• residentmarchant@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    1 year ago

    What’s the reasoning for this? Surely it’s not that difficult to block all traffic pointing to “vpn.protonvpn.com” (simplified url for the sake of argument)

    Even if a VPN provider had 100 URLs to tunnel traffic through, they would all be found in a matter of time, no?

    • apt_install_coffee@lemmy.ml
      link
      fedilink
      arrow-up
      14
      arrow-down
      1
      ·
      edit-2
      1 year ago

      The difficulty is that a VPN isn’t just a product like ProtonVPN, it’s a huge family of software and protocols.

      You can block vpn.protonvpn.com, but since most operating systems come with VPN functionality out of the box, you’d have to start listening to all traffic (not just DNS lookups) and blocking ALL packets that might be VPN traffic without causing regular disruption to non-vpn traffic.

      TL;DR: it’s easy to prevent unmotivated users from downloading a VPN app. It’s practically impossible to block a motivated user from using a VPN, and they’re the users you particularly care about.

    • Varyk@sh.itjust.works
      link
      fedilink
      arrow-up
      1
      arrow-down
      13
      ·
      1 year ago

      I’m just a user, but afaik if the server you’re routing through is outside of China, they have no right to block the traffic.

      I think it’s some international agreement that no country is allowed to block external traffic because that interferes in other countries’ affairs something something, but I don’t know the specifics.