Prominent backbench MP Sarah Champion launched a campaign against VPNs previously, saying: “My new clause 54 would require the Secretary of State to publish, within six months of the Bill’s passage, a report on the effect of VPN use on Ofcom’s ability to enforce the requirements under clause 112.
"If VPNs cause significant issues, the Government must identify those issues and find solutions, rather than avoiding difficult problems.” And the Labour Party said there were “gaps” in the bill that needed to be amended.
There are ways around this even if they do ban vpn. Its a hopeless battle being fought by the ignorant.
I mean anyone can rent a server in Europe and install OpenVPN themselves. Hell, it doesn’t even need to open OpenVPN, Wireguard works just as well and is basically undetectable.
Eat shit, UK government, for real. Idiots think that by speaking the same language as US fascists they can have similarly dumb ideas.
It would have been my go to. But they can detect openvpn and other protocols. I would just use a ssh tunnel with squid proxy. The squid wont cache ssh traffic unless you run your own cert and set up the squid that way. It will however seamlessly allow you to connect through a ssh tunnel with one port forward.
I’ve certainly happily used SSH tunnels — on Linux it’s great in that it’s readily available wherever you already have OpenSSH installed — but one downside of OpenSSH as a general-purpose tool for tunneling is that it is intrinsically TCP and thus forces packet ordering across multiple tunneled connections, which may not be necessary for whatever you’re doing and can have performance impact. Part of the reason mosh exists is to deal with that (not for the SSH-as-a-tunneling-protocol case, but rather for the “SSH-as-a-remote-shell” case).
Wireguard is UDP, and OpenVPN can use either TCP or UDP, depending upon how it’s configured.
If we were going to move the world to a single “tunneling” protocol, SSH wouldn’t be my first choice, even though it’s awfully handy as a quick-and-dirty way to tunnel data.
I used putty for tunnels on windows machines. As for mosh I forgot it exist. I use wireguard now. But if they ban VPN it will be harder for them to prove the SSH is being used for the purpose evading their stupid law. The high bandwidth usage could be a lot of things… right?
While in the hospital ten years ago I did get a visit from the IT dept. They didn’t have any qos on ssh and I was moving a lot of data through it. They just asked me to limit my high usage to late night.
Fair enough, and come to think of it, I think I have too. Just was pointing out that not all SSH implementations have tunnelling functionality.
Yeah, that’s true.
wireguard is not undetectable, even wireshark has a simple way to identify it, but there are more accurate ways
Wouldn’t it be detected via initial connection only? WG does not send packets while connected, does it?
update: I think not only the handshake packets contain a recognizable pattern. look at “Subsequent Messages: Exchange of Data Packets”
https://www.wireguard.com/protocol/
especially if the receiver/sender_index and the counter are what I think they are.
also have a look at this page: https://www.wireguard.com/known-limitations/
now that you say, I think I remember reading something like this earlier
To be honest, I’ve found WireGuard’s performance is harmed more by replay attacks than OpenVPN. Least that is what I put it down to when I tried them both from a VPN provider that offered both.
Edit: missed the a in replay.
How is WG vulnerable to replay attacks? They already address that in their documentation.
It’s doesn’t fall over, it just slows down. Or appears to much more than OpenVPN. There could be something else going on, but for what ever the problem was, OpenVPN was coping better and just spitting out errors about a possible replay attack and continuing like nothing was wrong. I’ve not looked again as OpenVPN is working fine. For everything else, I’m using WireGuard.
What’s a reply attack? Do you have people activity MITM-ing your connection? Personally I’ve found Wireguard performance to be significantly better, especially on spotty mobile Internet
Man in the middle can be part of it. It’s just basically recording and sending stuff back. Generally I use WireGuard, but on unhygienic networks, were OpenVPN is warning about possible replay attacks, WireGuard doesn’t work as well. Could be something else of course, but I’ve got one end. It’s not constant or always.
Oh replay attacks, that makes a bit more sense. Honestly I’ve never been on such a poor network to run into that. I don’t know your situation, but I’d be doing anything I could to get away from that ISP if they’re actively manipulating your traffic
Ah, I see it. Sorry. Corrected.
It’s not really an issue with OpenVPN as it seams to cope. It’s the only time I use OpenVPN instead of WireGuard.
They will use it as an excuse to give themselves more power and to take more civil liberties from you.