853
UK households could face VPN 'ban' after use skyrockets following Online Safety Bill
(www.birminghammail.co.uk)
this post was submitted on 29 Jul 2025
853 points (99.3% liked)
Technology
73379 readers
4237 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I mean anyone can rent a server in Europe and install OpenVPN themselves. Hell, it doesn't even need to open OpenVPN, Wireguard works just as well and is basically undetectable.
Eat shit, UK government, for real. Idiots think that by speaking the same language as US fascists they can have similarly dumb ideas.
wireguard is not undetectable, even wireshark has a simple way to identify it, but there are more accurate ways
Wouldn't it be detected via initial connection only? WG does not send packets while connected, does it?
update: I think not only the handshake packets contain a recognizable pattern. look at "Subsequent Messages: Exchange of Data Packets"
https://www.wireguard.com/protocol/
especially if the receiver/sender_index and the counter are what I think they are.
also have a look at this page: https://www.wireguard.com/known-limitations/
now that you say, I think I remember reading something like this earlier
It would have been my go to. But they can detect openvpn and other protocols. I would just use a ssh tunnel with squid proxy. The squid wont cache ssh traffic unless you run your own cert and set up the squid that way. It will however seamlessly allow you to connect through a ssh tunnel with one port forward.
I've certainly happily used SSH tunnels
on Linux it's great in that it's readily available wherever you already have OpenSSH installed
but one downside of OpenSSH as a general-purpose tool for tunneling is that it is intrinsically TCP and thus forces packet ordering across multiple tunneled connections, which may not be necessary for whatever you're doing and can have performance impact. Part of the reason mosh exists is to deal with that (not for the SSH-as-a-tunneling-protocol case, but rather for the "SSH-as-a-remote-shell" case).
Wireguard is UDP, and OpenVPN can use either TCP or UDP, depending upon how it's configured.
If we were going to move the world to a single "tunneling" protocol, SSH wouldn't be my first choice, even though it's awfully handy as a quick-and-dirty way to tunnel data.
I used putty for tunnels on windows machines. As for mosh I forgot it exist. I use wireguard now. But if they ban VPN it will be harder for them to prove the SSH is being used for the purpose evading their stupid law. The high bandwidth usage could be a lot of things... right?
While in the hospital ten years ago I did get a visit from the IT dept. They didn't have any qos on ssh and I was moving a lot of data through it. They just asked me to limit my high usage to late night.
Fair enough, and come to think of it, I think I have too. Just was pointing out that not all SSH implementations have tunnelling functionality.
Yeah, that's true.
To be honest, I've found WireGuard's performance is harmed more by replay attacks than OpenVPN. Least that is what I put it down to when I tried them both from a VPN provider that offered both.
Edit: missed the a in replay.
How is WG vulnerable to replay attacks? They already address that in their documentation.
It's doesn't fall over, it just slows down. Or appears to much more than OpenVPN. There could be something else going on, but for what ever the problem was, OpenVPN was coping better and just spitting out errors about a possible replay attack and continuing like nothing was wrong. I've not looked again as OpenVPN is working fine. For everything else, I'm using WireGuard.
What's a reply attack? Do you have people activity MITM-ing your connection? Personally I've found Wireguard performance to be significantly better, especially on spotty mobile Internet
Man in the middle can be part of it. It's just basically recording and sending stuff back. Generally I use WireGuard, but on unhygienic networks, were OpenVPN is warning about possible replay attacks, WireGuard doesn't work as well. Could be something else of course, but I've got one end. It's not constant or always.
Oh replay attacks, that makes a bit more sense. Honestly I've never been on such a poor network to run into that. I don't know your situation, but I'd be doing anything I could to get away from that ISP if they're actively manipulating your traffic
Ah, I see it. Sorry. Corrected.
It's not really an issue with OpenVPN as it seams to cope. It's the only time I use OpenVPN instead of WireGuard.