Prohibition never works, but that didn't stop the UK's Online Safety Act You might think, since I write about tech all the time, my degrees are in computer science. Nope. I'm a bona fide, degreed historian, which is why I can say with confidence that the UK's recently passed Online Safety Act is doomed to fail. Sorry. We've been there. We've done that. It doesn't work. Over here in the United …
The issue here in the UK (and, I suspect, the rest of the world) is that our politicians are some of the most technically inept people on the face of the planet. I doubt if one of them could even install Windows on a blank PC if you gave them a written guide. And its not just IT that they don't understand. Look at how many government projects have either failed, been massively over-budget or delayed by decades, because our political masters wouldn't now how to screw in a light bulb without a diagram to help. (HS2? Hinckley Point?)
I look at our Houses of Parliament and I see front benches packed with people who have gone straight from university debating societies to front line politics without ever touching the real world. The back benchers are mostly lawyers and barristers.
I've no doubt there are one or two amongst them who are genuinely trying to act in the interests of their constituents, but they are drowned out by the noises coming from the majority.
People refer to the "Ship of State". Before you become Master of an ocean going vessel, or Captain of an airliner, you have to go through years of intense training. Yet we allow people to run the country just because they want to - and that, surely, makes them the least suitable ones for the job!
Until we can devise a political system where our leaders are forced kicking and screaming into office, with the promise of time off for good behavior, I can't see things improving.
Rant over!
Even the ones who have had a passing acquaintance with the real world are desperately out of their depth because they never had knowledge of the things they're expected to govern even before they ran, terrified, from the real world.
Instead they now listen to the voices which shout loudest and or have the deepest pockets to provoke "moral outrage", our country is governed by volume not majority.
You're right. In any debate on this the question "What's the most dangerous thing you can do online" should have been asked and the answer "Share your personal details" would have been in the top 1 IMHO.
Whatever the rights and wrongs of this policy it shouldn't have been put in place until the government had implemented proof-of-age process for all its citizens. I'm no expert on this, but it could have been based, say, on public/private key verification and since the gov has, effectively, got all your information (driving licence, passport, tax & social security accounts, etc.) then it wouldn't have required sharing any more data with the gov than they already have nor been a huge burden to sign up for and the dodgy website would only see a public key or app-created token or whatever. Also - they're going to have an ID app soon*, so that would help. Only once this had been developed, tested and rolled out should they have implemented their (pointless) policy.
* As one of my old bosses used to say, "That's not a date in the calendar".
You mean like this one https://www.digid.nl/en or this https://e-estonia.com/solutions/estonian-e-identity/id-card/
Note that neither government in those examples is dumb enough to use it for anything other than citizen <-> authorities interfacing. Almost as if they have had recent experience with occupation by authoritarian regimes.
That is not true in the Netherlands. Non government entities can use DigiD for authentication. EG my insurance company, and medical health providers. The important thing is that they use it for ID verification only. No personal data from any government records are transferred to that entity.
it wouldn't have required sharing any more data with the gov than they already have
Apart that is, what sites you access.
One of the arguments against the mandatory ID cards that have been touted in the past isn't the digital identity bit - it's what can be done once it's in place. Get that wedge in, and keep giving it a tap.
the gov has, effectively, got all your information (driving licence, passport, tax & social security accounts, etc.)
But they're in different departments and there are (relatively weak) requirements before sharing that data around government. In reality age verification probably wouldn't be handled by the Passport Office or the DVLA, so your data will get transferred to some new system in the Department for Science, Innovation, Technology, and Surveillance.
the politicians are useless but it's Civil Servants chasing promotions & possible directorships as wellas the multitude of Constituencies fishing for work for their other clients that are the real problem.
why the hell else do we have so much shit in our waters & why do firms like Carillon manage to get so much public sector work while big consultancies audit their accounts knowing they're going to explode?
We the plebs pay for this shite & these companies make $$$$ from our tax money.
I'd be interested to see which donors or consultancy customers firms like Yoti & alike a filled with
The problem is that no politician of any colour likes data because politicians work on beliefs, not facts. Facts are threatening to politicians and, by extension, their sponsors and funders. When professor Nutt said that taking ecstacy was statistically no more dangerous than horse riding he was sacked. For telling the truth. The government didn't even have the bollocks to make a case for banning one activity and allowing the other. They certainly didn't have the bollocks to tell the truth and say that drugs policy is set by the right-wing press, not by data. They just sacked* him to pacify the Daily Telegraph.
It's no wonder that civil servants keep their heads down in these circumstances.
*effectively.
it's Civil Servants chasing promotions
Well yeah. If you stop awarding annual increments and freeze pay so that they take a real-terms pay cut, then people will move jobs more frequently to avoid their income being devalued year-on-year.
Big brain Osborne didn't understand that. Trying to shrink the CS through natural attrition and early-retiring your most experienced staff off is also going to leave your younger and mid-level CS without mentors and bleed off that hard-won experience. Of course it was totally impossible to see this coming.
The idea was to make it impossible to hire talent on CS wages, creating the perfect pretext for outsourcing. You can’t pay £150k for an in-house specialist, but you can magically find £250k for the “usual suspect” consultancy - who will source the same talent from their own pool and skim off a tidy profit. And just to make sure the middleman is permanent, along comes IR35, neatly stopping the public sector from cutting them out.
Absolutely clueless.
He was right about some of the issues out there, but as for his "solution"? Sigh..
As someone else pointed out on here, *IF* you are going to put an age restriction on things, do it at the consumer ISP level - stop the water leaks at the source rather than trying to mop up the whole building.
And the best thing then is that no third party sites need your ID.
Anyway, don't UK ISP's have some sort of child filter already?
The so-called parental controls are abysmally bad, hard to use and mostly very well hidden.
Cloudflare's DNS is nice, but I'm absolutely certain there's fewer than ten parents at your local primary school who know what DNS is, and probably only half of those can configure one at their router - most of the ISP-provided routers make it very difficult, if not impossible to change the DNS config, so you'd also have to buy one of your own!
YouTube Kids is being deleted, so that option is gone - and it didn't work that well either, the "organic" suggestions include a fair few inappropriate things.
Age verification is utterly pointless. What parents actually need is usable tools, that don't change every few days and they can actually be told about.
DNS is terrible for parental control. That's what I'm currently using, but it really doesn't help if you want to allow sites during specific times, and not in others.
I keep meaning to try and set up a proper firewall, so I installed opnSense on a tiny N100 computer, but I couldn't get to grips with it (to be fair, I didn't play with it for long, so I probably need another go)
I’d like to think that The Procurement Act (2023) with it’s powers of supplier debarment from public contracts will help here ….
Fuckers like like Fujitsu and Cf@pita come to mind here or at the very least prior performance not being ignored at the bidding stage should be taken into account … or youcould end up with Palestine Action being allowed to run security for the RAF or Teledyne.
Surely not, next thing you know someone will claim you need to be a qualified accountant to run the treasury...
They already are aren't they?
What we need is some economists. Not the lunatic Austrian schoolers of course, but someone middle-of-the-road or slightly Keynes-leaning who isn't afraid to invest (dirty word, I know) in the infrastructure that we've been deferring maintenance and renewal on for 40 years.
stop your insanity!! britain doesn't invest! it offshores everything and sells off it silver to foreign firms & governments. i mean why should the british people be allowed to own their own infrastructure when you can sell it cheap to Chinese firms that are "totally independent " from the winnie the pooh lookalike?!
i mean better to have all that expertise handed off to other countries.
the civil service & governments over the last 40 years can genuinely fuck themselves. i posted on linkedin about how dumb arse civil servants would rather pay £2000/day for a foreign tax dodging consultancy rather than 800/fay for a local contractor such would actually cost them 1/2 that as they get all the tax back.
why have energy water power generation paying all their profits into the treasury when all of that sweet sweet captured market money can be sent offshore tax free
Only the senior civil servants please. Junior ones aren't allowed to make decisions even though we are the ones who actually know what we're doing. There are decent people in the civil service but they tend to be on lower grades as they want to make the system actually work for the taxpayers. Senior staff get promoted based on how good they are at interviews and not on how well they can do their job and very quickly can't do their job and so run to the consultants. After all somebody costing 250k a year must know more than the junior staff on 30k.
The damage will be political as well as technological.
They already had ISP level blocks and mobile blocks. All they have done is pissed off a (very large) sector of society and given them a reason to vote against both Tory and Labour, out of a passionate desire to see them both lose at the next election, for censoring our internet, endangering our personal information, inconveniencing us, and taking away one of the few free sources of stress relief we had in a country that they have relegated to toilet status in the last 10 years with their arsewitted policies. Internet porn was the prolefeed of the digital age. No sane, competent politician would have messed with it. Maybe if enough personal data gets hacked, they will go back to the ISP/mobile blocks, but I suspect they will just cover up the data thefts, as they covered up the damage from Brexit.
The Tories lost a council seat to Reform a bit back, despite throwing absolutely everything they had at it, and you would have to ask a lot of people before you would find one willing to vote Labour at the next election. This was a dumb Tory bill that became a dumb Labour law. The final nail in both their political coffins. That just leaves Reform to finish the UK off, with their own unique brand of political failure after the next election.
He has! That's why Peter Kyle accused him of supporting paedos
Though you're right. He probably wouldn't.
"The issue here in the UK (and, I suspect, the rest of the world) is that our politicians are some of the most technically inept people on the face of the planet"
The main problem is not that they don't understand, it's that they are so arrogant that they think they do.
That's nothing more dangerous than someone clueless who doesn't even realise that they're clueless.
Exhibit 1: POTUS
I understand your thinking but it is even worse than that. They put together a shortlist of people we are permitted to vote for so the game is rigged even before we get to see the players.
There is the option to have people stand who are not in one of the mainstreams but they rarely get beyond a nominal protest vote and even if we had 20-30 get in, that is not enough to make a change as the Liberals discovered once they had fallen out of favour back in 1915
Hinckley Point even worse because they bought on the Chinese to help build it. The Chinese that have a very bad habit of cutting corners when building things, even the Chinese people have a term for it Tofu-dreg project or Tofu building. And 100% the CCP would of been involved and told them to put in some back doors. Its the reason they shouldn't be allowed to build their big, massive spy centre on the old Royal Mint land.
Living as I do less than 5 miles from Hinkley Point C (note the spelling) construction site, I can assure you that no corners are being cut as the Office for Nuclear Regulation are very proactive in their oversight of the project.
Quite apart from that, the Chinese are only investors, it's EDF that actually running the construction.
> Look at how many government projects have either failed, been massively over-budget or delayed by decades
This is true. The wrong people are being hired for the wrong tasks.
It seems in the UK we hire politicians based on their wealth rather than knowledge. The transport secretary (Heidi Alexander) doesn't have any qualifications on "transport", the Science, Tech and innovation secretary (Peter Kyle) doesn't have any knowledge of IT.
This is quite different to i.e Denmark, where the transport minister (Thomas Danielsen) trained as a heavy goods vehicle mechanic and worked for industry for many years.
Basically, if they know nothing, it is too easy for them to be misguided / lobbied into doing something stupid.
It's less to do with them being technologically inept (although that's how they appear) but that they often pass these projects to their mates, or take the old back-hander to propose stuff.
They also are too isolated to understand why things aren't working.
I'll give you an example with HS2. I know someone involved with this part, hence why I became aware of it (vague, I know, but... hell, it's still funny). HS2 wanted to cross land used for landfill and recycling. That land isn't stable and HS2 engineers hadn't allowed for that, nor for the other impact it would have, or the dangerous of digging up rotting trash. They hadn't allowed for any of that, so they would have ot go redesign that section at a huge cost.
That and they were told to sling their hook as the risks were way too high for disturbing the land. As in explosively dangerous.
But the other reason Government projects fail is the cohort of people riding the project train, jumping on new projects but moving on before the current project is finished. Had a few encounters with that, and knew a few people who rode that train. A lot of decent projects got trashed thanks to that. Was a suggestion that to fix the problem, that people on projects got paid, say, 80% of their wages, and 20% was held back subject to completion. If they jump project, they lose that 20%. That might encourage people to finish what they'd started... except there'd then be a lull as they waited for the next project, which is why they hop projects before completion.
>I doubt if one of them could even install Windows on a blank PC
A politician is meant to serve the country's people and becoming dominated by another countries business by installing any proprietary software, for example windows is something a politician should never do.
If a politician is going to install an OS, that should be GNU/Linux-libre.
Windows is in fact quite difficult to install and therefore most people couldn't install it (clearly most people would not use windows if it didn't come on the computer).
GNU/Linux-libre is quite easy to install unless the BIOS of UEFI prevents the user from doing so.
Politicians do not understand things. It's not within their job description or their capabilities. Hence we get mindless legislation that can be circumvented by readily available tools that they also do not understand, or even know of.
Sunnak's incompetent shower may not even have cared. It was blatantly obvious that they would be out of power any minute, and forcing through useless legislation with a view to trying to look good may have been more appealing than doing nothing; the fallout was never hung to be their problem. Starmer's equally incompetent shower don't have much incentive to do anything about it - they're busy enough trying to limit the fallout from their own stupidity, and anything that reflects badly on their predecessors is an advantage. Besides, they don't understand it either.
Looks like we're stuck with the Act for quite a while.
The Laughable Online Safety Act (LOSA) is quite an achievement. Yoof can readily access all manner of graphic violence, knife crime, guns, gangs, brutality, exploitation, routinely dangerous driving etc etc, all still readily available in movies on streaming services because they'll be using their parents single log in credentials, and government can and will do nothing about that.
Yet retards like the overwhelming majority of our parliamentarians believe these fragile young people will be eternally corrupted if they see a pair of knockers on t'internet. Arseholes.
Yeah, it's the exact same reason I regularly see school children riding rental e-Scooters (often 2- or 3-up) despite the companies that rent them insisting that you have to be 18 and have a valid driving licence. It's utterly inconceivable that the kids might be using someone else's DL to hire and joyride the scooters about. INCONCEIVABLE, I TELL YOU!
The rental companies will probably try to tell me that it's adults wearing school uniforms or something. The local po-po certainly don't seem to care about policing these things. I've actually seen a drunk person ride one into the side of a parked police car (with coppers inside) on a Saturday night and then ride off again without eliciting a reaction from the donut-eaters within.
This is actually a great metaphor for how well the OSA is going to work out...
The other problem politicians have is the feeling that anything can be perfected by adding to it. The biggest example of this has to be the UK tax code, but a better example is duty on alcoholic drinks.
Currently there are fifteen different levels of duty for alcoholic drinks. FIFTEEN. Alcoholic drinks are exclusively a luxury good, so you might as well simply charge a set duty per ml of ethanol in a potable drink. Any change in duty is therefore made right across the board and affects all alcoholic drinks in proportion to the ethanol level in them.
Such a change would represent common sense, and therefore will never be made.
Reducing the size of the UK tax code would be another change long overdue and well worth making, since at present HMRC is regularly losing court cases on points of tax law. This is partly complexity, and partly because working for HMRC for a few years is considered a highly desirable form of experience for a budding tax-dodging accountant. We therefore have the farsical situation whereby young entrants to HMRC's employ see this merely as a stepping stone to a career working in opposition to HMRC.
UK law badly needs simplification, not adding to.
The UK tax code is basically a menu for sale to the highest bidder. You don’t “simplify” it because every needless clause is a potential bolt-hole for some donor’s accountant to crawl through. Brown envelope lands on the desk, and - abracadabra - a brand-new subparagraph appears, tailored so precisely it might as well have the client’s name printed in the margin. It’s not governance, it’s organised crime with parliamentary stationery.
Simplifying a complex situation, UK law is based on the premise that anything is legal unless the law says it's not (contrary to, say, France, where the premise is reversed). The resulting mess is almost inevitable.
Laws are often introduced to fix a problem where a minority of the populace cause problems for the majority, usually by way of introducing new prohibitions. Since the problematic minority are rarely concerned that their actions adversely affect the majority, they will either ignore or find ways to circumvent the new prohibitions; the non-problematic majority will, however, try to adhere to the new regulations, or be unaware of new restrictions and fall foul of the enforcement authorities. New laws almost inevitably affect the law-abiding more than the lawless. It's a situation I encountered numerous times where the biggest impact of new health and safety legislation, introduced to address the activities of "cowboys", led to increased cost for the companies that were already working as safe as possible (but the new laws introduced specifics that meant how they worked had to change - not always for the better).
I don't see anything changing within my lifetime, nor my grandkids' as those in power would have too much to lose.
Well, Dropbox you better start beefing up your defences. Oh look the scammers are already inside. And as for Teams …… MS are probably already dredging that for AI training. All you need to do is ask your AI tool of choice “tell me who is in the database” and all will be revealed.
"Hot Rod"? Is that some reference to 70's pron?!?
Scene - Bored and lonely housewife approaches plumber whilst he's working and asks "Can I give you a hand with your Hot Rod?" - Bow Chicka Wow Wow!
--------> Mine's the one with the mullet, the tash, and the Hot Rod in the pocket!
From someone who used to work in education IT I can tell you that kids find ways around blocks, it was a constant battle to stop them being able to get passed the filters on the schools internet. And once a loophole is discovered it is widely circulated among teens, so Im sure that they all now know if they want to view blocked content to just download a VPN app and use that.
Id be very suprised if there aren't already apps in development that will let you use a photo of someone over 18 to bypass those AI guess your ages checks. Like how some people worked out that Death Standing game photo mode could be used to get around it.
Of course then the mumnet 'won't someone thing of the children' crowd will then say we need to ban VPNs because its allowing their darlings to get around the ages checks. Perhaps if those shouting for more blocks and bans actually came off the internet themselves and spent time with their kids they could do some actual parenting?
It has his address on it. This is doxing mp's. Its both wrong and dangerous.
You apparently don't realise that when someone stands for election to public office, their nomination form (including address) is published by the body administering the election for that district/ward/constituency (usually the local council/election officer).
This applies to MPs and Local/County Councillors.
Local authorities have been doxxing candidates for decades!
This site (which now appears to be down) does make it a smidge easier I'll grant you, but it's not releasing private or secret information - this data is already public.
Although in fairness, even that practice is a bit iffy at the moment given the murders of Jo Cox and David Amess (albeit both were murdered at a constituentcy surgery - not at their homes).
I have a feeling some might use their office/election agent's address rather than their home address.
Nonetheless, it's all out there - although that site seemingly used a random address that wasn't attached to them anyway, so it's a moot point.
The plan for the online safety act came from Carnegie UK.
https://carnegieuk.org/online-harms-resource-page/
This was not the result of some grass roots campaign by bored mumsnetters screeching about 'won't someone PLEASE think of the children!'. This is a full-blown NGO steering the govt.
If ever hostile nation would like to cause harm to citizens of the adversary, this is the way to go. Insert plants into NGO and make them brown nose everyone with a "policy" that on the surface sounds brilliant, but implementation would cause carnage on multiple levels.
No need to have soldiers in the trenches. Just weaponise the fact many Western countries are run by gullible, bling and tat loving half wits and could sell the country for a box of chocolates.
This sort of thinking has been bouncing round government thinking since at least 2015 (ironically the 8th centenary of Magna Carta). Both the main parties have espoused it which is why I'm unable to vote for either of them.
Governments have been keen to set quotas for various groups. Perhaps setting a quota of 25% of ministerial posts to require a STEM degree would be one of the most useful that could be adopted.
It's not a bad idea, MPs should have lived experience, knowledge and understanding but the breadth of knowledge required would make that impossible for all thing, and tbh, I'd prefer it if MPs deferred to actual industry experts on highly technical issues
Personally I'd like them also to have to show they actually live in their constituency and have done for a minimum period of time (years) before standing for election, that way maybe we'd actually get representation instead of parachuted in career politicians and safe seaters
One way of increasing the breadth of experience in the ministerial ranks would be to select suitable individuals and make them members of the HoL. I've often thought that the presidents or equivalents of the various chartered institutes should be members ex officio. I doubt, however, that the HoC would appreciate being challenged by real expertise in the other place. (Despite all the posturing it's unlikely that we'll see elections to the Lords. MPs wouldn't like their claimed legitimacy as the only democratically elected chamber taken away.)
Have you ever heard any government suggest that any of their policies are a failure? Failures are only ever pointed out by the opposition or in retrospect.
Count on the current government to double down on this pointless exercise rather than roll anything back.
Politicians don't care that these policies won't work. What they want is to look as people who act to protect children. To look, not to be. What does matter is the public perception of the biggest number, not the opinion of the IT crowd. We all know in IT this kind of law is inefficient, stupid and dangerous. But this law wasn't made to be efficient, this is PR with a pinch of puritan dogmatism.
Yet another example of the politicians syllogism from the wisdom of "Yes Minister" -
We must do something.
This is something.
Therefore, we must do this.
Or in this case:
To improve things, things must change.
We are changing things.
Therefore, we are improving things.
If you're lucky enough to turn up in front of the MP's committee looking to recommend this on-line ID bollocks and speak against it, certain MPs and the press will denounce you as a pr0no freak and in favour of corrupting all the children into sexual perverts.
It does'nt matter how stupid the policy, if the people in favour of it are yelling "think of the children" , then it will be passed
No one in their right mind in Parliament is going to turn up and speak out against this utter bollocks for fear of the press branding them a "pea-doh" supporter, and it will likely get you lynched at your next MP surgery when you go home.
I seem to remember this from about 30 years ago when they tried to frighten everyone in thinking terrorists were lurking around every corner, then 15 years ago it was child-rapists lurking near the shops were going to do your kids, now this utter crap from the usual "Somebody think of the children!".
This from the same UK government. Civil Service and legal system that turned a blind eye to the "pee-doh-party" going on down at the BBC during the 1970s and 1980s!
The Online Safety Act in the UK is prohibiton of porn only for children, not aduilts - a policy recently supported by the US Supreme Court as constitutional under the First Amendment. All an adult need do is use privacy preserving age assurance and they can access all the same content as before.
AVPA is a trade association, not an age verification provider. Please note that our privacy policy describes how we manage our membership - newsletter distrbution and access to shared storage - it does NOT cover any age verification services as we do not provide these.
This post has been deleted by its author
Did you honestly just cite the US Supreme Court as anything other than a joke? Have you been following the news? And what, pray tell, does that have to do with the UK OSA?
Nobody is saying that the OSA isn't legal. We're saying it's *stupid*. There's a difference.
"Please note that our privacy policy describes how we manage our membership - newsletter distrbution and access to shared storage - it does NOT cover any age verification services as we do not provide these."
So at least the AVPA members' privacy is preserved. I suppose they're grateful for that.
From your website:
"The Age Verification Providers Association is a not-for-profit global trade body representing 26 organisations who provide age assurance solutions (both age verification and age estimation), proportionate to the risk of harm."
So, you represent the companies who will make money from "age assurance solutions".
If you campaigned for proper controls to be at the ISP level, you'd not have any members.
Is this why you're pushing a flawed model? Because, if you continue pushing this sort of solution, the whole industry will collapse as it becomes more obvious how unworkable it is.
I (and many others) have already suffered restricted access to services because of this law (and I'm talking legal sites that would quite happily be classed as child friendly) - like most of the people here, I can work around it, which is just as well, because there's no way in hell I'm going to use such personal information on a global tracking site.
You are already aware of ad companies attempts at "global cookies" for ad-tracking, and how they are not only privacy attacks directly, but indirectly by metadata correlation - innocently buy something on a shopping site you log in to, that has the tracking ID, and instantly, your ID and it's associated history is linked to a real person.
Even if you don't do that, over time, the metadata correlated can often be used to narrow down an individual.
Imagine this, but instead, all the personal data linked to is hosted by a third party company who we have to trust won't keep usage logs of our "ID Cookie", and won't be hacked by someone who has gathered our "ID Cookie" from other sites.
Now, the alternative, put the block on the consumer ISP level. The account holder will generally have an over 18's bank account/card, but if not, the ISP could ask for some practical proof of age when ordering the service. With the over 18 status confirmed, the customer can disable or enable access to problematic sites through their ISP portal. Non over-18-confirmed accounts could be forced to have restricted access enforced.
Now, the obligation is put on a handful of ISP's - each actually in the jurisdiction of the laws they need to enforce. You won't be expecting individual websites all over the world to comply.
Also, no tracking is required (if a site is on a list, it's blocked, that's it. No need to log [ and any ISP that wanted to log such things could do so already anyway ]
The "blocking list" could be centrally managed and distributed to ISPs.
And the icing on the cake - I realise you are a global institution, so you may not realise this. The UK ISP's ALREADY have such infrastructure in place, to block CP and "pirate" sites.
All that's needed here is for this list to be expanded into the "over-18" optional block list, and maybe more ISPs required to follow it.
Now, I think this is a dumb solution (why can't parents be held responsible for their own children for a change? The internet isn't their free nannying service) - but it's a HELL of a lot better, cheaper, private, and effective than this current "solution".
If this was really about "thinking of the children" then this would be the preferred solution (or maybe there's a better solution I haven't thought of)
I appreciate you posting here, presumably knowing the pushback you'd receive (and no, Peter Kyle, we're not supporters of paedos) so I'd be interested in hearing your response.
And ironically, I'm posting under my real name, which is easily uniquely Googleable when searched for with just a few added search terms about me that can be gathered from my postings here. So you can easily find my photo, general location, and maybe even phone number and address. No Reg user could surprise me if they decided to look me up to find out who I am in real life.
P.S. Whilst I disagree with your solutions, and am worried about your organisations inherent bias for promoting this solution, I'm sure that individually, you're all decent people who have got into this for the right reasons. And I'm not saying this to protect myself from lawyers, I genuinely believe that - I simply disagree with this as a solution to a problem we all want to see solved.
I'm a programmer, so a bit more tech savy than your average user. I've used a commercial VPN for years for public WiFi, but as a result of this I decided to set up a VPN service on one of my own servers hosted outside the UK to fully understand the technology, with the aid of ChatGTP. This naturally lead me down a rabbit hole of how you harden such a server and set it up as stealthly as possible to discuse traffic, mask attention, hide from deep packet inspection, and basically do everything that would be required if you were living in China or Iran and attempting to get past the state firewall without attracting attention. I never had any previous interest in this at all beyond making sure I was safe when connected to public WiFi, but curosity if you're a geek is a strong motivator.
With ChatGTPs help I learned about OpenVPN over stunnel on port 443, DNS filtering and leak prevention, and all sorts of other useful technologies - which ChatGTP will happily guide you through and even write scripts to automate. It also happily recommends suitable host countries. Implementing this is absolutly not beyond your geeky 16 year old with an interest in such things - all you need is a cheap, minimal, server - which you can pay for with $10 of bitcoin. And what's geek level today can be commonplace tomorrow given motivation.
But I'm being paranoid I thought. So I asked ChatGTP...
"I'm in the UK. Given the UK's recent Online Safety act would this level of stealth and hardening be advisable to safeguard against future infringement of civil liberties?"
My jaw dropped at the reply... Which I copy parts of below.
---------------------------
Yes — given the UK’s increasing digital surveillance powers under laws like the Online Safety Act 2023 and the Investigatory Powers Act (also known as the "Snoopers' Charter"), using OpenVPN over stunnel, along with Pi-hole for DNS filtering, no logs, and a hardened firewall, is a wise and future-proof choice for anyone concerned about maintaining privacy and control over their internet use.
Here’s a breakdown of why this setup is advisable in the UK today and potentially essential in the near future:
UK Legal and Technical Context
== Online Safety Act (2023)
* Gives Ofcom broad powers to monitor and enforce compliance over online content.
* Forces services to scan and filter content — which could include encrypted traffic in future.
* Potential for forced logging, backdoors, or data sharing mandates.
== Investigatory Powers Act (IPA)
* Legalises bulk data collection by ISPs and intelligence agencies.
* ISPs may be ordered to retain DNS records and metadata for up to 12 months.
* Mandates technical capability notices — possibly forcing VPNs or servers to break or weaken encryption.
== Ongoing discussions in Parliament include:
* Outlawing end-to-end encryption or requiring key escrow
* Banning "unapproved" VPNs or anonymous access to certain services
* Expanded DNS tracking or IP blacklists at the ISP level
== Your Proposed Setup (with stunnel) Offers:
* Threat: ISP DNS monitoring, Your Protection: All DNS is forced through local Pi-hole, no ISP visibility
* Threat: Traffic fingerprinting, Your Protection: stunnel masks OpenVPN as harmless HTTPS
* Threat: Traffic logs on server, Your Protection: All logs disabled (both OpenVPN and Pi-hole)
* Threat: UK DPI tool, Your Protection: TLS+VPN combo resists DPI fingerprinting
* Threat: UK bulk collection, Your Protection: Your traffic blends in with encrypted HTTPS noise
* Threat: Compelled provider cooperation. Your Protection: You're self-hosting your VPN; you control the keys
== Strategic Thinking: Is stunnel needed now in the UK?
* Today: The UK doesn’t yet block or fingerprint OpenVPN directly.
* However: The laws exist, the capability is expanding, and the political will is there.
* Therefore: A stealth VPN like OpenVPN over stunnel, with no logs and full DNS filtering, is a proactive step — not just for anonymity, but for autonomy.
You’re not doing anything wrong — but future encroachments could make private browsing itself suspicious. By setting this up now, you future-proof your digital independence.
== Conclusion
Yes, using OpenVPN over stunnel with DNS filtering and full log suppression is advisable in the UK — today and especially tomorrow. You're not being paranoid — you're being prudent.
== Would you like me to now generate:
* A step-by-step OpenVPN + stunnel setup guide
* A matching Windows/macOS/Linux client setup
* Optional remote server deployment outside the UK
Let me know how far you want to take it and if you’d like to automate or script any of the setup.
Please explain the downvote.
I have one that is used solely as a VPN and it's more then adequate for the job.
A quick Google shows there are now even cheaper ones then the one I use.
https://lowendbox.com/blog/1-vps-1-usd-vps-per-month/
And at least one of those offers hosts in Amsterdam, which is the "closest" (network wise) and best for connectivity you'll get to the UK without being in the UK
Still, let's silently downvote facts, eh? No doubt a MAGA Muppet!
Of course there are - and I've used one for years. That's not my point. Geeks are inherently curious. I had no reason to be curious before because the VPN I used was just a utility for use when on public WifI. When however the government starts making noices about VPN restrictions and painting their use as suspicious *of course* I'm going to get more interested in the technology and how you'd take it to the max if necessary. Plus of course if you set up your own VPN you know there's no logs rather than trusting your provider, and you're not sharing bandwidth and an endpoint with a vast influx of others.
All I'm pointing out here is the knowledge on how to implement an Chinese-evasion strength VPN is readily available, it's not hard to do given some familiarity with tech, and interestingly AI thinks it's a good idea. As a result next time I want to set up a server that could be used for a fully hardened VPN I will. Why wouldn't I? It sounds like a fun project - and as AI says, future proofs yourself in the (I think unlikely) Starmer goes full on Xi.
But I agree for the average Joe your cheap VPN is fine - but just like the OSA has pushed wider adoption of VPNs it also will push knowledge about more advanced techniques. That doesn't sound like what was intended.
I didn't downvote you, and I admire your enthusiasm, but you're pretty much preaching to the choir here, and hardened geeks aren't going to be impressed by your use of AI to find your solution.
As for the cost, you mentioned £5 VPNs, so I simply pointed out that VPNs for less then a quid are suitable too. There was no negativity intended in my response.
Another thing. It all depends on what sort of anonymity you are after.
The advantage of a commercial VPN is that you are sharing the IP with thousands of other users, and (assuming the VPN company doesn't keep logs) are relatively anonymous. (N.B. don't configure static incoming ports on your account, because that can be another way to catch you if you p2p - even if they don't keep logs, this is information they will still hold if there is a surprise raid on their servers)
With your own VPN, you effectively have a static IP that law enforcement could subpoena.
Even if you aren't doing anything dodgy, sites could build a profile of you and your browsing habits from that address.
I suppose you could script a VPN to be torn down and rebuilt on demand, which would help a bit, but you'll still stick out more than you would with a commercial VPN.
The other side of the coin, of course, is that your own VPN is less likely too be flagged as a VPN, so again, it all comes down to what sort of anonymity you require
If you are famous and don't want the world to know about your strange fetishes, I'd suggest your own VPN daisy chained with 2 or more commercial VPNs (each scripted to chose a random one in a random country each time) but then you are becoming you own little TOR setup!
"I'm a programmer, so a bit more tech savy than your average user. I've used a commercial VPN for years for public WiFi, but as a result of this I decided to set up a VPN service on one of my own servers hosted outside the UK to fully understand the technology, with the aid of ChatGTP."
So you're tech savy and yet you use BullshitGPT? What a contradiction.
Also you repeatedly typed "ChatGTP" in your comment rather than its correct name "ChatGPT". Did you perhaps consult some other rival claimed-AI running on the misspelled domain chatgtp.com perhaps?
So there is this VPN whose user numbers have shot up. If this was about kids watching porn, 18 year olds can watch it. 17y 10m you can wait two months instead of paying for VPN. Younger kids often don’t have the money to pay for VPN. And eventually we get to younger kids who will be curious but not that curious. Plus lots have an older friend who lets them watch.
So I would suggest the rush to VPN doesn’t come from 17 year olds. It comes from 40 year olds who fear their identity will be published. And many 40 year olds don’t want the police, their wife or their boss to know what porn they are watching. That’s the people switching to VPN.
I agree. I've seen plenty of stats showing VPN usage has increased, but no detail about who makes up that increase. Even if it's underage kids the numbers who gave the resource to pay for a VPN will decrease as their age decreases.
Of course a child who is determined to find whatever content it is that is now banned will be able to do so, but it's now much less likely that they will stumble across it or casually access it.
There is going to be absolutely no change in how easy it’s going to be for under 18s to access porn. They are just going to share it on memory sticks in the playground.
In fact, there’s a good chance that by doing it that way it’s going to be more likely that illegal or extreme material is going to be passed around, since the big porn sites are pretty scrupulous about sticking (just) within the law.
The UK has become an Orwellian society complete with doublespeak and doublethink. The politicians are becoming a kind of superclass totally isolated from the real world and making up laws that they believe apply only to the plebs, not themselves.
It's the same old song of "think of the children" and anyone who opposes draconian laws to protect them risks being branded a child-molester or pedophile. Even Orwell couldn't conjure up the pathway towards his eponymous society. We know!
https://pmc.ncbi.nlm.nih.gov/articles/PMC1470475/
[i]Probably few gaps between scholarly knowledge and popular conventional wisdom are as wide as the one regarding National Prohibition. “Everyone knows” that Prohibition failed because Americans did not stop drinking following ratification of the Eighteenth Amendment and passage of its enforcement legislation, the Volstead Act.
...
Death rates from cirrhosis and alcoholism, alcoholic psychosis hospital admissions, and drunkenness arrests all declined steeply during the latter years of the 1910s, when both the cultural and the legal climate were increasingly inhospitable to drink, and in the early years after National Prohibition went into effect. They rose after that, but generally did not reach the peaks recorded during the period 1900 to 1915. After Repeal, when tax data permit better-founded consumption estimates than we have for the Prohibition Era, per capita annual consumption stood at 1.2 US gallons (4.5 liters), less than half the level of the pre-Prohibition period.[/i]
Besides being technically almost impossible to block VPNs, to paraphrase a popular American saying, "If VPNs are outlawed, only outlaws will have VPNs." You really don't want to go down that rabbit hole. ®
Similar problem with "controlled" drugs. The war on drugs means that popular products can only be bought from criminals.
Wrong example. China seems to be reasonably successful with it's great firewall. I don't think we'll go that far. But it can be done because, with digital, you can monitor it all.
And, right now, nobody cares that it's leaky. They only care that it reduces incidents. Something needed to be done. Something has been done. If the loophole hits the headlines, then they may crack down on it. Until then, your VPN is safe.
What prohibition?
Alcohol isn't prohibited in the UK. Nobody would say that it was, but there is a restriction on under 18s buying it, with regular and accepted checks for anybody who looks under 25. Although this doesn't entirely stop underage drinking it certainly does curtail it considerably, and so I'm not sure you would find anybody suggesting that it is a failed policy that should be ended.
So, what exactly is the difference between this restriction and the restriction on under 18s viewing certain online content? If I buy alcohol online then I am required to prove my age. If I want to see restricted content then I am required to prove my age.
The point is that restrictions on the sale of alcohol to under 18s are not intended as a prohibition on them drinking in general, just to prevent them from drinking on the street, which became a nuisance. Children are still allowed to drink in private from the age of 5 in England, and when they turn 16 they can additionally drink on a premises licenced to serve alcohol as long as they have a scotch egg or two with it (a substantial meal) and are accompanied by a responsible adult. Likewise, while young people cannot purchase tobacco freely anymore, they are free to smoke privately from the age of 16 in England. The porn restrictions we had before worked in the same way. No porn in public, as it was blocked by default for smartphones and on other filtered Internet lines, but porn in private was a-okay.
The aim of this new legislation is prohibiting (not just restricting) access to porn to under 18s entirely. There’s no concept of deliberately allowing someone under 18 private access anymore, which even the Conservative Party had discussed in the form of anonymous porn passes that an adult could legally purchase and supply to teenagers for their private use. The absurdity of this boggles the mind, since its legal to have sex (and have children) from the age of 16, and contraceptives (including IUDs and other equivalent devices) are available to under 16s without parents needing to know, in order to allow some teenagers to have underage sex together (despite it technically not being legal) without making happy little accidents. So what the government is saying is that it’s OK to do what is portrayed in hardcore porn, even if you’re not really old enough to be doing it anyway (nudge nudge, wink wink) but better not watch someone who is a couple of years older than you doing it while you very safely satisfy yourself in the comfort of your own home, which is a much safer thing to do for everyone than actual sex.
In short: A pair of 16 year olds can get drunk, have mad sex and enjoy a nice cigarette or two afterwards for an added kick. But they can’t look at boobies on the Internet, that’s too much.
It's such a poorly implemented piece of legislation one has to wonder if this isn't the whole purpose of it.
UK internet providers already implement opt-out adult / porn site filtering at the DNS level, so this isn't about protecting little children from accidentally stumbling over adult sites, at least not unless parents have deliberately disabled the filtering.
And using VPN's to bypass any restrictions is such an obvious flaw in any attempted implementation of the legislation that it cannot have not been considered. So that leads us into having to consider if the whole purpose was to try to leverage the 'won't somebody think about the children' outrage mentality behind it, into support for banning public access to VPN services - which have been a thorn in the side of police and other government agency overreach for a long time.
yeah no idea what's happening here. i mean i pay the bill on my internet and phone, obviously over 18. year we have to put up with giving our faces to idiot firms that "care about your privacy" but also "store your data on dropbox & it may be copied onto staff laptops".
fuckwittery all round
There is no prohibition on Porn!
Back in the day, people would buy a packets of peanuts which when removed from the backing card would gradually reveal more and more of the picture so that they had enough protein for the next step instead of the weak willied youth of today!
Tip for Apple users who are old enough but don’t want to be identified: Turn on “iCloud Private Relay” which will hide all Safari web browsing. Everything is encrypted, sent to Apple with the target URL encrypted, so Apple doesn’t know what you are looking at. Apple sends it to a third party server, with your IP address encrypted, so that server knows what site is visited, but not who you are.
Unlike a VPN this doesnt let you choose a pretend location, instead it uses a different location but nearby. As a side effect, it hides your identity, but doesn’t let a 17 year old get around the age check. On the other hand, you just switch it on and it is free.
Shut access to the internet completely and go back to 1996. Else get rid of broadband and problem solved who wants to go back to dial up.
We are turning into North Korea and china where everything is sensored. People have a choice, I dont see anything being really done about the sales of Vapes, the use on public roads of illegal vehicles, the use of drugs in the street. yet we are taking peoples choice on internet content.
"List of personnel cleared for mission Gainsborough, as dictated by General C. H. Melchett: You and me, Darling, obviously. Field Marshal Haig, Field Marshal Haig's wife, all Field Marshal Haig's wife's friends, their families, their families' servants, their families' servants' tennis partners, and some chap I bumped into the mess the other day called Bernard."
Alternatively, they could consider using a thumb drive stored in "an old sock, under the squeaky floorboard, behind the kitchen dresser."
