PirateJesusMovie industry demands US law requiring ISPs to block piracy websites
BearOfaTimeHahahahaha
As a guy from Russia, I must admit that vpns are not a big problem for censors. They can be easily blocked, including self-hosted ones by protocol detection. And DNS would not do much with IP and clienthello-based blocks. And most users are not enough tech-savvy to constantly switch to new protocols as old ones get blocked.
You have no rights in Russia.
VPNs can’t be categorically banned in the US without major first amendment issues. It’s not a huge technical issue, but unless the courts just throw out the Constitution (a risk that we’re seeing too much of, but still a meaningful bar to cross), there are huge legal barriers to doing so.
Your government doesn’t need to care about legal barriers because you have a dictator.
RedFoxWe are just a little behind trying to elect our new dictator…
But just for a day…
/S 🙄
VPNs are not categorically banned in Russia either. Just 95% of them. Categorical ban is not actually required here. Government can just create licensing procedure and license only those VPNs, which follow “rules”. I do not see how this is different from ISP bans.
Entirely unconstitutional restriction of speech.
The government can shut down specific illegal acts, such as sharing other people’s intellectual property. They can’t ban tools or protocols. There’s plenty of precedent of the government trying to restrict encryption and being shut down. Removing the ability to communicate securely is a first amendment violation.
By the same logic they should not be able to force ISPs to ban sites, bit here we are. If they can enforce bans with ISPs, why can’t they do the same with VPN providers?
They may or may not be able to require ISPs to block specific sites. Piracy isn’t protected speech. It’s going to be a moot point because it’s not something that can get actually passed.
They cannot require ISPs to block VPNs. General tools for/access to the internet are protected speech. They could require VPNs that have physical servers in the US to block exits to specific sites (if the first part is valid), but that doesn’t do anything when it’s trivial to have exit nodes elsewhere and structure your service/corporate structure so the exit nodes are not subject to US jurisdiction.
You realize the tik tok ban bill is also going to ban the use of VPN’s right?
CBaaS
Censorship Bypass as a Service, where your new updates are your [unique user ID].com
Even HTTPS-incapsulated? C’mon.
That most users won’t care enough - that’s true.
Https does not actually make difference here. You can still detect VPN usage by unencrypted clienthello, encryption-inside-encryption, active probing, obscure libraries that vpn protocol depends on, etc.
WTF? How are you going to look inside HTTPS?
Or is the word “encapsulation” (misspelled it first) unfamiliar to you in the network context? Maybe shouldn’t argue then?
obscure libraries that vpn protocol depends on
What? Are you an LLM bot? Answer honestly.
At first, please, be a little bit more patient and no, I am not a LLM.
All https traffic is https-encapsulated by definition. And you can look inside https just fine. The problem is that most of data is TLS-encripted. However, there is so-called “clienthello” that is not encripted and can be used to identity the resource you are trying to reach.
And if you are going to https-encapsulate it again (like some VPN a proxy protocols do) data will have TLS-encription on top of TLS-encription, which can be identified as well.
And about libraries: VPN protocol Openconnect, for example uses library gnutls (which almost no one else uses) instead of more common openssl. So in China it is blocked using dpi by this “marker”.
However, there is so-called “clienthello” that is not encripted and can be used to identity the resource you are trying to reach.
Yes, so how is it going to inform you that this is a VPN server and not anything else? You put your little website with kitties and family photos behind nginx on a hosting somewhere, and some resource there, like /oldphotos, you proxy to a VPN server, with basic auth before that maybe.
And about libraries: VPN protocol Openconnect, for example uses library gnutls (which almost no one else uses) instead of more common openssl. So in China it is blocked using dpi by this “marker”.
Ah. You meant fingerprinting of clients.
Banning everything using gnutls (which, eh, is not only used by openconnect) is kinda similar to whitelists.
Both applicable to situations like China or something Middle-Eastern, but not most of Europe or Northern America.
It is going to show the censor that you are trying to reach different banned websites (and, probably, google, facebook, etc), all hosted on your server. Your beautiful website is all fine, but in clienthello there is still google.
It is not necessary fingerprinting of clients, you can fingerprint the server as well. GnuTLS for this particular purpose is used only by Openconnect and that is just an example. This tactic is very effective in China and Russia and collateral damage is insignificant.
And various western anti-censorship organizations wrote articles, that such methods are not possible in Russia as well, but here we are. China’s yesterday is Russia’s today, American tomorrow and European next week. Here it all started in the exact same manner, by requiring ISPs to block pirate websites. And between this and blocking whatever you want for the sake of National Security (for example, against Russian hackers) is not such a long road as you think it is.
It is going to show the censor that you are trying to reach different banned websites (and, probably, google, facebook, etc), all hosted on your server. Your beautiful website is all fine, but in clienthello there is still google.
WTF? No, in clienthello there is www.mysite.com . I’m talking about encapsulating traffic in an encrypted tunnel. We are assuming that FSB can’t decipher your TLS traffic.
The beautiful website I’ve imagined for a situation where some DPI robot will, say, visit it to check that there really is a website there. Or where you have to show that it’s a real website to get into a whitelist. Or something like that.
I don’t get it, you seem to be interested in the subject, but say weird things.
You also seem to be mixing up such entities as VPNs, proxies and encapsulation.
GnuTLS for this particular purpose is used only by Openconnect and that is just an example.
I’ve definitely seen more things using it even for similar purposes. Can’t remember anything specific, but I suppose a search in pkgsrc will yield something.
This tactic is very effective in China and Russia and collateral damage is insignificant.
BTW, I’m using VPNs in Russia from time to time. Something doesn’t work, something does.
And various western anti-censorship organizations wrote articles, that such methods are not possible in Russia as well,
I’m describing a specific kind of encapsulation. What you can do to guess that it’s a VPN is to analyze the amounts of data transmitted. That’d just require sending garbage from time to time. I think I’ve even seen a ready piece of software to make such tunnels.
I’m talking about encapsulating traffic in an encrypted tunnel.
As I I have previously mentioned, if you are encapsulating all traffic in an encrypted tunnel, then most of the data would have two layers of encryption. This can be detected, and, in fact is being detected in China and, experimentally, in Russia.
The beautiful website I’ve imagined for a situation where some DPI robot will, say, visit it to check that there really is a website there.
That is a good protection against active probing, but active proving is not the only detection method, available for censors.
You also seem to be mixing up such entities as VPNs, proxies and encapsulation.
How did you come to this conclusion?
BTW, I’m using VPNs in Russia from time to time. Something doesn’t work, something does.
What are you trying to say here? What does work? What does not?
I’m describing a specific kind of encapsulation.
What I understood from you is that you are talking about encapsulating TLS-encripted traffic in https, TLS-encripting it again. If I understood you wrong, please correct me. There are countless software solutions for that, but they are not panacea, because double layer of encryption can be detected and your beautiful website does not need encryption-on-top-of-encryption. It is obvious that you are reaching something else.
As I I have previously mentioned, if you are encapsulating all traffic in an encrypted tunnel, then most of the data would have two layers of encryption. This can be detected, and, in fact is being detected in China and, experimentally, in Russia.
Please explain how are you imagining that.
because double layer of encryption can be detected and your beautiful website does not need encryption-on-top-of-encryption. It is obvious that you are reaching something else.
I think I’ve mentioned before one solution of having a constant amount of data transferred.
What I understood from you is that you are talking about encapsulating TLS-encripted traffic in https, TLS-encripting it again.
I meant L3 encapsulated in HTTPS.
Please explain how are you imagining that
I fo not have right now links to articles about that exactly, but here is an old article about somewhat similar tactics that China uses to block encrypted proxy protocols like shadowsocks, for example: gfw.report/publications/usenixsecurity23/en/
How the Great Firewall of China Detects and Blocks Fully Encrypted Traffic
In early November 2021, the Great Firewall of China (GFW) deployed a new censorship technique that passively detects—and subsequently blocks—fully encrypted traffic in real time. The GFW’s new censorship capability affects a large set of popular censorship circumvention protocols, including but not limited to Shadowsocks, VMess, and Obfs4. In this paper, we measure and characterize the GFW’s new system for censoring fully encrypted traffic.
I’ve read the article and really liked it, but it doesn’t say anything about TLS inside TLS.
As I said earlier, it is only somewhat similar to TLS-in-TLS blocking. I do not have exact articles right now, and it is jot easy to google them, since almost all of them are in Chinese.
But here is for example, a proof of concept of a tool, that detects TLS-in-TLS: github.com/XTLS/Trojan-killer
It is incomplete and I do not know if it uses the same methods as Chinese censors, but it still proves the possibility.
If you still require more concrete proff, then, I will try to find an article in my free time and if I do, I would reply to your comment again after that (it is not going to be in the nearest future.
OK, I’ve looked at this thing and read about it. It can be real. It should be solved by what I said earlier, but apparently in real life they solve it a bit more efficiently.
Didn’t check.
Cool. Now all, of Google Drive is blocked because one guy hosted a movie there for a few days.
All it would take is someone getting AWS blacklisted for an hour, that law would disappear like it never existed.
Piracy Shield blocked a Cloudflare IP address recently too
The parasites that keep the money aren’t the “movie industry”, the people who actually work to make the movies are.
"you don't get any residuals because the movie is still in the red decades later"
Mmm Hollywood Accounting… Misappropriate my income harder daddy
Wake me when YouTube gets blocked.
If it’s that big a deal go after the service providers for the servers, this type of shit just makes inhibiting free speech easier.
If I don’t want people using Truth Social I guess making a bunch of accounts to share torrent links would be enough to shut it down?
The MPAA still has never been able to demonstrate that privacy even has actual impacts on movie and ticket sales… When Netflix was super convenient and had a lot of content piracy went down. Turns out splitting to dozens of streaming services made it difficult enough that people just went back to sailing the high seas. So lower your prices, make it more convenient to pay for services and people will just do that instead.
TheImpressiveXThe MPAA still has never been able to demonstrate that privacy even has actual impacts on movie and ticket sales…
It does. If everyone paid for tickets in cash and never online, they wouldn’t be able to harvest user data.
The movie industry can’t bother to provide and preserve the movies they make, they should shut the fuck up.
Still waiting to see Dogma on Blu-ray…
To get a better look at Buddy Jesus, of course.
This is fine🔥🐶☕🔥Snoochi-boochis
UltragigagiganticHarvey winestein owns the rights IIRC from a interview I read a while back
Before it went into licensing hell it was available on Blu-ray. I own a copy.
What’s a “movie”? Is that like some kinda Olde English thing like castles and rickets?
I still don’t understand why they keep going after piracy when it is a symptom of the bigger problem. Movies today are expensive and often made inaccessible through BS digital services that periodically just make films and TV unavailable to save server space or avoid paying for licensing.
I would guess that the vast majority of people are not pirating content. I’d also guess that if digital providers and studios would actually try to change the distribution model that allows customers to buy content that is later turned off on a whim, they would see meaningful change in piracy activity.
Because piracy is the boogieman that allows them to wrestle more power and profit from everyone around them like the parasites they are. They want a cut every time anyone ever watches something, ever. And they want to control if you even have the option of what to watch.
Once Neuralink’s installed adn they start selling off our thoughts to information collection bureaus, they’re gonna want us to pay a license for everytime we think about someting not in the public domain
Because it’s easier for them to blame others than admit they fucked up
Movies today also kinda suck.
I live in the EU, have all major streaming subscritions within the family, and we couldn’t watch Terminator 2 anywhere. One of the most famous classic action movie, not even available for purchase on Apple TV.
I still don’t understand why they keep going after piracy when it is a symptom of the bigger problem.
It doesn’t have to be rational “profit-maximization”. Look at comments in threads that pertain to AI training, web scraping, etc. A lot of ordinary people seem to believe that this is how it’s supposed to go.
A lot of noisy people here have a very expansive view of intellectual property. They seem to want total control over anything they “own”, without any regard for the consequences. There’s no room for any kind of fair use. Where they can’t own something, they still want to own it.
With some horror, I recall a thread where the mob called for making robots.txt legally binding. That wasn’t big tech lobbyists, just some ordinary users here.
And half a year later, additional categories are added for CSAM. And another year later for illegal copies and cracks. All the while some states openly missuse it against porn and whistleblowers. We know that game already!
But did you even think of the children?
Sounds like you just want to hurt those precious little ones.
How dare you!!! /s
Ugh Charles Rivkin has such a punch-able face.
Yet another push for legally guaranteed corporate profits, with enforcement funded by taxpayers.
This practice should be abolished.
Yeah. This is socialism… if there’s one group that hates socialism. Meh. We know they support this.
That is not what socialism is?
Socialism is when government does stuff
jordanlundPiracy does not hurt revenue and, in fact, may actually help it:
dumbassI have found and become a big fan of tv shows that I would have never had the chance to see because of piracy, one of my favourite shows ‘Corner Gas’ never once aired in my home country. Thank you piracy for helping me find good entertainment.
“It wasn’t willy-nilly… it was at crows.”
Never thought a single non-canadian would have even heard of Corner Gas lol