this post was submitted on 29 Jul 2025
1036 points (99.1% liked)

Technology

73534 readers
3204 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
1036
UK households could face VPN 'ban' after use skyrockets following Online Safety Bill (www.birminghammail.co.uk)
submitted 4 days ago* (last edited 4 days ago) by themachinestops@lemmy.dbzer0.com to c/technology@lemmy.world
360 comments fedilink hide all child comments
 

Prominent backbench MP Sarah Champion launched a campaign against VPNs previously, saying: “My new clause 54 would require the Secretary of State to publish, within six months of the Bill’s passage, a report on the effect of VPN use on Ofcom’s ability to enforce the requirements under clause 112.

"If VPNs cause significant issues, the Government must identify those issues and find solutions, rather than avoiding difficult problems.” And the Labour Party said there were “gaps” in the bill that needed to be amended.

you are viewing a single comment's thread
view the rest of the comments
[–] wrassleman76@lemmy.ca 7 points 3 days ago* (last edited 3 days ago) (3 children)

I don't think it's even possible to get rid of VPNs without outright banning encryption. If I set up a VPN that uses an obscure port and the traffic is encrypted, how are they going to know it's even a VPN?

[–] NateNate60@lemmy.world 5 points 3 days ago (1 children)

Attached below is a Wireshark trace I obtained by sniffing my own network traffic.

I want to draw your attention to this part in particular:

Underneath "User Datagram Protocol", you can see the words "OpenVPN Protocol". So anyone who sniffs my traffic on the wire can see exactly the same thing that I can. While they can't read the contents of the payload, they can tell that it's OpenVPN traffic because the headers are not encrypted. So if a router wanted to block OpenVPN traffic, all they would have to do is drop this packet. It's a similar story for Wireguard packets. An attacker can read the unencrypted headers and learn

  • The size of the transmission
  • The source and destination IP addresses by reading the IP header
  • The source and destination ports numbers by reading the TCP or UDP headers
  • The underlying layers, up until the point it hits an encrypted protocol (such as OpenVPN, TLS, or SSH)
[–] wrassleman76@lemmy.ca 1 points 2 days ago (1 children)

You're using the default port though, are you not? If the source port were not 1194, a port associated with openvpn, would wireshark still identify this as openvpn traffic?

[–] NateNate60@lemmy.world 1 points 2 days ago

Wireshark can't but there are other methods, such as checking for the known OpenVPN protocol opcodes in the headers:

[–] herrvogel@lemmy.world 4 points 3 days ago

They're going to know it's VPN fairly easily because it's fairly obvious what you're doing when all or most of your traffic is encrypted and is directed at one or two addresses. Even more obvious if those one or two addresses happen to belong to known VPN or VPS providers or something.

[–] Ironfist79@lemmy.world 1 points 3 days ago

Traffic patterns. There's always ways to tell.