Honestly, in this day and age I consider VPN a basic internet hygiene. There are many many reasons to not trust your ISP and the wire between your home and ISP. You have moderation here, why do you even need to block VPN? I registered this account from VPN, but I somehow cannot comment from VPN? Doesn't make much sense. I'm using paid Proton VPN servers, and btw I've seen Proton having a dedicated community here on this platform.
I don't mean to be rude. The desire to use VPNs is completely understandable. Unfortunately, VPNs were being abused in ways that were detrimental to the community here. Last year there were several waves of really grotesque troll posts (CSAM, scat porn, etc.) on lemmy.world and other instances. Blocking VPNs was one of the responses that was effective in stopping those posts. The admin team has no interest in backtracking at this time.
You have moderation here
We have unpaid volunteers donating their spare time. Nobody wants to spend their lunch break purging CSAM posts from some troll. And no users want a post to stay up for hours because the mods were asleep, at work, or otherwise not watching the Lemmy feed. (That actually happened, and is what drove me to donate some of my time here.) If law enforcement ever does come knocking, this instance doesn't have the money or time to mount a defense.
I wish things were different. This is the unfortunate reality that this particular instance has faced. Other instances may feel differently.
To be honest, I'm not sure I fully understand how this works. What if the same troll registers on some other instance and posts the same content in lemmy.world communities? How is that different?
Yes, that is a problem. No single solution is perfect, and VPN blocks are only one tool in the toolbox. Every instance is different, and admins pick the tools that they think will work best for their situation. VPN blocking happens to be a tool that seems to have worked well for lemmy.world.
Instances that lack moderation and have a history of being used by trolls tend to get the nuclear option: they are defederated by the big Lemmy instances. That's not ideal at all, but the tool set for Lemmy moderation is very limited right now.
Host your own and accept the liability of what users post on vpns yourself and then you can use any VPN you want. Until then, admins like me are on the hook for whatever crazy stuff our users post, and I really don't like feds busting down my door
IIRC the decision was to ban certain VPN IPs based on a csam attack last year (-ish), and it was the easiest decision they could make. And since they are all volunteers (and they are the admins), there is no telling them different.
Yeah try telling that to the feds why you're accidentally hosting CSAM. I didn't think I would be a registered reporter with the FBI but here I fucking am
I’m also using paid Proton VPN and have issues posting comments every day. If I stick to non-American servers things generally work, but if my random connection picks anywhere in the US, my comments won’t post until I switch and switch and switch and find a random server that works. I’ve rage-deleted quite a few comments after they refuse to post. It’s really pretty frustrating, but I won’t stop using my VPN to make Lemmy work better.
Turns out, a lot of other Lemmy instances allow using VPNs just fine. Here's thread with some recs: https://lemmy.world/post/19205545
In case you don't know how instances work, it's basically distributed system, we can access the same communities and post there from other instances (without VPN issues).
I'm all for the use of vpns but why do you call it basic internet hygiene? Your traffic will just have a different egress point on the Internet, it doesn't really provide any additional security unless you are using it to access private networks.
Because it protects you from ISP or targeted MITM. Lets say your ISP decides to spy on users or someone cuts into the internet wire going from your appartment to ISP, without VPN they can fully see and modify all http traffic as it's totally unencrypted, in https traffic they can't see the content but they see domain names of sites you are visiting and exact time when you are visiting them. With VPN 100% of your traffic is encrypted and in similar situation absolutely nothing is visible or modifiable. Someone can MITM on VPN provider itself, but it's not really suitable for targeted scenarios, because those wires are in other part of the world than you, those wires are much better physically protected and even if malicious actors succeed they will have very hard time filtering traffic from different users from each other.
I agree with preventing your ISP from being able to see your traffic, but not necessarily on the mitm attacks. In either case, a mitm needs to be positioned properly.
As far as the ISP seeing your DNS traffic, there are ways to derive your real IP based on DNS queries. DNS leaks are a thing. It's not necessarily true that 100% of your traffic is encrypted.