128
Children of Men is a documentary
(hexbear.net)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 29 Jul 2025
128 points (100.0% liked)
technology
23894 readers
228 users here now
On the road to fully automated luxury gay space communism.
Spreading Linux propaganda since 2020
- Ways to run Microsoft/Adobe and more on Linux
- The Ultimate FOSS Guide For Android
- Great libre software on Windows
- Hey you, the lib still using Chrome. Read this post!
Rules:
- 1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
- 2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
- 3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
- 4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
- 5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
- 6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
- 7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.
founded 5 years ago
MODERATORS
I agree with everything you said. I did not claim that corporations would stop a "VPN ban", and as you said, a "VPN ban" would not try to ban VPNs, but it would target any kind of anonymity. Opposition to this should of course be supported. The law is an obvious deception to give law enforcement more power to use against anyone they wish, and terrible humor is my coping mechanism.
Now to your point about stopping 95% of the population from hiding their ID online, have they done so successfully in the past? I'm not trying to pin down the number, I get that it's probably just an estimation and youre talking about the "average person online". My guess would be, they use a VPN at best, but they do not use it in a way that actually makes them anonymous, like they would still log onto their E-Mail and Facebook and whatnot. My understanding is, that this makes any VPN useless for anonymity, but please correct me if that's wrong, I admit I'm not super well informed on that.
In my experience, and anyone I talk to in real life, the advice is to generally not even use phones to talk/message about organizing stuff. I mostly go by the assumption that the average person is already not able to hide their identity online, other than by "hiding in the crowd". Right now, the amount of data makes it hard for anyone to find anything, so people still get away with a lot of shit because noone is looking at them too closely. I think this might soon end, as law enforcement is starting to use software tools from Palantir, and the biggest critics of those tools in germany are apparently opposed to it, because it is a US product, and not a EU product. Police has not been bothered to check whether the use of this software to indiscriminately analyse personal data is even legal. Courts might intervene, but I'm not sure how relevant that is, because they will probably still allow the use of such tools in some capacity, and then police can just do some oopsies and use it illegally anyways.
I don't wanna dismiss people who rely on online communication a lot, I get that it's important for many. I think E-Mail and encrypted messaging in 1on1 messages is still sort of safe? But I wouldn't be surprised if that also has no future. Eventually the state figured out they could just open the mail of a "suspect", why wouldn't they do the same with online comms?
They never really saw a great need to. Western capitalism was strong enough it could afford to pretend to have these liberal freedoms and tolerance of speech and so on. Now it's not and it's discarding that mask.
Against a resourced threat actor directly attacking you yes. If you're a "terrorist group" then you're fucked by opsec mistakes like that. More complicated is that tech companies like Google, your email provider, bank, etc aren't really going to be interested in helping the feds coordinate and unmask VPN users. They'll either block VPN access entirely for their own reasons (risk compliance) or not. Facebook a bit more up in the air given how they're basically an info gathering operation for the west but still I don't think they're going to unless forced hand over lists of time, IP address, real name access logs of people connecting from VPNs for what? Hunting down people viewing porn? To do that you'd need either a tap on the porn provider's infrastructure or their cooperation (they'd rather just block VPN addresses at that point I think) or else to have compromised the VPN itself. You could try and do timing attacks I suppose. I tend to doubt that much effort will be expended on porn because it's simply not the real target just a convenient moral hazard to panic about and bulldoze over initial opposition with.
So in an absolute sense yes you shouldn't connect to things that connect back to your real identity while on your VPN, especially while on your VPN and in the same session from the same end-point doing things you want to hide from threat actors of a government kind. So for example if you create an anonymous Twitter account and post some violent threats on your VPN and then log into and browse facebook and do this a few times that's a way of potentially being caught or at least an attack surface you don't want. But in that example both Twitter and facebook are cooperating actively whereas I think porn sites would be less keen to cooperate on unmasking users rather than just blocking VPNs at that point. It could happen I suppose for government blackmail but I tend to think they'd just prefer the porn sites end up blocking VPNs at that point and force people to browse after submitting ID.
As to the hiding in a crowd thing. If they can actually use machine learning to sift through the vast NSA gathered signals intelligence in bulk at scale that would be the end of that strategy having any merit because they'd have total visibility and insight into most things and could even do traffic timing coordination attacks on a bulk scale and without significant mitigations that wouldn't be possible to easily defeat.
I tend to suspect things like Signal are compromised by a National Security Letter or other means. But those are "deep secrets" meant for catching valuable fish so not likely to be blown on anything too mundane like a moral panic. E-mail isn't really safe at all. You can hide message content using PGP (but unless you're exchanging your keys in person or taking great pains to obfuscate them that may not help if you exchange keys online via the same or similar mechanism) but not metadata which is what they most care about for crushing activists which allows them to create relationship graphs mapping out people with relations to others like members of an org.
Thank you, I think I will have to reconsider the usefulness of VPN. I may have been more pessimistic about them than warranted. I hadn't realized that metadata in E-Mails thing but that makes sense. Also too many people stay logged into their accounts all the time anyways, so it sucks when someone gets their devices confiscated.