am every fucking day.

        Funny side story- there were “drivers” and “security guards” who sat outside of our business all day in Shanghai that were constantly on our wifi. When we did MAC whitelisting, they just gave our staff another wifi router and asked them to plug it in somewhere. We blocked that too, so the staff started using their cellphones as hotspots for the drivers and security. We asked why they needed internet access and our staff said “Because they can get onto facebook with our internet.”

        Further down:

        S2S VPN tunnels are on but you need to fill in appropriate paperwork.

        You also need to have a local person designated as the contact for encryption keys if they are ever requested - and they must hand these over when requested (never actually had a request in 29 years - either current life or previous lives - then again - customers haven’t been doing anything that raises flags…)

        I can’t believe that China is actually unable to detect (non-steganographicly-concealed) VPNs at the border, like the Belgian IPSec VPN above. So they probably know perfectly well that there are unregistered, illegal corporate VPNs. They just aren’t going to bother cracking down down on an organization unless they feel that it’s reached the scale to be a problem, and if they do, then they’ve got a legal basis to do so.

        I would bet that the Chinese government does have a list of detected unregistered VPNs and how much traffic moves over them.

  • @[email protected]
    link
    fedilink
    English
    05 days ago

    These idiots think we will buy more French media. The same idiots that has been taxing hard drives and phones for years.

    I use a VPN because they spy on me, prevent me from accessing legit services from other European countries (actual TV channels, not streaming stuff), and prevent me from buying foreign books and movies.

    This law will only affect teenagers who will have to pay to watch soccer. I still won’t be able to legally access all the services that I like. I’ll still buy a lot of music on Bandcamp though, but I’ll never use their stupid broken platforms made with tax money.