• lucullus@discuss.tchncs.de
      link
      fedilink
      arrow-up
      9
      ·
      7 months ago

      I think these nations setup the ISPs to look for the packets using a VPN protocol. This protocol is only used between the user and the VPN provider, so the target website doesn’t see it. Though I think this can be evaded too with a bit of work (masking the packets as normal web traffic). One reason why repressive regimes also want to control the devices of the user.

      • Call me Lenny/Leni@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        There are ways to ban them even if it evades detection though. Incompatible formatting and mobile applications come to mind. Charleston in South Carolina having the highest concentration of diehard privacy maintainers goes over nobody’s head, having it come up as one’s location is like wearing a label that says “I am not who I appear to be” and is the source of the most common geoblock in the free world. Probably a giveaway I help keep the peace in a few sites.

        • eyy@lemm.ee
          link
          fedilink
          arrow-up
          2
          ·
          6 months ago

          Isn’t that just a game of whack a mole though? Ban VPNs ending in Charleston, people hop to another location. Rinse and repeat

          • Call me Lenny/Leni@lemm.ee
            link
            fedilink
            English
            arrow-up
            1
            ·
            6 months ago

            The right metaphor would be popping a pimple. Apply pressure and the oil just scatters and becomes aimless. They represent a powerhouse.

    • Monkey With A Shell@lemmy.socdojo.com
      link
      fedilink
      arrow-up
      2
      ·
      6 months ago

      From the client to the VPN host it’s feasible to do protocol/port identification and prevent it that way. Some are significantly more difficult to do that for though, particularly when it uses something like HTTPS to blend in with the general flow. It’s possible to set up a national level proxy gateway, but that would require a user’s system to trust some alternate CA which would be really hard to enforce.

      Short version, there’s always a way around, but they can make it real tough for the average user.