I'm reminded of efforts in the 1990s to ban strong encryption in email and websites because governments tried to tell us it was used by drug dealers and pedos to do their nefarious activities.
Yes, governments really did want to force us to use HTTPS with only broken/weak crypto.
A device-side IP filter locked behind a password that parents can configure in the device's settings would be much more effective and easier to implement than censoring the Internet. This should be the default solution, yet it's never brought up for whatever reason.
Not to mention these online content censorship laws for kids are wrong in principle because parents are supposed to be in control of how they raise each of their own kids, not the government or other people.
And these laws make authoritarian surveillance and control much easier. It's hard to not see this as the main objective at this point. And even if it isn't, this level of stupidity is harmful.
> And even if it isn't, this level of stupidity is harmful.
How much more proof do we need that we're speedrunning the authoritarianism and frankly we're already somewhat authoritarian, it's just pluralism for now. Wait until the elites eat each other and only one dictator is left.
And cue the rise of self-hosted VPNs. 1 click to get a VPS instance, install VPN software, and make a connection. Automatically destroy the instance with another click or after a certain amount of time.
If this keeps going, they will ban self-hosting next: only government-approved hosts allowed.
We can't just rely on technological solutions because you can't out-tech the law at scale. People need to actually understand that the government is very close to having the tools needed for a stable technocratic authoritarian regime here in the US and all around the world. It might not happen immediately even if they have the tools, but once the tools are built, that future becomes almost unavoidable.
I feel like that'd take a level of surveillance that's technically unsustainable. But then again, sustainability isn't a consideration when it stands in the way of "better" control.
AI is the perfect low cost tool to enable that. Plantir knows this and has been making strategic moves to build this
Seems quite achievable and sustainable to me
Every human carries dense compute and sensors with them. If they don't they stand out while still surrounded by dense compute and sensors held by others at all times
Not nice to think about but it is the reality we are moving towards – vote accordingly
Stuff like this really reminds me how nobody is actually in control. Entire countries are just going where ever the rivers takes them with those supposed in charge not knowing any better and often worse than the rest and functionally being so clueless they’re passengers too
Wisconsin "porn" websites will just move out of Wisconsin.
The bill reads like you would think from someone who's been talking with the ceo of an age verification company. The bill gives the website two options: use a _commercial_ age verification product tied to gov't id checking, or "digitize" the web user's gov't id.
This sort of thing turns up very regularly in US politics, from the Comstock Laws to the Communications Decency Act. The late 90s even had a requirement to use easily breakable encryption (48-bit RSA) which big tech companies generally obeyed. And a worse proposal (the "clipper chip") which was never deployed.
Authoritarianism is not limited by your birthplace, it can turn up anywhere. And when it does people are often really enthusiastic about it.
As someone born in a post‑Soviet country with rather many odd digital laws--including one requiring that any use of encryption be registered with the department of commerce and the secret service (meaning no TLS unless you get a permit)--I can clearly see the endgame of similar proposals.
These laws aren’t meant to be followed. Their text is deliberately vague, and their demands are impossible by design. They aren't foolish, or at least their ignorance isn't needed to explain the system's broader function. They are meant to serve as a Chekhov's gun that may or may not fire over your head, depending solely on whether the people holding it decide like you.
In peaceful times, they fade into the background, surfacing only when it’s convenient to blackmail some company for cash or favors. In times of crisis, they declare a never-ending war on extremism, sin, and treason, fought against an inexhaustible supply of targets to take down in front of their higher‑ups, farming promotions, contracts for DPI software, and jobs updating its filters.
Historically, such controls were limited by the motivation and competence of the arms dealers, usually taking the form of DNS or IP blocks easily bypassed with proxies. With modern DPI, it's entire protocols going dark. Even so, those able to learn easily find a way around them. The people who suffer most are seniors, unable even to call family across the border without a neighbor's help, and their relatives forced into using least trustworthy messengers (such as Botim, from the creators of ToTok, a known UAE intel operation [0]) thinking they're the only way to stay in touch, not knowing how or wanting to use mainstream IM over a VPNs that may or may not live another month.
If wherever you are your votes still matter, please fight this nonsense. Make no mistake, your enemies are still more ridiculous than Voltaire could hope they'd be, but organizing against or simply living through a regime constantly chewing on the internet's wires is going to be a significantly greater inconvenience than taking _real_ action now.
Why ban VPNs when you can freely force social networks like HN to tie nickname registration to an state issued digital ID certificate to guarantee freedom of speech and legal accountability?
Not just social media, expect ANY app to be able to “verify” you through the new apple digital ID (android wallet soon I assume), the “verification is simple and seamless!!”, and add few Alegria drawings explaining why providing your ID helps defeating the “bad evil guys!!” and you are good to go.
To this day I have no clue what the point of this idea is. Forcing you to use an ID on the internet is the real world equivalent of making everyone you interact with take a photo of your ID. It's completely nonsensical.
Considering that most crimes require people to be physically present at the crime scene, it also doesn't seem to be a functioning deterrent at all in the real world.
Most of the bad behaviour is concentrated in "seedy" places, where you usually have to go out of your way to interact with that place. A real name policy doesn't change the nature of the place at all.
If anything, the places that would be most affected are the ones where people are roleplaying or pretending to be something other than "themselves". E.g. gay or transgender people, furries, MMO/MUD/MUSH players, streamers, etc which overall seem to be exceedingly harmless.
There is also the blatantly obvious problem that this only works on people who are risk averse to begin with. So it will basically have no effect on actual perpetrators, who see some risk vs reward tradeoff for their bad behaviour.
Isn't it Wisconsin law that lets the Governor change any numeric digits in a law while it's on his or her desk?
One of the most bizarre legal opinions I've ever heard of, but if they used any digits in the writing of the law those are up for grabs. Law makes a 30 day window or something? The governor can just change it to a million days with a stroke of the pen and then sign the edit into law with the same pen!
> Isn't it Wisconsin law that lets the Governor change any numeric digits in a law while it's on his or her desk?
Pretty close.
> (b) If the governor approves and signs the bill, the bill shall
become law. Appropriation bills may be approved in whole or
in part by the governor, and the part approved shall become law.
> (c) In approving an appropriation bill in part, the governor
may not create a new word by rejecting individual letters in the
words of the enrolled bill, and may not create a new sentence by
combining parts of 2 or more sentences of the enrolled bill
Well, let’s be honest — users of VPNs regularly don’t know what they are doing, too.
Can’t count how often I‘ve heard otherwise technologically literate people saying how they use a VPN (NordVPN e.a.) because „something something security“.
20 years ago the boogeyman was "the terrorists!" And now the boogeyman is "not the children!!" Or "immigrants!!" Depending on your audience's political views, but the ultimate goal is more surveillance, more control and more power abuse by who’s in control.
>Businesses run on VPNs. Every company with remote employees uses VPNs. Every business traveler connecting through sketchy hotel Wi-Fi needs one. Companies use VPNs to protect client and employee data, secure internal communications, and prevent cyberattacks.
Oh look, someone's conflating business VPNs and consumer VPNs again. This time to legitimize consumer VPNs.
The cited laws propose to ban pornography for minors, and ban VPNs that hide geolocation and their use in accessing pornography. Nothing to do with businesses using private VPNs to encrypt employee traffic.
>Vulnerable people rely on VPNs for safety. Domestic abuse survivors use VPNs to hide their location from their abusers.
Woah, maybe VPNs have some uses I haven't considered, let's take a look at the linked article.
>Use a virtual private network (VPN) to remain anonymous while browsing the internet, signing a new lease or applying for a new home loan. This will also keep your location anonymous from anyone who has gained access to or infiltrated your device.
I think the loan thing is rubbish I don't get it, and it's unaffected by the law. But the idea of installing a VPN in case the device is compromised might make sense, if the device is compromised it might still be trackable, especially while downloading the VPN, but maybe if it connects at startup, and the RAT isn't configured to bypass the VPN bridge, it might work.
Quite a stretch if you ask me. And again, not relevant to adult sites blocking VPNs.
The rest of the example are the usual "people use it to evade the government and regulations but it can be THE BAD GOVERNMENt AND REGULAtiONS"
The only way to block a VPN is to have the knowledge that certain IPs are used by VPN providers. It's pretty trivial for someone to run a script/app that spins up a server somewhere, installs VPN software on it, and uses that for the connection. Now there's no way to separate whether a user is connecting via a VPN or not.
As a rule, criticism of the ruling elite will never be tolerated in the long term. The Internet was free and unrestricted until the masses shifted their attention to it, at which point, the ruling elite cracked down on it in order to maintain their hegemony by maintaining the ignorance of the masses, which they see as cattle to be herded and milked and sacrificed ritualistically from time to time for their internal social bonding purposes.
They actually act perfectly rationally. Media post articles about how easy it is to bypass the law using VPN, mock the government, and what the law author should feel reading this? "Ok let them break the law"? Of course, the reasonable response is to close the loopholes.
>So when Wisconsin demands that websites "block VPN users from Wisconsin," they're asking for something that's technically impossible. Websites have no way to tell if a VPN connection is coming from Milwaukee, Michigan, or Mumbai. The technology just doesn't work that way.
"Then make it work you think we are stupid but we are not, we know" VPNs have something to do with IPs which are necessarily geolocatable , and also users need to make an account to connect to a VPN, you can just ask them what country and State they are in.
Being willfully obtuse draws no sympathy, and will not exclude companies from compliance
> VPNs have something to do with IPs which are necessarily geolocatable
The website (which is the party these obligations are being placed on) could geolocate the VPN IP, but that wouldn't tell them where the user is actually from.
I'm reminded of efforts in the 1990s to ban strong encryption in email and websites because governments tried to tell us it was used by drug dealers and pedos to do their nefarious activities.
Yes, governments really did want to force us to use HTTPS with only broken/weak crypto.
Same propaganda, different buzzwords.
In hindsight, they really misjudged how comfortable pedos would be with discussing their affairs in plaintext email.
A device-side IP filter locked behind a password that parents can configure in the device's settings would be much more effective and easier to implement than censoring the Internet. This should be the default solution, yet it's never brought up for whatever reason.
Not to mention these online content censorship laws for kids are wrong in principle because parents are supposed to be in control of how they raise each of their own kids, not the government or other people.
And these laws make authoritarian surveillance and control much easier. It's hard to not see this as the main objective at this point. And even if it isn't, this level of stupidity is harmful.
> And even if it isn't, this level of stupidity is harmful.
How much more proof do we need that we're speedrunning the authoritarianism and frankly we're already somewhat authoritarian, it's just pluralism for now. Wait until the elites eat each other and only one dictator is left.
And cue the rise of self-hosted VPNs. 1 click to get a VPS instance, install VPN software, and make a connection. Automatically destroy the instance with another click or after a certain amount of time.
If this keeps going, they will ban self-hosting next: only government-approved hosts allowed.
We can't just rely on technological solutions because you can't out-tech the law at scale. People need to actually understand that the government is very close to having the tools needed for a stable technocratic authoritarian regime here in the US and all around the world. It might not happen immediately even if they have the tools, but once the tools are built, that future becomes almost unavoidable.
I feel like that'd take a level of surveillance that's technically unsustainable. But then again, sustainability isn't a consideration when it stands in the way of "better" control.
AI is the perfect low cost tool to enable that. Plantir knows this and has been making strategic moves to build this
Seems quite achievable and sustainable to me
Every human carries dense compute and sensors with them. If they don't they stand out while still surrounded by dense compute and sensors held by others at all times
Not nice to think about but it is the reality we are moving towards – vote accordingly
Stuff like this really reminds me how nobody is actually in control. Entire countries are just going where ever the rivers takes them with those supposed in charge not knowing any better and often worse than the rest and functionally being so clueless they’re passengers too
Wisconsin "porn" websites will just move out of Wisconsin.
The bill reads like you would think from someone who's been talking with the ceo of an age verification company. The bill gives the website two options: use a _commercial_ age verification product tied to gov't id checking, or "digitize" the web user's gov't id.
It's funny how democratic countries copy whatever laws authoritarian regimes passed, but with a 5-year lag.
This sort of thing turns up very regularly in US politics, from the Comstock Laws to the Communications Decency Act. The late 90s even had a requirement to use easily breakable encryption (48-bit RSA) which big tech companies generally obeyed. And a worse proposal (the "clipper chip") which was never deployed.
Authoritarianism is not limited by your birthplace, it can turn up anywhere. And when it does people are often really enthusiastic about it.
> but with a 5-year lag.
Let’s just replace the democratic part then. Efficiency is king, after all.
It's not funny, it fucking sucks.
As someone born in a post‑Soviet country with rather many odd digital laws--including one requiring that any use of encryption be registered with the department of commerce and the secret service (meaning no TLS unless you get a permit)--I can clearly see the endgame of similar proposals.
These laws aren’t meant to be followed. Their text is deliberately vague, and their demands are impossible by design. They aren't foolish, or at least their ignorance isn't needed to explain the system's broader function. They are meant to serve as a Chekhov's gun that may or may not fire over your head, depending solely on whether the people holding it decide like you.
In peaceful times, they fade into the background, surfacing only when it’s convenient to blackmail some company for cash or favors. In times of crisis, they declare a never-ending war on extremism, sin, and treason, fought against an inexhaustible supply of targets to take down in front of their higher‑ups, farming promotions, contracts for DPI software, and jobs updating its filters.
Historically, such controls were limited by the motivation and competence of the arms dealers, usually taking the form of DNS or IP blocks easily bypassed with proxies. With modern DPI, it's entire protocols going dark. Even so, those able to learn easily find a way around them. The people who suffer most are seniors, unable even to call family across the border without a neighbor's help, and their relatives forced into using least trustworthy messengers (such as Botim, from the creators of ToTok, a known UAE intel operation [0]) thinking they're the only way to stay in touch, not knowing how or wanting to use mainstream IM over a VPNs that may or may not live another month.
If wherever you are your votes still matter, please fight this nonsense. Make no mistake, your enemies are still more ridiculous than Voltaire could hope they'd be, but organizing against or simply living through a regime constantly chewing on the internet's wires is going to be a significantly greater inconvenience than taking _real_ action now.
[0] https://en.wikipedia.org/wiki/ToTok
Why ban VPNs when you can freely force social networks like HN to tie nickname registration to an state issued digital ID certificate to guarantee freedom of speech and legal accountability?
https://old.reddit.com/r/XGramatikInsights/comments/1ovd88s/...
Not just social media, expect ANY app to be able to “verify” you through the new apple digital ID (android wallet soon I assume), the “verification is simple and seamless!!”, and add few Alegria drawings explaining why providing your ID helps defeating the “bad evil guys!!” and you are good to go.
And also to defeat AI slopbots!
To this day I have no clue what the point of this idea is. Forcing you to use an ID on the internet is the real world equivalent of making everyone you interact with take a photo of your ID. It's completely nonsensical.
Considering that most crimes require people to be physically present at the crime scene, it also doesn't seem to be a functioning deterrent at all in the real world.
Most of the bad behaviour is concentrated in "seedy" places, where you usually have to go out of your way to interact with that place. A real name policy doesn't change the nature of the place at all.
If anything, the places that would be most affected are the ones where people are roleplaying or pretending to be something other than "themselves". E.g. gay or transgender people, furries, MMO/MUD/MUSH players, streamers, etc which overall seem to be exceedingly harmless.
There is also the blatantly obvious problem that this only works on people who are risk averse to begin with. So it will basically have no effect on actual perpetrators, who see some risk vs reward tradeoff for their bad behaviour.
Isn't it Wisconsin law that lets the Governor change any numeric digits in a law while it's on his or her desk?
One of the most bizarre legal opinions I've ever heard of, but if they used any digits in the writing of the law those are up for grabs. Law makes a 30 day window or something? The governor can just change it to a million days with a stroke of the pen and then sign the edit into law with the same pen!
> Isn't it Wisconsin law that lets the Governor change any numeric digits in a law while it's on his or her desk?
Pretty close.
> (b) If the governor approves and signs the bill, the bill shall become law. Appropriation bills may be approved in whole or in part by the governor, and the part approved shall become law.
> (c) In approving an appropriation bill in part, the governor may not create a new word by rejecting individual letters in the words of the enrolled bill, and may not create a new sentence by combining parts of 2 or more sentences of the enrolled bill
https://docs.legis.wisconsin.gov/constitution/wi_unannotated
The big limitation here is that it is limited to appropriations. Further, the constitution goes out of its way to try and prevent creative vetoing.
Unfortunately, the court decided that numbers are not words.
As a result, the governor changed "for the 2023–24 school year and the 2024–25 school year" to "for 2023–2425"
https://statecourtreport.org/our-work/analysis-opinion/wisco...
What if it’s a “thirty day” window? Safe?
Yes, my understanding is that only digits are meaningless per the supreme court's ruling there
Well, let’s be honest — users of VPNs regularly don’t know what they are doing, too.
Can’t count how often I‘ve heard otherwise technologically literate people saying how they use a VPN (NordVPN e.a.) because „something something security“.
Republican lawmakers, in this case.
20 years ago the boogeyman was "the terrorists!" And now the boogeyman is "not the children!!" Or "immigrants!!" Depending on your audience's political views, but the ultimate goal is more surveillance, more control and more power abuse by who’s in control.
https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...
>Businesses run on VPNs. Every company with remote employees uses VPNs. Every business traveler connecting through sketchy hotel Wi-Fi needs one. Companies use VPNs to protect client and employee data, secure internal communications, and prevent cyberattacks.
Oh look, someone's conflating business VPNs and consumer VPNs again. This time to legitimize consumer VPNs.
The cited laws propose to ban pornography for minors, and ban VPNs that hide geolocation and their use in accessing pornography. Nothing to do with businesses using private VPNs to encrypt employee traffic.
>Vulnerable people rely on VPNs for safety. Domestic abuse survivors use VPNs to hide their location from their abusers.
Woah, maybe VPNs have some uses I haven't considered, let's take a look at the linked article.
>Use a virtual private network (VPN) to remain anonymous while browsing the internet, signing a new lease or applying for a new home loan. This will also keep your location anonymous from anyone who has gained access to or infiltrated your device.
I think the loan thing is rubbish I don't get it, and it's unaffected by the law. But the idea of installing a VPN in case the device is compromised might make sense, if the device is compromised it might still be trackable, especially while downloading the VPN, but maybe if it connects at startup, and the RAT isn't configured to bypass the VPN bridge, it might work.
Quite a stretch if you ask me. And again, not relevant to adult sites blocking VPNs.
The rest of the example are the usual "people use it to evade the government and regulations but it can be THE BAD GOVERNMENt AND REGULAtiONS"
The only way to block a VPN is to have the knowledge that certain IPs are used by VPN providers. It's pretty trivial for someone to run a script/app that spins up a server somewhere, installs VPN software on it, and uses that for the connection. Now there's no way to separate whether a user is connecting via a VPN or not.
Lawmakers in general have less than one percent knowledge on what they make laws on. I look forward to them all logging in remotely after the ban.
The key change is needed with things such as meshtastic and lora. Taking things out of the hands of regulators is key
As a rule, criticism of the ruling elite will never be tolerated in the long term. The Internet was free and unrestricted until the masses shifted their attention to it, at which point, the ruling elite cracked down on it in order to maintain their hegemony by maintaining the ignorance of the masses, which they see as cattle to be herded and milked and sacrificed ritualistically from time to time for their internal social bonding purposes.
They actually act perfectly rationally. Media post articles about how easy it is to bypass the law using VPN, mock the government, and what the law author should feel reading this? "Ok let them break the law"? Of course, the reasonable response is to close the loopholes.
I think they know exactly what they are doing. This isn’t the nineties anymore. Which makes it even worse.
>So when Wisconsin demands that websites "block VPN users from Wisconsin," they're asking for something that's technically impossible. Websites have no way to tell if a VPN connection is coming from Milwaukee, Michigan, or Mumbai. The technology just doesn't work that way.
https://youtu.be/Pr4v725LPOE?si=ih3gfTSpiHumtrFs&t=79
"That's not how apps work"
"Then make it work you think we are stupid but we are not, we know" VPNs have something to do with IPs which are necessarily geolocatable , and also users need to make an account to connect to a VPN, you can just ask them what country and State they are in.
Being willfully obtuse draws no sympathy, and will not exclude companies from compliance
What if your geolocated IP is from … a VPN? Maybe one outside the jurisdiction of the law?
> VPNs have something to do with IPs which are necessarily geolocatable
The website (which is the party these obligations are being placed on) could geolocate the VPN IP, but that wouldn't tell them where the user is actually from.