The UK has announced plans to fast-track legislation requiring “age verification for VPN use”.
-
-
The UK has announced plans to fast-track legislation requiring “age verification for VPN use”. The correct term, however, is not age verification but identity verification.
A law like this would require everyone to identify themselves in order to use a VPN. This would pose a risk to whistleblowers, violate human rights, and represent yet another step toward an authoritarian society.
@mullvadnet It's not like their key-disclosure laws don't already permit them to jail & prosecute literally anyone using it if they feel like it, since the law doesn't account for ephemeral keys or keys the user cannot provide. -
@wojtek @mullvadnet No there are not. This is a common lie. ZPK's make it possible for the service provider not to know your identity. They do not make it possible for the identity verifier not to know your identity or not to be able to collude with the service provider to unmask you.
@dalias@hachyderm.io @wojtek@social.vivaldi.net @mullvadnet@mastodon.online Collusion is the immediate dealbreaker. There is no technical way of preventing it with relation to information that cannot be created ex nihilo ad nauseam.
Or in other words, you cannot secure legal identities with ZKP.
You can secure (to some extent) arbitrary cryptographic identities that are not linked to legal identities.
-
@mullvadnet It's not like their key-disclosure laws don't already permit them to jail & prosecute literally anyone using it if they feel like it, since the law doesn't account for ephemeral keys or keys the user cannot provide.@lispi314 @mullvadnet UK security laws are a security issue. ill never forget the letter opener dude who got jail time for the Links sword (from zelda)
-
The UK has announced plans to fast-track legislation requiring “age verification for VPN use”. The correct term, however, is not age verification but identity verification.
A law like this would require everyone to identify themselves in order to use a VPN. This would pose a risk to whistleblowers, violate human rights, and represent yet another step toward an authoritarian society.
@mullvadnet They've lost their god damn minds.
-
@dalias@hachyderm.io @wojtek@social.vivaldi.net @mullvadnet@mastodon.online Collusion is the immediate dealbreaker. There is no technical way of preventing it with relation to information that cannot be created ex nihilo ad nauseam.
Or in other words, you cannot secure legal identities with ZKP.
You can secure (to some extent) arbitrary cryptographic identities that are not linked to legal identities.
@lispi314 @mullvadnet @wojtek The infuriating part is that *no one* without an extreme level of expertise in mathematical logic understands this, so the peddlers of ZKPs can just wave it around like magic fairy dust and bamboozle policy makers and privacy activists alike.
-
@alexanderdyas @djstreethawk @hypolite @mullvadnet
"... a non-partisan, expert organisation ...."
you mean... exactly what the civil service is supposed to be?I've seen some other problematic law recently, and it got me to wondering if the problem might be that the civil service has been hollowed out through years of excessive cuts, and has simply lost the people with experience and expertise to properly advise governments.
There may also be an issue of governments bringing their own people in, either because they don't trust the civil service, or more concerningly, because of outside influence.
I fear it may be a combination of all the above.
-
I have already setup a Wireguard VPN on one over my VPS, no questions asked
@ggrey As a Russian I should warn you that Wireguard wasn't designed to evade censorship — it could be easily detected and blocked by DPI as a whole protocol
@mullvadnet -
@mullvadnet Wait a sec, don’t online banks all use VPN’s? And most work from home setups?
@missnfranchised No problem, special whitelist for banks and organizations will solve this "problem". If some organization not in the whitelist — it is their problem, not the government one.
We, in Russia, already have this system and it works
️ -
@somebody@tech.lgbt @dalias@hachyderm.io @mullvadnet@mastodon.online @wojtek@social.vivaldi.net
\1. Don't take notes on a criminal fucking conspiracy.
I've never liked that quote.
Good luck making any conspiracy that isn't downright trivial (there's a reason the glowies take notes only to destroy them as soon as possible) or so loosely coordinated it might as well be described as cooperative and/or like-minded independent actors.
Of course if you're the one who decides what's criminal, then those conspiracies may not be criminal.
\2. Keep your mouth completely shut about it in hostile territory.
Also, compartmentalization.
\3. The code exists only in the minds of you and your co-conspirators. It is a keyed system of triggers, euphemisms, or synecdoches which maintains full plausible deniability at all times.
That has some pretty harsh limits.
Humans are not good at remembering things exactly and proximate semantic memory may lead to deadly mistakes, particularly where stress is a factor.
Splitting the secret can serve to mitigate some of this, but at some point the sum total collection of necessary parts will essentially be the secret in plain form unless all the secrets to maintain were sufficiently trivial that dynamic reconstruction is always possible and sufficiently reliable.
-
@sloanlance @mullvadnet It was never actually to protect the children, and always to enable mass surveillance & expand censorship
@Equity7804 @mullvadnet
Yes. I guessed that was the case.I just wonder why consumers don't question things like that, though. Why would age-verification be needed for VPN? Consumers should reject that requirement and switch to VPNs that don't do that.
-
@alexanderdyas @djstreethawk @hypolite @mullvadnet
This is true. It's made me wonder if the obstructionism shown by Sir Humphrey in Yes, Minister was actually a feature, not a bug. -
A alsternerd@akkoma.alster.space shared this topic
