nope. You can do IP analysis to ban IP’s that belong to particular VPN but you can’t ban VPN tech. There are so many VPN services and so many proxies and so easy to setup your own VPN that even Netflix struggles with that.
I think these nations setup the ISPs to look for the packets using a VPN protocol. This protocol is only used between the user and the VPN provider, so the target website doesn’t see it.
Though I think this can be evaded too with a bit of work (masking the packets as normal web traffic). One reason why repressive regimes also want to control the devices of the user.
There are ways to ban them even if it evades detection though. Incompatible formatting and mobile applications come to mind. Charleston in South Carolina having the highest concentration of diehard privacy maintainers goes over nobody’s head, having it come up as one’s location is like wearing a label that says “I am not who I appear to be” and is the source of the most common geoblock in the free world. Probably a giveaway I help keep the peace in a few sites.
From the client to the VPN host it’s feasible to do protocol/port identification and prevent it that way. Some are significantly more difficult to do that for though, particularly when it uses something like HTTPS to blend in with the general flow. It’s possible to set up a national level proxy gateway, but that would require a user’s system to trust some alternate CA which would be really hard to enforce.
Short version, there’s always a way around, but they can make it real tough for the average user.
nope. You can do IP analysis to ban IP’s that belong to particular VPN but you can’t ban VPN tech. There are so many VPN services and so many proxies and so easy to setup your own VPN that even Netflix struggles with that.
How are they caught then in countries that try to restrict digital access and have criminalized them?
I think these nations setup the ISPs to look for the packets using a VPN protocol. This protocol is only used between the user and the VPN provider, so the target website doesn’t see it. Though I think this can be evaded too with a bit of work (masking the packets as normal web traffic). One reason why repressive regimes also want to control the devices of the user.
There are ways to ban them even if it evades detection though. Incompatible formatting and mobile applications come to mind. Charleston in South Carolina having the highest concentration of diehard privacy maintainers goes over nobody’s head, having it come up as one’s location is like wearing a label that says “I am not who I appear to be” and is the source of the most common geoblock in the free world. Probably a giveaway I help keep the peace in a few sites.
Isn’t that just a game of whack a mole though? Ban VPNs ending in Charleston, people hop to another location. Rinse and repeat
The right metaphor would be popping a pimple. Apply pressure and the oil just scatters and becomes aimless. They represent a powerhouse.
From the client to the VPN host it’s feasible to do protocol/port identification and prevent it that way. Some are significantly more difficult to do that for though, particularly when it uses something like HTTPS to blend in with the general flow. It’s possible to set up a national level proxy gateway, but that would require a user’s system to trust some alternate CA which would be really hard to enforce.
Short version, there’s always a way around, but they can make it real tough for the average user.