Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>So when Wisconsin demands that websites "block VPN users from Wisconsin," they're asking for something that's technically impossible. Websites have no way to tell if a VPN connection is coming from Milwaukee, Michigan, or Mumbai. The technology just doesn't work that way.

https://youtu.be/Pr4v725LPOE?si=ih3gfTSpiHumtrFs&t=79

"That's not how apps work"

"Then make it work you think we are stupid but we are not, we know" VPNs have something to do with IPs which are necessarily geolocatable , and also users need to make an account to connect to a VPN, you can just ask them what country and State they are in.

Being willfully obtuse draws no sympathy, and will not exclude companies from compliance





> VPNs have something to do with IPs which are necessarily geolocatable

The website (which is the party these obligations are being placed on) could geolocate the VPN IP, but that wouldn't tell them where the user is actually from.

reply


IPs aren't necessarily even geolocatable. Sometimes they are, sometimes AT&T Mobile routes you six states over and exits through a CGNAT IP

reply


IPs are geolocatable yes, not with a perfect accuracy, but with a jurisdictional accuracy.

First of all, IP addresses are issued in blocks and the IPs are distributed within regional proximity. This is how connections are routed, a router in say, Texas, knows that it can route block, say 48.88.0.0/16 to the south to mexico, 48.95.0.0/16 to the west to Arizona, and so on.

whois/RDAP data will tell you the precise jurisdiction of the company that controls the block. It's entirely sensible to use that for geographic bans, the mechanisms are in place, if they are not used, a legislative ban will force providers to use that mechanism correctly. I wouldn't say it's trivial, but it what the mechanism has been designed to do, and it will work correctly as-is for the most part.

reply


I know how it works. I know how it doesn't.

In the context of jurisdiction within a state in the U.S., I don't think it's accurate or reliable enough when taking mobile phones into account.

Country-level is much more accurate

reply


How is that accuracy when it comes to IPv6 though?

reply


There is no difference with IPv6. IPv6 64-bit prefixes are allocated like IPv4 addresses. I suspect that a lot of ISPs allocate them together. The 64-bit local part is irrelevant.

reply


They probably know that the technology doesn't work this way. But such law will force websites to block ALL VPN connections even for users not from Wisconsin, and that's the plan.

reply


What if your geolocated IP is from … a VPN? Maybe one outside the jurisdiction of the law?

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: