Hacker News new | past | comments | ask | show | jobs | submit login
Uganda Bans VPNs to Prevent Users from Dodging Its New Social Media Tax (techdirt.com)
224 points by myinnerbanjo 9 months ago | hide | past | web | favorite | 166 comments

The Uganda OTT tax is probably meant to stifle online political speech and organizing, but the concept itself, taxing most over-the-top communication mediums that use the mobile networks solely as an opaque data pipe (and typically only work with their captive apps) is a concept that merits more discussion than being patently called "absurd". These services aren't interoperable, they exfiltrate data to foreign countries (where they may be subject to foreign intercept), and they surface ads for whose placement these foreign companies are paid. This perpetuates a wealth transfer from Uganda to abroad.

Then again, it's awfully convenient for the President that these services are places where one can organize an opposition against him, and he can use the excuse of rumours, lies, or "fake news" to justify legislating against them. The tax regime now sets up a wealth transfer from every Ugandan to the state, where it will be squandered I'm sure.

What I find frustrating is that most coverage about this falls into the same tired tropes, like pointing out how little most Ugandans make in real US dollars as an insidious appeal to well-to-do westerners to envision the subjects of this tax as downtrodden poor who are being exploited by their (presumably) oppressive government. I thought we were beyond this kind of coverage, and recognize that people in less prosperous countries have the same agency, despite systemic problems with the 5-term Ugandan president's authoritarian tendencies, corruption, voter intimidation, lack of transparency, and poverty.

What this tax will do is hasten the decline of civil society and respect for the current administration's law in Uganda. It will broaden the gulf between the cronies of the President and everyone else, leaving more and more people dissatisfied with the governing party that once promised (and, in fairness, delivered) real reforms. He obviously knows this, and has been making moves to prolong his power as he feels the winds of change shift around him.

Are you a history professor or a diplomat of some sort?

You just delivered the kind of analysis I'd pay money to read in a paper.

Just Read Why Nations Fail. This is part the course for almost all of history.

exfiltrate data to foreign countries (where they may be subject to foreign intercept)

If you're, say, a Ugandan dissident would you rather be spied on by the NSA or the Ugandan government? Tunneling all data out of the country may be safer for the majority of people, but maybe I'm falling for the trope of downtrodden poor who are being exploited by their (presumably) oppressive government.

Better that users be spied on by no one (like with Briar or Signal), but digital protectionism like what Russia and China do isn't infeasible.

One is more likely to have you disappear in the night if you share something against their interests, and the other is more likely to bomb your child's wedding if you share something against their interests.

Neither is good, so let's not pretend that one is harmless.

As a professional network engineer this is utterly preposterous. Ignorant government officials who know nothing about how the Internet actually works, trying to fuck with it because it's something beyond their petty attempts at control. When will people realize that blocking VoIP and blocking a ton of other stuff (Ethiopia and the UAE are great examples), in the long term and in aggregate, results in more economic damage and a poorer telecom/Internet ecosystem than allowing all traffic freely? They're short sightedly trying to raise revenue by taxing the mobile phone carriers, who are 95% of the data connections in the country, when they should be focused on allowing telecoms to build better pipes for domestic and international traffic.

Quick edit: People who run major international ASNs and medium sized regional ASNs have a responsibility to not aid and abet this bullshit. Don't contract for government entities that want to implement filtering/blocking of stuff. Refuse to participate with network engineering and architecture decisions and implementation that hurt net neutrality. There is a finite pool of people with the real talent, clue and 15+ years of experience who can build carrier-grade ISP infrastructure. If people want to fuck up their domestic Internet in $COUNTRY, do not help them. No matter how lucrative it might appear at first glance.

There is such a thing as ethics in network engineering, just as there is in software engineering. Think long and hard about what you think defines an ethical ISP. If you're asked to do something contrary to that, refuse to participate.

Incompetence at that level is malice. Short sightedness is nothing new in politics. As is fucking with the middle class. (I mean with those who understand the problem of blocking certain kinds of Internet traffic.)

Oh, it's absolutely malicious. In a typical $RANDOM_DEVELOPING_NATION the amount of corruption and graft that goes on between the "Minister of Communications" and other government entities (quasi-state-owned telco in the UAE for example) is something that has to be seen first hand to be believed. Those who are in power have no interest in actually having something like a diverse IP transit and transport carrier ISP ecosystem (as the US, Western Europe do, take a look at how many carriers and ISPs are connected to the AMS-IX and DE-CIX). They care about their short term personal financial gain.

Politics is never about optimal or about doing what is financially sane. It is about staying in power... We do not elect or raise to power people with the best minds and intentions.

Yes it is malice. There is a joke I find descriptive: " Two young people discuss about their future. One of them says at some point that if they want to make money, it seems their only options are to become a thieves or politicians. The other responds: "Well I want to lead an honorable life, so I guess I will become a thief."

They just don't care to get informed or about the future. Simple. If there were time machines people would be coming back killing politicians en masse.

"results in more economic damage"

That's a cost the people in power are willing to bear; or should I say that's the cost the people in power are willing to offload onto to the powerless as a way to make the powerless have even less power.

Welcome to Africa! This is the sort of shit we have to put up with here.

or uzbekistan, or russia, or vietnam, or cuba, or belarus, or iran, or most small pacific island nation-states... I've worked in African telecom and many countries there are really good examples of the phenomenon but are by no means the only.

Philippines is also another great example.

Maybe the leaders have the opinion that "Internet wars are good, and easy to win."

As someone in IT but not in networking I agree with your sentiments. As an African I have to let you know this is all about keeping the masses in check. The masses don't know enough about the technology to understand that this is a bullshit law. The government will prosecute a couple of high profile people and make it seem that they have more control. The 1-5 percent of us will ignore the law and do our thing but the majority will continue to tow the line. Thus keeping the dictators in power. Its all about power.

I'm living in Uganda at the moment and have a couple of things to add:

1. VPNs still work fine (I'm using one right now, though its one I installed on a digitalocean instance - it's possible those receiving lots of traffic have now been blocked).

2. This tax is unaffordable for many Ugandans (it would be about 5% of the average wage here). Whatsapp is very popular here and this has impacted everybody I know. Most people I've talked to are using a free VPN (they aren't aware of the risks here).

I haven't done much analysis of the blocking yet but I will be doing a more in-depth post about this whole debacle in a few days.

Correct me if I'm wrong, but Uganda has a somewhat reasonable diversity of domestic ISP AS that are connected to other east African AS for international connectivity outbound via Kenya and Tanzania. It's not like a single government controlled bottleneck situation (As in Iran, where all ISPs have to be downstream of the government AS, which operates all of the international L2 transport and L3 transit/peering connections).

I'm not sure about the peering connections but Uganda does have a good range of ISPs (outside of Kampala connectivity is mobile network only).

The mobile providers are:

- Africell (was orange)


- Airtel

- Smile

- Uganda Telecom

Have you tried Lantern? It’s free up to 500MBs per month and works well in many censoring countries around the world. It has lots of features that make it fast, such as automatically optimizing server selection and using BBR, and it does many things to stay unblocked, including the use of pluggable transports.

Full disclosure: I’m part of the team that builds it.

This is good to know about (and a great idea) - i'll take a look later. The other issue with using a VPN is people can no longer use the 'social pack' which is a cheap social media only data package available on all the networks.

The title seems misleading -- looking at the image in the article, it appears that the tax isn't on social media per se, but on any service that provides mobile voice / messaging functions over cellular data.

Which is effectively a tax against cellular data being treated as a dumb pipe. Still not OK, but a fundamentally different beast than the title implies.

If you're a telco in Uganda, and you have sufficient sway with the government, why not go for broke and try to tax your way back into cellular voice / messaging revenue streams? They can be quite lucrative: in the UK, I'm paying about £1/GB of data, but a single MMS costs 43p. Turns out you can send a lot of group messages on WhatsApp before it uses 43p worth of data...

> The title seems misleading -- looking at the image in the article, it appears that the tax isn't on social media per se

The title is not misleading at all - the purpose of the tax is to discourage the use of social media. The (likely) president-for-life Museveni has expressed his strong displeasure with social media (particularly when it was used to mock him in the run up to removing term-limits) well before this law was promulgated. Strong-men do well with traditional media, which they can easily control.

Few Ugandans are going to spend 43p (per MMS) to send a meme gif mocking the government to 7 friends - this is entirely according to plan. Nevermind the local police (secret or otherwise) has easy access to MNO's servers compared to WhatsApp or Facebook for their investigations to support the charges of "incitement/treason".

Not familiar with the political situation in Uganda, but if that's the case, then framing this as a tax on "Over The Top" services (and including things like Skype in the restriction) is mainly about finding a plausible excuse for effectively censoring access to uncontrolled, peer-to-peer communication?

Sounds like the despots and the profiteers are aligned. Good luck, Uganda. :(

Funny you mention easy access to MNO servers. This happened last night - https://www.businesslive.co.za/bd/companies/telecoms-and-tec...

I am not surprised by this. The excuse they gave came from the left-field though ("investigating intrusion reported by anonymous sources"). I also wouldn't be surprised if there are Italian/Israeli/American "security consultants" doing the analysis behind the scenes in the mold of HackingTeam. A dictator's dollar is just as green, I guess.

While we are at it, I still pay 1€ a minute for international calls (EU/Switzerland/USA) but I can talk for hours on WhatsApp, and FaceTime audio before I come close to 1GB data. Telecoms don’t charge in propositions for what they are providing (the cost + small markup for profit), they charge what they think customers are willing to pay, and since there is no real competition (at least in my country), they can do pretty much whatever they want.

Weird. In france calls in in the eu and to the usa are free and unlimited on most contracts.

France has it good. Here's my anecdote: I got a SIM card from France for my last trip for 20 euros (30$) all included. That was enough for what I needed it for. Fast forward, I come back to Canada, and I still have that SIM card. I can now use it locally, with unlimited text, calls and 25 GB of data, without paying a cent more. MMS included.

My local phone contract is 70$ per months for 6 GB and a limited numbers of calls/text and no MMS. So I'm basically paying less than half roaming with my France SIM than with my local one, while having a better service. The real kicker? The roaming is happening on my local's provider network.

I don't care what your definition of insanity is, mine is Canadian telecoms.

Just to add to this as I have done the same - the SIM I got game with 100gig of data, 25 if I used it outside of Europe (which included Britain!).

As far as I could tell, you’re a caveman in France if you use SMS or cell calls as they use WhatsApp. That surprised me.

It was the same for me recently in Morocco, only WhatsApp, nobody wants to use SMS.

It almost sounds like you could finance a brief vacation to France on the savings from canceling your local phone contract and buying a couple years worth of french SIM cards.

This suspiciously resembles a opportunity for arbitrage.

I wished, and very seriously thought about it. Unfortunately, after 4 months of out-of-France service they can cut your service. It would have made my day if it would have worked!

Just get a penpal in France who keeps buying and sending you SIM cards?

I had a similar experience after a visit to Mexico. I picked up an ATT Mexico SIM card, and noticed that it still worked after I got back to the US. I bought a new tariff each month for about $10 USD using Ding, and it worked great.

The only downsides were that I had a Mexican phone number (I use Google Voice anyway, so just needed the data) and, more importantly, that all the customer support was in Spanish...

I ended up ditching the SIM after about a year when the data stopped working when I bought a new tariff. Not sure how much this was due to my inability to navigate the Spanish customer interface vs. ATT cracking down on people doing exactly this.

Well Germany does have the most expensive plans it seems. I pay for 3GB what my Austrian friends pay for 30GB and don’t even have LTE, although this is because I chose a plan on the D network (that just means it uses 900MHZ instead of 1800MHZ) and brought them through a resell because that’s about 1/3 cheaper.

They offer an option for about 10€ a month which offers unlimited international calls but only to landlines. 10€ is also how much unlimited texts cost – but I don’t send many texts anyways so 3 * 20¢ a month is not too bad.

I think the real problem is that there is no real competition in Germany. They are 3 carriers, 2 of them use the D network but are very expensive and one is cheaper but only uses 1800HZ frequencies which makes them unusable in most buildings. You have a false sense of competition from third party resells which either use the a slow network, a slow connections, or just don’t offer LTE/4G at all (although their customer support is usefully way better then one of the three carriers).

After all, we almost pay American prices in terms of $/GB, but live in a very dense area, we don’t need a lot of rual coverage (unlike in America where you can go 300 miles in one way and don’t meet anybody) and have no difficult mountains. Even according to our government we have “good and fair telecom regulations”.

> Weird. In france calls in in the eu and to the usa are free and unlimited on most contracts.

That’s because we have really good phone contracts in France compared to the rest of the World, and also because mobile roaming charges are forbidden in the EU [1].

[1]: https://en.wikipedia.org/wiki/Roaming#Roaming_between_Europe...

It is, however, not forbidden to charge extra for calls/SMS from your home country to the EU. (A confusing fact, as calling from non-home EU countries to the EU can _not_ carry extra charges.)

That was one of my (only) favorite parts of my French cell plan. It’s a bit sad when the less developed world rapes their customers. For example, What’s App got big, especially in Latin America because up until a few years ago, a typical Mexican cell plan would include 10 included SMSes per month, then overages were something like 25 (US) cents. Carlos Slim got away with that nonsense because he had a government mandated monopoly when he first bought the network. That monopoly expires, but in the meantime, he was able to charge whatever he wanted. I used to be amazed that What’s App even needed to exist for SMS until I lived down there and discovered “unlimited” didn’t exist. What’s App in the US didn’t really have a compelling value prop because unlimited texts were such a staple. I prefer iMessage and FaceTime personally but good for What’s App for trying to innovate around the typically corrupt third world providers who enjoy monopoly status due to various structural and political issues in those countries.

> That was one of my (only) favorite parts of my French cell plan. It’s a bit sad when the less developed world rapes their customers.

That’s a developed world problem isn’t it, or at least it’s bad there too?

A downside of the situation you discuss is that it’s not easy to navigate the current situation, as you can’t communicate with certain people if you don’t want WhatsApp. In France i encountered several people don’t have a cellphone number for calls or SMS, and my interest in WhatsApp is zero, preventing communication except by email.

The calls are free for you, the carrier still pays - nowhere near the robbery-grade rates they would normally give to out-of-bundle international mobile calls, but they’re probably paying around 1p a minute for most of the EU.

I'm not sure why this tax should be labelled as absurd. Lots of countries tax TV, phone already. Taxing social media sounds weird only because no one else has done it yet.

Taxing TV and phone is like taxing internet connectivity. While a bit odd, this is perfectly fine. The reason for this is that it does not discriminate content, but only care about the utility itself.

Taxing social media is like taxing you for saying or hearing a specific word or sentence on the phone, or every time a certain show is broadcast on the TV.

This is absurd, and a violation of free speech, as it discriminates content. It is an attempt to control information exchange by discouraging it. The ulterior motive is usually manipulation of the citizens to keep them in line in absurd regimes, and/or to avoid the outside becoming aware of their internal issues.

Separately, these idiocies implemented by people that do not understand how the internet works undermines fundamental security aspects by being incompatible with proper cryptographic security measures. You cannot, for example, serve a portal instead of a properly configured HTTPS site without your browser noticing, so HTTPS needs to be blocked first.

Taxing TV and phone is like taxing internet connectivity.

Is it? Then why do you pay taxes to use VOIP? Is internet not a carrier, while TV & phone are services?

I don't quite know about any VoIP taxes, but I am quite certain that no place puts taxes on the VoIP traffic itself over internet as a carrier.

Services purchased that use the internet as a carrier may be taxed as any other financial transaction, but in that case, the internet itself is still a neutral medium that does not discriminate traffic. Being non-discriminatory does not mean that you cannot pay Netflix a monthly fee, with VAT and other applicable taxes, to give you an account.

Ah, all of the VoIP fees are just fees for gaining access to the PSTN network from the outside (not necessarily through the VoIP). All of the taxes relate to any use of telephone services.

Thus, it's just the price of the service your are purchasing, none being related to how it is delivered.

VOIP fees are not taxes - merely upfront fee for an agreed upon add-on service.

Beer is taxed differently than bread, and that's fine.

It would be more absurd if different brands of beer were taxed differently.

I don't think it's going to work out well given the lack of standardized information floating around, but the impetus is does not have to be entirely unreasonable, even if in this situation it probably is.

It is important to understand where the internet fits in this metaphor.

That different services cost different things with different taxes is not a problem.

However, with a beer analogy, it would be a special tax on transportation of beer (including bringing it home from the store), which seem a lot less sensible than just pricing beer and bread differently.

After all, the internet is an information transport, and it was a tax on using the internet for certain things (social media).

If they are taxing on the IP level or packet level, then yes, you could make this argument.

But if they are taxing on the service level, ie FB or What's App, then no, it's just information they are taxing. They could feasibly just use 'packets' or 'IP' as a crude measure of that service.

> Taxing social media is like taxing you for saying or hearing a specific word or sentence on the phone, or every time a certain show is broadcast on the TV. This is absurd, and a violation of free speech.

Is it? After the shenanigans that have been uncovered with recent elections (specifically referring to the US and Britain, I’m sure there are others) is ‘free speach’ really anthing that is being defended by opposing this tax?

Just because the U.S. and Britain fails to care about free speech and human rights doesn't mean that the battle is not worth fighting.

This tax is in direct opposition to free speech, so opposing it defends free speech. It is, however, only a single battle in a very long war.

But the companies hit own the forums, and don’t support free speech. I agree that it’s a potentially slippery slope for regulation, but it’s not currently an area where free speech is tolerated. Just yesterday Zuckerberg was apologising for censoring inappropriately. I don’t have a strong view either way, I’m just not convinced that the ‘free speech’ aspect is as direct as you state.


No one cares about the hit Facebook takes from having social media blocked. In fact, I'd rather have them crash and burn.

The problem is that the citizens get access to all social media taken away through taxes that most would avoid. Social media is also Twitter, WhatsApp, Telegram, Signal, Snapchat, WeChat, Weibo, QQ, ...

It is not suddenly okay to block free speech by limiting/removing access to social media, just because one of these social media are known to censor content in other ways. One crime does not justify the next.

> every time a certain show is broadcast on the TV.

It seems like an obvious thing to tax the airing of a show on TV. I'm in favor of the taxation of every 30 minute slot on TV and Cable.

This maybe makes sense to me because I'm a natural person (i.e. not a corporation), so everything I receive or produce or give away is taxed.

Ah, but then you're back at general taxation of a utility, not discriminatory taxation of certain content. I disagree wholeheartedly that it would make sense to have a government tax on TV slots, but it does not manipulate information exchange in any way.

Taxing social media would be more akin to placing a tax on documentaries, or all content containing a narrative by Morgan Freeman.

Since this tax is on the user’s end, this would be more like a tax on watching documentaries, and then scrambling to control all DVD players and such to ensure they report your viewing.

That's what I meant, although I failed to be explicit about it.

Although, the enforcement would be on delivery for social media (i.e. ISP reports social media traffic), so cable TV that detects if your TV is on during documentary broadcasts would maybe be a better analogy.

> I'm a natural person (i.e. not a corporation), so everything I receive or produce or give away is taxed.

This sounds like a dystopian nightmare. Where do you live?

Well, with income tax and VAT, you end up paying tax of everything both ways. Private transactions are commonly exempt, but they commonly have a limit in size before that becomes taxed income or require a company to be registered that takes care of VAT.

Most things in America that you can buy are taxed on the sale, and any money (or the monetary value of assets) you receive is taxed as income. If you produce anything, you're usually hit with licensing fees of some sort. I laughed out loud that you called out my description of this system a "dystopian nightmare".

Anywhere with an income tax + sales tax?

Because social media is simply one of the vast amount of websites on the internet, it's unfair to tax it alone. Either you tax the whole internet comsumption (e.g. every 5GB or something like that) or you don't.

Imagine taxes specific to laundering machines that only apply when washing underwear, but not for any other clothes, it makes no sense.

Also, the govt. snooping on what people access / banning use of VPNs raises privacy concerns (and even censorship ones).

You could argue that social media has a negative effect and that it should be taxed in the same way that alcohol (and soft drinks in some places) is taxed. I'm not arguing that social media has a net negative effect, but I can see how some internet sites could singled out and taxed.

In this case, the reason that Uganda is taxing social media is to stop people from criticizing the government. Taxes can be a great tool for censorship.

> I'm not sure why this tax should be labelled as absurd

It's not the tax per se so much as how it's being levied and enforced. Social media should be subject to a sales tax, levied on the provider. This is being structured as a use tax, levied on users. Use taxes are notoriously difficult to enforce, and digital goods make that harder.

Commendations for your bravery in raising that viewpoint. Assuming it’s a good idea to tax social media, do you also think it’s a good idea to implement the tax as a captive portal at the ISP level?

Many gouvernements tax what the it/the population deems hurtful: cigarettes, alcohol, gambling, etc.. Social media fits that list better than TV and phone IMO.

It might mean it's a bad idea to tax TV and phones.

Telephones have taxes, but has anyone tried anything like this?

    Calling mother: 15¢/minute
    Calling children: 3¢/minute
    Calling policy: 25¢/minute

Here in Brazil there were plans where you can choose one or two numbers and calls to them will come off a separate monthly time quota.

Don't know if they still exist.

Interesting exercise - if calling certain relatives received tax credits you could potentially achieve something positive.

Not with taxes, but providers have had rate plans like that.

The effective tax rate is so disproportionate as to be obviously punitive. Relative to average earnings, it'd be equivalent to America imposing a social media tax of $2,000 per year. It's clearly not a good-faith effort to raise revenues, but a de facto ban on social media.

I must agree- we like the idea of absolute neutrality, but the internet is so general purpose it's possible that society will ultimately settle on things like this.

TV and phone are two services both provided over one or two strands of copper, and each is taxed at a different rate. Is social media not just another service? Sure, it's built on TCP/IP, DSL, & DOSCIS, but cable TV is built on CATV and phone on ISDN.

If it is absurd to tax a social media service coming down the wire, then it is equally absurd to individually tax cable TV or phone service over the same wire. Yet, we hardly see that as absurd, we've been doing it for decades.

If you take the stance that social media is ultimately a bad thing for society, then a tax actually seems like a good solution.

After all, San Francisco decided that soda is a bad thing and implemented a soda tax. What's the difference?

Nothing like siding with a President that has been in power for 31 years and is known to jail and kill gay people, but hey, social media is the problem!

You can't threaten government by drinking soda.

Would it be reasonable to tax meeting up in person? If not, how is this different?

It's more like taxing cafe's and bars by creating entry fee where there was none.

What's absurd is the rate. It's far more than most Ugandans can pay. It's clearly meant to suppress usage, not to fund the infrastructure.

It's being used to limit government criticism.

> President Yoweri Museveni pushed for the changes to combat what he calls "gossip,"

It would be nice if those in disagreement would advance an argument as to why. Anonymous down voting without a comment is lame.

I don't think ESPN is taxed differently than CNN.

Because tax, in general is absurd. You're literally taking people's money under the threat of force. Just because it is done quite universally does not justify the practice.

More specifically, taxes are abused near universally. From the sugar taxes in Seattle (unless you are Starbucks), or forced Union dues that fund political campaigns, the practice is abused. Meanwhile necessary services like police, firefighters, and rescue workers are always under underfunded, even though that's why we think we're paying them.

> Because tax, in general is absurd. You're literally taking people's money under the threat of force. Just because it is done quite universally does not justify the practice.

They buy you civilization, which is great because it means you're not just immediately enslaved by your local warlord.

A Warlord prefers his subjects unarmed. What better way than to tax said items.

Don't worry, in the absence of an advanced economy the supply chains needed to manufacture firearms won't exist, so you'll be subjugated using clubs and spears.

You just proved my point. Thank you.

Oh, was your point that the things you take for granted, like the existence of firearms, are only possible because of a civilization that runs on taxes? You're welcome :)

> You're literally taking people's money under the threat of force

Money that would have no meaning, earned for work which would largely be impossible, without said threat of force.

>earned for work which would largely be impossible, without said threat of force.

You're confusing threat of force to enforce property rights and personal freedoms with the threat of force to collect taxes.

They're the same thing. You can't have courts and police without paying them, and you can't pay them without taxes.

> You're confusing threat of force to enforce property rights and personal freedoms with the threat of force to collect taxes

How do you plan on paying your police?

That doesn't sound any better. So if I have an asset that I'm not using, it's morally just to take it from me because I'm not using it?

The devil's in the details. Depending on the asset and the situation, it may be morally correct to take it, yes.

To give an absurd, extreme example: if you lived in a nation going through a famine and your hobby was watching bread mold, it might be morally just to take away your warehouse of stockpiled bread to let the starving people eat, even if it meant you couldn't continue your thrilling bread-mold-watching hobby.

> it's morally just

Morally? Definitely. Incentivizing trade promotes human survival. Is it "just" is a different question, because justice requires a set of idealogical social principles to start from. Natural rights, divine will, reparative, or some other. YMMV


Please don't break the HN guideline which asks you not to call names in arguments. It is found here: https://news.ycombinator.com/newsguidelines.html.

Your comment would be fine without the first sentence.

>You libertarians are insufferable.

Stick to content. Not attacks.

The content of his argument is libertarian.

"You libertarians are insufferable" is not exactly a critique of an argument.

Please keep generic ideological talking points such as taxation-is-theft off Hacker News. They only ever lead to repeats of the same discussions for the millionth time, and usually flamewars. Repetition and flamewar are two of the most off-topic things here.


I’m curious if you have any suggestions for keeping assorted necessary services funded without the “absurdity” of taxes.

I will gladly pay 'taxes' for needed services. I hope the last bit of my comment implies that. When I examine the budget of my local and Federal government, said things are a monitory unfortunately.

There are much greater absurdities within the capitalist economic system which mostly go unquestioned; I'd actually start there rather than attacking something much higher up the chain and less fundamental. Taxes also help alleviate the burden of a capitalist economy on people, by providing for social institutions.

So it's fine to attack taxes (even with this naive-libertarian "stealing my money under threat of force" line) but it's a very small problem in the big scheme of economic organisation.

I'm interested to see how they go about filtering VPN traffic. AFAIK, running openvpn over port 443 is pretty much indistinguishable from normal TLS traffic.

China's gotten pretty good at it.

OpenVPN running over port 443 is generally going to be using a CA that is not a public CA, and issues certificates directly rather than through an intermediate.

Even if you tunnel something over normal TLS, the type of traffic can potentially be determined by analyzing how much data flows in which direction and when.

If circumvention is seen as too widely spread, Uganda may simply decide that all TLS traffic leaving the country must be intercepted by a MitM proxy, and require everyone to trust their CA.

I'm sure there are plenty of companies that would be happy to get the contract to provide this service.

These blocks can often be circumvented by methods that do not scale, but if only tech savvy people who can afford to run their own VPN server on a VPS somewhere can circumvent the block, it's "mission accomplished".

OpenVPN traffic over TCP 443 will still be distinguishable as OpenVPN traffic, it's just a little harder.

Normal TLS handshakes over TCP typically look very similar, so if OpenVPN did those, it would be tough. But OpenVPN's TCP mode is basically just a TCP encapsulation of the UDP mode messages, and even with the new tls-crypt option enabled, the packets still contain unencrypted parts that could easily identify them as OpenVPN traffic.

As far as I can tell, if you're looking for your TCP port 443 traffic to look just like normal web traffic, you'll need to use a different protocol.

If circumvention is seen as too widely spread, Uganda may simply decide that all TLS traffic leaving the country must be intercepted by a MitM proxy, and require everyone to trust their CA.

In which case you start using stego. All you need is a tunnel to the "free world". Good luck trying to figure out whether someone's packets are saying what they're actually saying, or something else.

There is a hidden message in the above paragraph. ;-)

I feel like China is good about public/shared VPN's. If you set up your own and keep the details to yourself I was under the impression that it'd work just fine. That being said I love to travel and can work wherever but haven't been to CN yet for this reason in particular.

From what I've heard second-hand (my SO has a friend who frequently travels to China), they do actually block people's private one-off VPN servers quite effectively.

Have a look at https://www.cs.tufts.edu/comp/116/archive/fall2016/ctang.pdf - it talks about GFW using machine learning with flow analysis to do this.

Indeed they do. It starts off working fine, but then eventually it stops. I assume they're running some AI/ML against the traffic pattern to determine if it's a VPN. I think they're light-years beyond simple traffic blocking and shaping.

I took that class (comp 116) a few years ago! Just had some fun finding and rereading my own final paper from the archives (the one you linked to makes mine seem way less interesting). Ming is a really awesome and unique lecturer.

If I may ask, why pass the perfectly appropriate opportunity to... link it here?

basically, netflow analysis tools feeding into an automated pattern matching system. 100% crypto traffic no matter what looks different than usual usage patterns. The netflow tools need some time to gather enough flow statistics between your outside-china VPN endpoint and your domestic IP, but once that's gathered, it's pretty hard to get around.

tools like obfsproxy for openvpn can help.

Why do they not outright block encrypted connections which they fail to bruteforce?

That blocks a large percentage of the websites out there now.

It's probably easier to just block all AWS/Azure/Linode/DigitalOcean/etc... blocks.

If you are just visiting, the Great Firewall is not really a problem, as foreign SIM cards route directly to the internet. Just make sure you have a reasonable international plan with your carrier before you go.

This is true. My phone connected to 4g when I turned it on but then upon my first search using google now it disconnected and then reconnected to an H+ network and completed the search. It was pretty cool how they made a completely separate network for it.

With the caveat that in some countries the way data roaming works is all the data is routed back to your home before actually being routed to its destination - for example, if I visit Canada with a US T-Mobile SIM, all my traffic first has to travel to the US, even if I'm pinging a Canadian server.

If you end up with this sort of data configuration in China, you'll be having a bad time using it for anything performance-sensitive. Good enough for email though, I bet.

>OpenVPN running over port 443 is generally going to be using a CA that is not a public CA, and issues certificates directly rather than through an intermediate.

nothing preventing you from using letsencrypt.

>Even if you tunnel something over normal TLS, the type of traffic can potentially be determined by analyzing how much data flows in which direction and when.

true, but only if you're doing packets-over-TCP. if you think beyond a VPN, like a https proxy (http proxy, but over TLS), it's indistinguishable from regular https traffic.

that's until tech-savvy people make a simple script/installer for the common folk. something like what happened with the LOIC. it's a cat & mouse game and i'm willing to bet there are far more hackers outside of goverment than inside it.

How about a thought experiment, assuming you had multiple domains, obfsproxy and Let's Encrypt going how are they going to be able to tell if everything is over 443?

> analyzing how much data flows in which direction and when

Encapsulated TCP SYN packets, for example, smaller than any HTTP request inside TLS would be.

Want to beat that by padding? Everything always being the same size is an anomaly too.

So then we randomize the padding, what's next?

How else do they figure it out? My mind jumps directly to funny traffic patterns like a single person using the domain or maybe a non-normal looking website that doesn't serve static assets to non-vpn users or other normal things, etc. Can they probe the server somehow and and figure out it's a vpn?

Does the user need to visit other sites unrelated to the vpn in order to mask their own usage and appear normal?

It would be quite laborious to figure out "normal" user traffic patterns and then adjust to those. You would have to collect data on a bunch of users and then shape your own traffic to match.

Only makes sense if you are doing it for a bunch of people and at that point you are another VPN provider.

As others have said, that's not true. It's actually pretty hard to hide VPN traffic from DPI solutions. And judging by bgp.he.net, ISP market in Uganda is monopolized and censorship friendly, the government can just ask the ISPs to install DPI equipment for censorship and they will comply no questions asked.

Some VPNs go through extraordinary length for VPN over HTTP(S). It is not so trivial. Assuming that Uganda is likely buying blocking equipment from China.

Probably more like silicon valley. Bluecoat vars have been known to sell equipment to sanctioned countries and those that violate human rights.

Sure, but Iran is under embargo from the west. Uganda is not, and thus can freely buy censorship tech on the open market.

Not sure why this gets downvoted. Good luck trying OpenVPN over 80 or 443 in China.

If you want to build your own, use at least VPN that was developed in Japan. (Google)

By blocking a known set of IP addresses that belong to the most popular VPN providers or identifying these providers by traffic patterns? Surely a list of these IP addresses or technology to identify them must be floating around between the authoritarian governments.

My college Wi-Fi manages to do it... so I doubt that it can be too hard.

Someone needs to make a small sketch of the Uganda government with 7 year olds making up the laws.

Child 1 - "Let's tax people for being on social media to stop them from saying bad things about us" Child 2 - "Yeah that's a great idea. Plus we'll have more money for candy." Govenments notice - "Social media is hereby taxed. Your local ISP will be collecting the tax automatically." People - "Whatever, we'll just use VPN" Government Screams- "AND NO VPNs ALLOWED!"

So much for free speech.

Good luck stopping the tor network.

The Chinese government has had a lot of success blocking Tor (and VPNs) most recently. You may know that all of the normal relays are publicly listed in the Tor directory, making them trivial to block by IP address. That will then require Tor users to do extra work to find bridges or configure pluggable transports for censorship circumvention, which most users may not be motivated enough to do. Censors can also try to fingerprint and block some of the circumvention methods.

In sum, Tor is not trivially or resoundingly winning the censorship arms race, even though it has some good work on censorship circumvention that's often effective in particular countries.

Some good background on this is in


I doubt the Uganda has the infrastructure that the Chinese government has to implement such a complex system. They would have to tax more internet usage. Youtube is probably next. "For every video you watch there is an entertainment tax."

That's very true. The effectiveness of Internet censorship has depended a lot on the resources that governments have brought to bear, and I assume the Ugandan government won't have the resources the Chinese government does, maybe resulting in less effective Internet blocking programs.

I remember a time when we used to make fun of governments' lack of understanding of the Internet and the unlikelihood that they would be able to control it. Unfortunately, that was a very different time.

I see this all the time on HN, the dismissal of real problems by suggesting the wide spread use of using highly technical solutions. It is naive and frankly arrogant.

The vast majority of the population, and I'd bet it's even higher in Uganda does not even know what Tor is, yet alone how to use it.

My mom just figured out how to send photos via text message for heaven's sake.

It is true the TOR does not solve the problem. But I don't think discussing how to solve it here would do anything for Uganda.

But if anybody from Uganda does find this. It's time to stand up and fight for your rights as a people and not let the corrupt politicians push you around. In the meantime, if you want to know how to use TOR here is a great tutorial: https://www.pcworld.com/article/2686467/privacy/how-to-use-t...

And here is the Facebook site for TOR: https://facebookcorewwwi.onion/

Good Luck!

> suggesting the wide spread use of using highly technical solutions.

this is certainly something that happens in tech communities, but come on. it's like a three step process to install Tor browser and it works just like normal Firefox. any motivated person who can use a computer at all should be able to figure it out in about 15 minutes.

motivation is also the key missing factor in the anecdote about your mom. i bet she would figure out how to send photos by text real quick if her safety or job depended on acquiring that skill.

Sometimes, parody can't outdo reality.

(That won't stop the Ugandan government from working hard to outdo their past feats: https://en.m.wikipedia.org/wiki/Uganda_Anti-Homosexuality_Ac...)

Reminds me of pre-revolution Tunisia. Maybe that's the actual solution.

It's interesting (that's my equivocating adjective, anyway) to note that "social media" doesn't just include Facebook/etc. here, it also includes things like:

* LinkedIn

* Skype

which, while sure, are "social media" platforms, are also tools that you might use as a professional to do things like get jobs, or talk to clients, etc.

I'm not sure how pervasive those platforms are in Uganda, but certainly something that could really harm aspiring professionals without much in the way of resources.

We've got a sugar tax here in the UK as our newest form of indulgence tax. I wonder how a social media tax would go down with the public.

Isn't it only a tax on sugary drinks? And from my personal experience it just seems to be pushing people to buy Coke Zero/Diet Coke instead. Most people I know haven't complained much about it. I wonder if it will have the indended effets of reducing sugar consumption.

Chicago had a soda tax of a penny per ounce. Unfortunately it included all sodas and juices, sugary or not. There was so much backlash from it they got rid of the tax a few months later. I honestly would have been for it if it didn't include diet drinks. I believe it would have had a positive impact on public health.

The only time I noticed this is on the McDonald’s machine where the default is now Coke Zero (yuck) and “classic coke” costs 12p more. I still buy the classic coke. I hope the government puts the tax to good use!

>We've got a sugar tax here in the UK as our newest form of indulgence tax.

We just got one in Seattle as well

Progressive communities love this particular regressive tax.

You can be progressive and legitimately support regressive taxes

For some definition of "legitimate"... it would still be nice if some progressive expert could articulate particular reasons why regressive taxes are good if they have particular qualities, rather than just saying "we like this tax, but not other ones that seem similar to it". I'm not seeing hypocrisy, but rather a line of thought that hasn't been pursued all the way to its natural conclusion. If someone were inspired to make that pursuit, we could come to a better understanding. Although I am sympathetic to progressives, most would say I am unqualified to undertake that pursuit myself.

I'd love to see an argument for why this tax is not regressive...

Or they use this social media tax as disguise to enforce internet censorship

>I think it is very unwise to think that because the data consumption under VPN is very high, I think you’re aware of that.

nobody is going to call them out on this blatant lie?

The reasons being used to ban encryption, including VPN seems to be increasingly trivial and arbitrary.

How do you even define social media? Is HN social media?

I'd guess the definition goes along the lines "El Presidente does not like what someone said on this platform, so it is social media and banned". It'll be highly arbitrary.

Queue the Ugandan Knuckles memes...

The government needs money, its gonna get it from you one way or another.

I agree with almost all of the frustrated comments here, and the premise of the article.

I was also involved with a major F50 that was warily forced to deal with various regimes trying to filter content.

But consider for a moment:

'Globalization' is having many nefarious effects on the world - and the 'openness' of the internet is generally only a mostly positive aspect from powers that are large and centralized. America is relatively free, and nobody 100x the size of America is going to come along and 'control your internet', and therefore potentially control your economic and political system.

The ubiquitous internet means that a small or mid-sized nation that is not a G7 is at major risk of having the almost the totality of their nation overturned by foreign powers.

Consider: Facebook, or Google, could very easily change electoral outcomes in many nations, possibly even by accident. A small change in their algorithm that suppressed some, and promoted others, an accidental ban of a political group, etc. - can happen. I don't suggest FB or G are interested in this, but remember they also do have relationships with the US Government, and it's reasonable for these nations to be very cautious.

Moreover, an open Internet allows fully malicious actors (hacker groups, bad international enterprises, bad governments), to do some really quite dangerous things to other nations, most of whom are too small to be able to protect themselves.

'The Internet' is the new 5th column if you will, and to some extent it can have more power than government or the Supreme Court in many nations. If 80% of a nation is convinced of some truth/mistruth perpetuated by 'whoever' on the Internet, well, then legality hardly matters. It has more revolutionary potential than perhaps any historical ideology.

Even on the economic front - Globalization means that all of the talent is getting sucked up like a vacuum into centres in the biggest economies. So many of the best go to America. So many European professionals flow into Germany or the UK - to their advantage.

Both of these issues come to head with issues like journalism - it's one thing if 'American journalism' is concentrating in a few American outlets, but imagine if your country was losing most of it's journalistic opportunity and that centralization was happening in another country - a large country like America with whom your nation may not have a great history.

Tax bases are a real thing - and though the Internet should in the long run provide more opportunity for local governments, in the present it's causing losses in tax revenues, or at least, those revenues created by new economies are not being realized locally.

Recognize that these issues are a problem, and that the erstwhile 'open internet' which positioned as a very positive and aspirational aspect of global development by American/Western forces, does not necessarily represent the same opportunity in the rest of the world.

So yes, so many corrupt and stupid leaders doing corrupt and stupid things to their own nations, but the answer is definitely not "Just let Google be the Ministry of Truth" for the nations of the world. Definitely not.

> Tax bases are a real thing - and though the Internet should in the long run provide more opportunity for local governments, in the present it's causing losses in tax revenues, or at least, those revenues created by new economies are not being realized locally.

nothing is stopping governments from taxing physical, tangible things. Nothing is stopping governments from taxing the gross revenue (such as the WA state business and occupation tax) of ISPs and telecoms in general. Nothing is stopping governments from taxing per-subscriber revenue from mobile phone data connections. The four HSPA+/LTE operators in Pakistan pay a shitload of tax to the government and it works generally quite well.

Where this breaks is when they start deciding to tax specific types of internet content at TCP/IP layer 3, and layers 4-7 in the OSI model. That's fucked.

"nothing is stopping governments from taxing physical, tangible things."

When information is the product of the new economy, and where value is created, it has to be part of the tax base.

"Nothing is stopping governments from taxing the gross revenue (such as the WA state business and occupation tax) of ISPs and telecoms in general."

True, but this layer of the value chain is not where the new information economy is being developed.

"Where this breaks is when they start deciding to tax specific types of internet content at TCP/IP layer 3"

'Content' and 'Layer' are separate issues - they are intertwined for pragmatic reasons, and I agree doing it at 'an internet layer' is dumb ... but there's no clear way around it.


If I put a sign in front of my home demanding money every time someone passes by that is considered illegal. Even if it's my road that I built. If a government does it it is considered a toll. Even if they didn't build the road.

Should we pay for every hop on the internet? That is where this is going.

Keep it up... This will only further private network development. We will be quite selective on who we give access this time.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact