Most active commenters
  • dingnuts(3)
  • gjsman-1000(3)
  • perching_aix(3)

←back to thread

Cloudflare starts blocking pirate sites for UK users

(torrentfreak.com)
234 points gloxkiqcza | 26 comments | 15 Jul 25 14:33 UTC | HN request time: 1.898s | source | bottom
Show context
xandrius ◴[15 Jul 25 14:56 UTC] No.44571816[source]
Shouldn't surprise absolutely nobody, once you become the gatekeeper of the Internet, you're going to gatekeep.

Now it's torrent sites and next it's going to be other things the party in charge doesn't like.

replies(3): >>44571870 #>>44571886 #>>44572140 #
gjsman-1000 ◴[15 Jul 25 15:02 UTC] No.44571870[source]
About a decade ago, there were proposals for a "driver's license for the internet."

Nowadays... I actually think it might be a lesser evil. Picture such an ID, if there were a standard for it, enrolled into your computer.

If it were properly built, your computer could provide proof of age, identity, or other verified attributes on approval. The ID could also have micro-transaction support, for allowing convenient pay-as-you-go 10 cents per article instead of paywalls, advertising, and subscriptions everywhere. Websites could just block all non-human traffic; awfully convenient in this era of growing spam, malware, AI slop, revenge porn, etc. Website operators, such as those of small forums, would have far less moderation and abuse prevention overhead.

Theoretically, it would also massively improve cybersecurity, if websites didn't actually need your credit card number and unique identity anymore. Theoretically, if it was tied to your ID, it's like Privacy.com but for every website; much lower transaction friction but much higher security.

I think that's the future at this rate. The only question is who decides how it is implemented.

replies(6): >>44571968 #>>44571987 #>>44571994 #>>44572073 #>>44572106 #>>44648434 #
1. dingnuts ◴[15 Jul 25 15:11 UTC] No.44571987[source]
oh good, and your authoritarian government can know you're in the closet and trying to figure out how to leave the country, too!

no, fuck this idea so hard. if this is inevitable, our duty is to build technology that defeats it

replies(3): >>44571992 #>>44572119 #>>44572246 #
2. gjsman-1000 ◴[15 Jul 25 15:12 UTC] No.44571992[source]
Local ID Proofs =/= Surveillance
replies(1): >>44572032 #
3. dingnuts ◴[15 Jul 25 15:15 UTC] No.44572032[source]
it absolutely will mean surveillance, unless you were born yesterday. governments will implement what you're describing in a way that is not privacy preserving

this is supposed to be HACKER news, not fucking bootlicker news

replies(2): >>44572056 #>>44572696 #
4. gjsman-1000 ◴[15 Jul 25 15:17 UTC] No.44572056{3}[source]
Yes, and we're losing. Why do you think the internet is covered in ads, 25% Cloudflare, infested with CAPTCHAs and IP blocking, and the problem gets worse every year?

There are real problems that haven't been fixed; the driver's license concept correctly implemented might be better than continuing down this path. I view it as we can make a good standard; or let a bad standard be dictated.

replies(5): >>44572681 #>>44572881 #>>44573118 #>>44573789 #>>44575286 #
5. derektank ◴[15 Jul 25 15:22 UTC] No.44572119[source]
You can create an ID card system that reliably verifies some sort of personal attribute (such as age) without revealing other personal information or a validation request being sent to the government which shares what sites you may or may not have been browsing
replies(4): >>44572218 #>>44572474 #>>44573688 #>>44574037 #
6. pjc50 ◴[15 Jul 25 15:31 UTC] No.44572218[source]
I think the point is that "can" is not the same as "will".
replies(1): >>44572437 #
7. GuinansEyebrows ◴[15 Jul 25 15:35 UTC] No.44572246[source]
the number of people who work for (or defend those who work for) firms like raytheon, northrop grumman, palantir, meta, amazon, microsoft, alphabet, flock et al leads me to believe there are not enough people left to care about building this technology. we're cooked. too many developers lack the moral position necessary to turn the tide in a meaningfully widespread way - at best, it's "if not me, someone else will do this work anyways, so i might as well be the one collecting the paycheck/stock options." at worst, it's "i think it's a good thing to create tools to surveil/manipulate/kill people."

mourn the loss of the internet we knew and be ready to sacrifice ease of use to return to lower-tech/still-underground options.

8. perching_aix ◴[15 Jul 25 15:52 UTC] No.44572437{3}[source]
Because only people who are engaging in cynicism can predict the future.
replies(4): >>44573100 #>>44573433 #>>44574531 #>>44577823 #
9. johnisgood ◴[15 Jul 25 15:55 UTC] No.44572474[source]
These are possible, there are zero-knowledge proof (ZKP) algorithms and whatnot, but it is not going to happen.
10. dingnuts ◴[15 Jul 25 16:12 UTC] No.44572681{4}[source]
> Yes, and we're losing. Why do you think

Obviously. Why do YOU think I'm angry-posting about it on the orange shithole site with the username "dingnuts" ?

11. ipaddr ◴[15 Jul 25 16:27 UTC] No.44572881{4}[source]
The drivers license id doesn't solve anything but adds a layer of nonsense on top.

That doesn't stop cloudflares marketshare takeover. It doesn't stop CAPTCHA which will filter out bots using these ids. It provides an easy method for hackers to use. It filters out the curious kids.

In the end it solves nothing and creates more problems.

12. ipaddr ◴[15 Jul 25 16:34 UTC] No.44572982{4}[source]
The level of discourse has drop here.

Someone steals your id creds and uses them as you is the simplest. The methods will range from stealing ids to breaking into auth servers to mitm attacks or fake ids and rogue auth servers. Everything works so well with video game protection methods now.. no one will be able to crack anything?

13. secstate ◴[15 Jul 25 16:42 UTC] No.44573100{4}[source]
Cynicism wins the day because negative outcomes are easier to plan for than positive outcomes. Humans defaulting to optimistic outcomes of the future often end up littering the ground with externalities that they failed to consider. And we also only have a single model for infinite growth (cancer) that always leads to destruction, so relentless optimism as a biological organism means a need for infinite growth, which we only know to be a path to destruction.

The answer, therefore, is not bitching on the internet about all the wet blankets who only see negative outcomes, but acknowledging that everything we know needs to end eventually including ourselves, and balancing optimism for the short term with cynicism for the long term. And thus discovering that a healthy cynicism for the future predictions is probably appropriate, unless you truly want to live forever and have infinite energy for everything. But that's a god.

replies(1): >>44573206 #
14. int_19h ◴[15 Jul 25 16:43 UTC] No.44573118{4}[source]
Most ads that I see these days are from Big Tech megacorps. Do you seriously think that having a "driver license for the Internet" would mean that the likes of Google and Meta would stop?
15. int_19h ◴[15 Jul 25 16:45 UTC] No.44573143{4}[source]
The recipes and tools for bypassing these kinds of blocks (and far worse ones as well - compared to what Russia and China are doing, this is child play) are one search away. The only thing necessary is the desire to actually do it.
16. perching_aix ◴[15 Jul 25 16:50 UTC] No.44573206{5}[source]
Easier to plan for is an interesting lens to look through, can't immediately discard it for sure.

From my perspective, negative expectations do have a higher chance of turning out real, but because negative expectations most often are just code for human misalignment. We have some philosophical, instinctual, or aesthetic (etc.) preferences, but then reality is always going to be broader than that. So you're bound to hit things that are in misalignment. It takes active effort to cultivate the world to be whatever particular way. But this is also why I find simple pleas to cynicism particularly hollow. It comes off as resignation, exactly where the opposite is what would be most required.

replies(1): >>44573453 #
17. ajsnigrutin ◴[15 Jul 25 17:09 UTC] No.44573433{4}[source]
Some of us learn from experience and make predictions based on past actions by the governments.
replies(1): >>44574681 #
18. secstate ◴[15 Jul 25 17:10 UTC] No.44573453{6}[source]
That's a fair counter argument, and I do genuinely believe (not know) that everyone needs a balance of cynicism and optimism to function optimally as a human. I also believe the resignation you feel from cynicism is rampant exactly because as humans we've become very good at basic survival and beyond that it's not totally clear what our targets for living should be. Certainly we can all agree that trying to harness ever more energy and growing forever can't be the target. But that's all we've done for two millennia now. How to we avoid becoming a cancer to our planet (or any other environment we find ourselves in)?
19. Aloisius ◴[15 Jul 25 17:30 UTC] No.44573688[source]
First, while there's research on the math for things like ZNP, there is a shocking lack of research on security vulnerabilities for the actual implementations of such age verification systems which should make anyone using them extremely nervous.

Second, if a porn website, social media, video game or whatever other thing regulators want to discourage people visiting kicks you off into an age verification takes requires you to some system/site, even an independent one, that requires you upload your ID, a fair number of people will simply refuse simply due to lack of understanding in how it works and trust that it actually is anonymous.

Third, every implementation I've seen doesn't work for some/all non-citizens/tourists.

And finally and more importantly, the ease at bypassing those systems means it's unlikely to stop anyone underage and ultimately is no better than existing parental control software, so all one is doing is restricting speech for adults.

replies(1): >>44578939 #
20. hombre_fatal ◴[15 Jul 25 17:39 UTC] No.44573789{4}[source]
Those are trivial problems compared to an internet linked to your identity.

Clicking through some captchas and installing an adblocker just isn't the hard life you're trying to claim it is.

21. jlokier ◴[15 Jul 25 18:00 UTC] No.44574037[source]
To the surprise of many, Google recently announced it is already integrating ZK-proof-of-age into Google Wallet with those kinds of properties, open sourcing the underlying libraries, and working with governments to encourage their ZKP system's adoption for exactly this sort of problem.

- [2025-04-29] https://blog.google/products/google-pay/google-wallet-age-id...

- [2025-07-03] https://blog.google/technology/safety-security/opening-up-ze...

- [2025-06-11] https://zeroknowledge.fm/podcast/363/

22. exe34 ◴[15 Jul 25 18:48 UTC] No.44574531{4}[source]
The rich and powerful have always worked very hard to keep their position. They have vastly more resources than the rest of us to throw at the problem. It's not cynicism to predict that every tool will be used to make our lives worse unless it helps them get richer and more powerful.
23. perching_aix ◴[15 Jul 25 19:03 UTC] No.44574681{5}[source]
Trauma sufferers also just learned from experience.
24. immibis ◴[15 Jul 25 20:05 UTC] No.44575286{4}[source]
At least in the current system, there are some websites where you don't have to prove your real identity. Hacker News, for example.

In an internet driver's license system, remember that your computer would have to be locked down, and only able to access government-approved websites using government-approved clients - something like they have in China, or like using an iPhone but worse.

Once the ability for any site to verify your identity was set up, all sites would have to verify your identity, or lose their own verification, under one of many standard excuses like protecting the children.

25. const_cast ◴[16 Jul 25 01:33 UTC] No.44577823{4}[source]
Making things secure and private is hard. There's a lot of hoops to jump through.

Naive implementations are easy and cheap. And, if these tools and their entire software tree is not open-source, we cannot verify it's security.

We just have to trust that the developers are good at what they're doing. When every company under the sun has had multiple data breeches, I'm not too keen to do that.

Open-source the entire stack, show me a few white papers proving it's cryptographically sound, then I'll consider it. Until then, we should do with these tools what they deserve: being shoved up the government's ass.

26. hellojesus ◴[16 Jul 25 05:21 UTC] No.44578939{3}[source]
I, for one, would publically publish my credentials so that others could use them.