Easy solution: stick your website behind a CDN. That way, people are using a VPN to contact a CDN, and only the CDN ever connects to your website.
And if Utah thinks two degrees of separation isn’t enough… well, it’s likely that every legislator in Utah is two degrees away from someone who will break this law, so they should obviously be the first to be subject to its penalties.
Well that’s the problem. If you’re on a VPN, the site doesn’t know where you’re coming from. So either all VPN services ban Utah, or all websites ban VPNs. It’s a very insidious ploy to ban any anonymity on the internet. It’s essentially letting Utah set the rules for the entire network. And it doesn’t really work anyway. I can create a VPS and set up tailscale or something similar and all my traffic goes through that server. No block of knowable VPN IPs that a website can block. So either Utah blocks all services like tailscale, which is not going to happen, or this is just pointless.
If two computers are connected to the same network, there will always be a way around these sort of restrictions.
There is no way to know someone is connecting to you via a VPN. They just blacklist known IP addresses, so there isn’t really a way to implement this. Sure, you can blacklist well known VPN providers, but anyone can rent a PC in another location to VPN through.
Yeah this was exactly my point. And this only works if the IPs for the VPN are fairly static. I have no idea if they are. But given that I have heard discussions about doing this I assume that is the case. I mean I have done exactly this (using a VPS) to get around some of the restrictions I see.
Oh, they don’t need to be told this - it has been in the fascist state “papers please” handbook since long before WWII. Get very very worried when Fox News starts talking about “considering the possibility of…”
Yeah, and you could also block all Albanians from shopping at your store by asking them as they come in: “Are you Albanian?” Yeah, you have a photo-catalog of known Albanians, and some general descriptions of what Albanians look like, but are you really going to actually, successfully block all Albanians? No. And the more you try, the more you’re going to block non-Albanians just because they “look like they might be an Albanian…”
Apologies to Albanians, you’re just an alphabetically early example - nothing about Albainia or Albainians in particular, the same could be said for Bulgarians, Croatians, Danish, Estonians, Finnish, Greeks, etc.
I also use that, and it’s just all over the place.
I’ve had issues with my carrier, so I just used foreign SIM in roaming for a while. €11 for 40GB is not that bad.
And then I found I can’t purchase a train ticket. For some reason, ZSSK (Slovakian passenger railway company) blocked IPs of Lifecell (Ukrainian MNO), but was fine with IP from RackNerd (Virginia).
Oh, and the university I am at blocks IPs from “3rd world countries”, the result of which was that Asburn, Virginia is fine, but somehow New York is a 3rd world country.
Their instructions say to use any EU-based VPN.
OneDrive uploads would only work for me over Mullvad without crashing.
You’re right they could. But I’m a systems architect who deals with university wide networks so I know what a cluster fuck that would be. It would be absolutely unmanageable. I’d wager there is no way in hell they are gonna do that.
I’m hopeful that an adult in the room is going to show how unworkable this is gonna be but who knows.
They probably know this, and are pushing it anyway - for the votes and the lobbyist backing. (most) voters don’t know how ridiculous it is from the technical perspective, and the lobbyists are only looking for their own financial advantages which often come from chaos.
an adult in the room
They’re all adults, just not adults who care what they break.
Wait… this is specifically about websites?
Easy solution: stick your website behind a CDN. That way, people are using a VPN to contact a CDN, and only the CDN ever connects to your website.
And if Utah thinks two degrees of separation isn’t enough… well, it’s likely that every legislator in Utah is two degrees away from someone who will break this law, so they should obviously be the first to be subject to its penalties.
Oh those legislators are two degrees away from something being broken, and it ain’t this dumbass law.
I would say the easy solution is to stop serving content to residents of the state
Well that’s the problem. If you’re on a VPN, the site doesn’t know where you’re coming from. So either all VPN services ban Utah, or all websites ban VPNs. It’s a very insidious ploy to ban any anonymity on the internet. It’s essentially letting Utah set the rules for the entire network. And it doesn’t really work anyway. I can create a VPS and set up tailscale or something similar and all my traffic goes through that server. No block of knowable VPN IPs that a website can block. So either Utah blocks all services like tailscale, which is not going to happen, or this is just pointless.
If two computers are connected to the same network, there will always be a way around these sort of restrictions.
There is no way to know someone is connecting to you via a VPN. They just blacklist known IP addresses, so there isn’t really a way to implement this. Sure, you can blacklist well known VPN providers, but anyone can rent a PC in another location to VPN through.
Yeah this was exactly my point. And this only works if the IPs for the VPN are fairly static. I have no idea if they are. But given that I have heard discussions about doing this I assume that is the case. I mean I have done exactly this (using a VPS) to get around some of the restrictions I see.
Same here. Running WireGuard on a VPS in Seattle.
Paying $10 a month, but that’s just because I also use that VPS for OwnCloud as well.
I don’t think that’s technically possible under the current structure of the internet.
Now, if they move to: you must sign in with a state assigned ID before you access anything anywhere… that technically could work.
Shhh! Don’t give them freakin’ ideas!!! :)
Oh, they don’t need to be told this - it has been in the fascist state “papers please” handbook since long before WWII. Get very very worried when Fox News starts talking about “considering the possibility of…”
There’s services that not only check for known VPN servers, but also for IPs in datacenter IP blocks. So using a VPS could in theory also be blocked.
Yeah, and you could also block all Albanians from shopping at your store by asking them as they come in: “Are you Albanian?” Yeah, you have a photo-catalog of known Albanians, and some general descriptions of what Albanians look like, but are you really going to actually, successfully block all Albanians? No. And the more you try, the more you’re going to block non-Albanians just because they “look like they might be an Albanian…”
Apologies to Albanians, you’re just an alphabetically early example - nothing about Albainia or Albainians in particular, the same could be said for Bulgarians, Croatians, Danish, Estonians, Finnish, Greeks, etc.
I set up a VPS as a VPN server just for me. There’s sites have definitely done this. Reddit for one. I get cloudflare captchas a lot as well.
I also use that, and it’s just all over the place.
I’ve had issues with my carrier, so I just used foreign SIM in roaming for a while. €11 for 40GB is not that bad.
And then I found I can’t purchase a train ticket. For some reason, ZSSK (Slovakian passenger railway company) blocked IPs of Lifecell (Ukrainian MNO), but was fine with IP from RackNerd (Virginia).
Oh, and the university I am at blocks IPs from “3rd world countries”, the result of which was that Asburn, Virginia is fine, but somehow New York is a 3rd world country.
Their instructions say to use any EU-based VPN.
OneDrive uploads would only work for me over Mullvad without crashing.
I also had Reddit block Czech T-Mobile IPs.
You’re right they could. But I’m a systems architect who deals with university wide networks so I know what a cluster fuck that would be. It would be absolutely unmanageable. I’d wager there is no way in hell they are gonna do that.
I’m hopeful that an adult in the room is going to show how unworkable this is gonna be but who knows.
They probably know this, and are pushing it anyway - for the votes and the lobbyist backing. (most) voters don’t know how ridiculous it is from the technical perspective, and the lobbyists are only looking for their own financial advantages which often come from chaos.
They’re all adults, just not adults who care what they break.
I hate how true this is….
You can still request Geolocation and if the computer has a prior record w/o IP, you can get a location up the chain.