The UK is gonna realize real quick they can't just ban their way out of the mess they have created. Most VPN providers are going to be outside their jurisdiction and players like Mullvad will have no way to actually comply because of the way their VPN's are setup.
The only step the UK can take is to force ISP's to block these VPN's which will kick off a cat and mouse game and for the reasonable technical, getting around any VPN ban will be as easy as spinning up an EC2 outside the UK.
>The only step the UK can take is to force ISP's to block these VPN's which will kick off a cat and mouse game and for the reasonable technical, getting around any VPN ban will be as easy as spinning up an EC2 outside the UK.
They can make it very difficult if they want, just look at China[1]. It's not impossible to get around, but it's not as easy as buying a random VPS, and following a tutorial for openvpn/wireguard.
Personally I don't think China is a good comparison in this case. Yes China has the great firewall but they also a highly top-down government whereas the UK us much more like the US.
Beyond straight government control, there's also the politics of all of it. China being a one party system doesn't really care if something is popular with the public but with the UK's parliamentary system, one wrong move and your party gets voted out of power.
However, even if politicians / clueless administrators acknowledged their actions aren't doing much I don't see those people / groups reaching for any other tool other than "let's ban / legislate more".
There's no going back for some folks who are so clueless.
It's not quite that hard. Hypothetically, you have a digital certificate, signed by the government, for your VPN provider with a list of VPN endpoints. Your client presents that certificate to the ISP, unblocking ports in that specific instance, to those endpoints. Otherwise, all common ports are blocked, and anything that smells VPN-y gets throttled.
Alternatively, the UK could have a self-service whitelisting system, when a legal entity signs a contract stating that traffic inside the tunnel is also filtered, at the endpoints listed.
Also: The UK government, believe me, does not expect 16 year olds to be capable of spinning up EC2. And if somehow they do, how are they paying for it?
As a dad of teenagers, I can confidently tell you every single school will quickly have at least one enterprising kid who will set up wireguard on an Oracle free tier box and charge other kids to use it. The government is essentially incentivising kids to dip their toes into criminality.
Those rules would only apply to VPN providers in the UK, so the whole mechanism would be pointless.
They could start whitelisting money / credit card transfers, I guess. However, reputable VPN providers already accept envelopes full of cash and crypto, so I guess the UK would need to start reading all international mail, and block crypto.
At that point, people could just use tor to bootstrap the VPN account + payments.
History says teenagers will figure this stuff out before adults (due to infinite free time and infinite bragging rights for knowing how to do it).
I believe it. The numbers are likely different between boys and girls.
It’s also easy to underestimate the number of kids raised in strict and/or religious households. Working with college students I’m constantly a little surprised at how many of them arrive at college with semi-strict religious upbringings that they continue.
Bush Porn. Here in Scotland, way back when I was, oh, 7, 8, 9 years old, always stumbled across discarded porn magazines in the woods I used to play in. Moved area when I was 11, once again, always used to stumble across discarded porn. Bush porn was a thing.
I have a grandfather who shared Scottish ancestry. In the "woods" of suburban Los Angeles he found some porn in the alleyway, and then stashed it under the "davenport" couch. My grandmother found it while cleaning in anticipation of our departure. I'll never forget the look on his face as he tried to extricate himself from that mess.
"Bush Porn" is a funny term. If you invented it, nice work.
Similar. Just not one :-) From 11 years old, going on and on, with about same age girls(and their mothers!(at the same time!)), most slightly older though, or really grown up, extremely fit female joggers in the forest(exactly 13tienth bday), a bunch of NUNS, female teachers, a bunch of(bi-sexual)nurses(exactly 16tienth bday), ...
All without much exposure to porn, which I've found to be ugly, from the little I've seen. Because it isn't real, and staged.
Whereas I effortlessly gave them ultimate bliss, without hurting them in any way, enjoying the glory of their moments very much.
All things being equal, I find it easier to believe in people being dishonest on a survey, than somehow never seeing a single article of porn by age 18.
Is this not going too far? It's a pretty weak "let's save the kids argument" that only serves to improve mass-surveillance outside of the argument presented. Like, this is the advent of strong thought policing and thought monitoring over the wires—oh no, you can't use a VPN because it's bad for "the kids"!
I don't think anybody thinks this has anything to do with child safety. It's not a coincidence that the UK, US and the EU, all working on implementing similar surveillance and censorship regimes. The platforms will develop the infrastructure, similar to the GFoC just privatized. The legacy media lost all influence with younger generations, just look at what the vast majority of young people think of Israel now. If the media can't fulfill its role anymore they need a big stick.
In the UK, most of our elected MPs are idiots. I cannot imagine they're anywhere near intelligent enough to be part of some sophisticated conspiracy while on the face of it saying "save the children". So it can't be coming from the MPs. If this is all a cover for full government control, where is it coming from? Who is doing the push and how are they keeping it secret?
Just in case anybody is under any false impressions: there is no grass roots movement pushing for this. this isnt "democracy run amok" or the Labour party pandering a little too much.
Labour arent interested in protecting children from pedophiles any more than they were interested in ensuring that Prince Andrew received justice for abusing a minor.
Deanonymizing internet users IS the point. The attack on civil liberties is the only point.
> Chris Sherwood, chief executive of children's charity the NSPCC, said Friday's new rules mean services "can no longer evade their duty for protecting children".
> For Prof Elena Martellozzo, professor of child sexual exploitation and abuse research at the University of Edinburgh, the rules send a message to the tech industry that "child safety and child protection are not optional".
> The Molly Rose Foundation, a charity founded by the family of Molly Russell - who took her own life at the age of 14 after seeing harmful content online - has said stronger legislation is needed to better protect children.
> Derek Ray-Hill, interim head of the Internet Watch Foundation, meanwhile welcomed the new rules for sites allowing porn but said "there is still more to be done".
I think there absolutely is pressure on the government for things like this. Certainly not mass pressure in all segments of the population but neither is the government acting alone.
> Just in case anybody is under any false impressions: there is no grass roots movement pushing for this.
I’ve actually been surprised at how many Hacker News comments have been in support of the UK’s regulations. There were a lot of “What’s the big deal? We already check IDs for liquor. Why can’t we do it for porn?” comments on all of the previous threads.
The slippery slope was brought up a lot but dismissed. I think a lot of people believed there was an easy solution that wouldn’t inconvenience them or creep into other areas of their lives.
> any more than they were interested in ensuring that Prince Andrew received justice for abusing a minor
Prince Andrew didn't break any laws in the UK, though, did he? Virginia Giuffre was 17 (over the age of consent) when she was photographed here with Andrew.
The USA didn't charge him and seek extradition so what was the UK to do?
We've been stealing from Peter to pay Paul since the 1970s, or rather the UK was in a mess in the 70s, so we raised money by selling off state-owned assets such as British Telecom, British Gas, the water board, and so on, to build the economy whilst dropping taxes (though the Laffer curve helped immensely), then we deregulated further to allow foreign ownership and investment in companies which resulted in things like the closure and hollowing out of British Steel, arguably a national security industry, and brands like Rowntrees, to pick one, now owned by Nestle and manufactured abroad. All we're left with is service industries and call centres. Perhaps that's harsh.
And now we're here in 2025, and the UK is running to stay still.
Through history, the people and the government have been close to parity. A sufficient amount of planning by everyday people with everyday equipment could topple a government.
If that parity, that use of force, that forceful evolution of government is to remain a possibility, we must sacrifice some security in order to maintain privacy from government and we must be able to possess tools for communication and offense and surveillance (drones).
Any government that can perfectly quash a rebellion is too dangerous to exist.
Some VPN providers let you mail them cash. Bitcoin or other crypto currencies are also pretty common payment methods. Honestly VPNs are cheap enough that there are a lot of options that don't require a debit/credit card.
If you are outside of UK's jurisdiction (i.e. EU), why would you even care if somebody from UK is paying by a debit card? What is UK going to do? Send bobbies on you?
EU/Asia-Pacific/US firms obey UK jurisdiction if they sell to a significant number of UK customers, believe it or not. Collecting and remitting UK VAT is normal, for example, so is recognising UK consumer rights, distance selling regulations etc.
Obeying the laws of the jurisdictions where your customers are is actually pretty central to successful international trade. Surprised to find anyone on this site who thinks otherwise.
Readit News
The only step the UK can take is to force ISP's to block these VPN's which will kick off a cat and mouse game and for the reasonable technical, getting around any VPN ban will be as easy as spinning up an EC2 outside the UK.
They can make it very difficult if they want, just look at China[1]. It's not impossible to get around, but it's not as easy as buying a random VPS, and following a tutorial for openvpn/wireguard.
[1] https://www.usenix.org/conference/usenixsecurity23/presentat...
Beyond straight government control, there's also the politics of all of it. China being a one party system doesn't really care if something is popular with the public but with the UK's parliamentary system, one wrong move and your party gets voted out of power.
However, even if politicians / clueless administrators acknowledged their actions aren't doing much I don't see those people / groups reaching for any other tool other than "let's ban / legislate more".
There's no going back for some folks who are so clueless.
Alternatively, the UK could have a self-service whitelisting system, when a legal entity signs a contract stating that traffic inside the tunnel is also filtered, at the endpoints listed.
Also: The UK government, believe me, does not expect 16 year olds to be capable of spinning up EC2. And if somehow they do, how are they paying for it?
Countries like Iran and China have been trying to block VPNs for years, and all they are doing now is heuristics.
For example I can tunnel traffic over a TLS tunnel. How do you distinguish that with everything else?
Speaking from personal experience, never underestimate a bored 16 year old with access to YouTube and a generous AWS free tier.
They could start whitelisting money / credit card transfers, I guess. However, reputable VPN providers already accept envelopes full of cash and crypto, so I guess the UK would need to start reading all international mail, and block crypto.
At that point, people could just use tor to bootstrap the VPN account + payments.
History says teenagers will figure this stuff out before adults (due to infinite free time and infinite bragging rights for knowing how to do it).
Am I the only one doubting that 30% of kids didn't see any porn by age 18? They're probably just uncomfortable admitting it, right?
It’s also easy to underestimate the number of kids raised in strict and/or religious households. Working with college students I’m constantly a little surprised at how many of them arrive at college with semi-strict religious upbringings that they continue.
"Bush Porn" is a funny term. If you invented it, nice work.
The neighbor kids' single father had a large stash which they were always going through.
I assume the "while" means the former isn't included in the latter.
All without much exposure to porn, which I've found to be ugly, from the little I've seen. Because it isn't real, and staged.
Whereas I effortlessly gave them ultimate bliss, without hurting them in any way, enjoying the glory of their moments very much.
Deleted Comment
Deleted Comment
Deleted Comment
Labour arent interested in protecting children from pedophiles any more than they were interested in ensuring that Prince Andrew received justice for abusing a minor.
Deanonymizing internet users IS the point. The attack on civil liberties is the only point.
> Chris Sherwood, chief executive of children's charity the NSPCC, said Friday's new rules mean services "can no longer evade their duty for protecting children".
> For Prof Elena Martellozzo, professor of child sexual exploitation and abuse research at the University of Edinburgh, the rules send a message to the tech industry that "child safety and child protection are not optional".
> The Molly Rose Foundation, a charity founded by the family of Molly Russell - who took her own life at the age of 14 after seeing harmful content online - has said stronger legislation is needed to better protect children.
> Derek Ray-Hill, interim head of the Internet Watch Foundation, meanwhile welcomed the new rules for sites allowing porn but said "there is still more to be done".
I think there absolutely is pressure on the government for things like this. Certainly not mass pressure in all segments of the population but neither is the government acting alone.
I’ve actually been surprised at how many Hacker News comments have been in support of the UK’s regulations. There were a lot of “What’s the big deal? We already check IDs for liquor. Why can’t we do it for porn?” comments on all of the previous threads.
The slippery slope was brought up a lot but dismissed. I think a lot of people believed there was an easy solution that wouldn’t inconvenience them or creep into other areas of their lives.
Prince Andrew didn't break any laws in the UK, though, did he? Virginia Giuffre was 17 (over the age of consent) when she was photographed here with Andrew.
The USA didn't charge him and seek extradition so what was the UK to do?
Dead Comment
Deleted Comment
And now we're here in 2025, and the UK is running to stay still.
If that parity, that use of force, that forceful evolution of government is to remain a possibility, we must sacrifice some security in order to maintain privacy from government and we must be able to possess tools for communication and offense and surveillance (drones).
Any government that can perfectly quash a rebellion is too dangerous to exist.
Most VPNs that are trustworthy and good for video are paid products, right?
So the VPN provider literally only has to prevent UK customers using debit cards to pay.
Problem solved.
Obeying the laws of the jurisdictions where your customers are is actually pretty central to successful international trade. Surprised to find anyone on this site who thinks otherwise.
Are they going to require an ID to buy a Raspberry Pi?