I think the headline should more accurately be that repo.or.cz has a UK geo-block. I'm unclear why it has one, since it's highly unlikely either that the site contains anything that is covered by the OSA, nor that even if it did, the people running the site should care.
> UK's Online Safety Act 2023 would require us to do a prohibitively complicated risk assessment for our service. We're talking reading through thousands of pages of legal guidelines.
> We're a volunteer operation and would likely be held responsible as individuals. There is talk of fines up to 18 million GBP which would ruin any single one of us, should they get creative about how to actually enforce this.
> Our impression is that this law is deliberately vague, deliberately drastic in its enforcement provisions, and specifically aimed against websites of all sizes, including hobby projects. In other words, this seems to us to be largely indistinguishable from an attempt to basically break the internet for all UK citizens.
> If we could afford to just hope for the best, we'd love to.
The way I understand this is that it's not feasible for them to assess how the legislation impacts them, so they would rather stay safe than risk having their lives destroyed.
Its such a ridiculous law and this outcome is entirely predictable, but bring this up with the proponents of it and they stick their head in the sand, to the point where I think they are perfectly happy with the UK not having a working Internet.
In this case the reaction is more ridiculous than the law, frankly...
Edit:
They are not in the UK and not dealing in anything risky. If they still wanted to demonstrate compliance they could download risk assessment templates (easily available), fill them, keep them on record for the hypothetical future time when they might be asked (they wouldn't). Claiming that it is too risky and complicated so better to ban the UK is either unreasonable or a militant statement but not a "logical reason."
The reaction is entirely reasonable. The only way they can reasonably ensure they protect themselves is to ensure nobody in the UK can access their site.
I'm not deep into this subject, so what's obvious to you isn't so obvious to me. Would you mind explaining a bit more on what's so obvious and why it's particularly unhinged?
They specifically listed their reasons in the geoblock message.
As a someone impacted by this I applaud their decision.
I also hope more high-profile cases like Wikipedia[1] will surface and expose the utter idiocy of the deliberately vague language of the language and the "guidance".
I'm actually working on my own OS agnostic package collection + system management software, and I've found https://radicle.xyz great for this. All repos depended on by the official package collection t will be on the radicle network.
You should focus on the p2p part of code and object distribution. While nix is not perfect, people are not going to learn and adopt yet another package manager.
A distributed git object cache is what is really needed at the moment.
This won't affect most users as they will be using the cache.nixos.org substituter and haven't modified any package that pulls repo.or.cz repositories, but it's still amusing.
Probably someone preferred the 3-level domain system (like UK's .co.uk, .gov.uk, e.g. bbc.co.uk) in .cz, and made .or.cz. This is probably before the time people thought "Oh we can make the domains be words, like 'del.icio.us', that'd be cute!"...
Is this supposed to be a big deal? I use NixOS as a source distribution (nix.settings.substituters = lib.mkForce [ ]) and I get failures when fetching sources pretty regularly. Sometimes the URLs are missing, sometimes the hashes have changed. My usual fix is to fetch the source from cache.nixos.org with nix copy.
I'd say the right answer is to move/add a content addressed model/system for obtaining sources.
So I think this law is stupid. But it's also popular, for the reason "something should be done, this is something, so this should be done". I doubt that exceptions are going to be made until the effects are felt strongly by everyone. Geoblocking a .cz site used by a tiny number of developers is not having any effect.
When you phrase the question in such a way where people presume it will only target pornographic sites.
If you asked them would they support the law if it happens to accidentally block useful sites that have ZERO pornography on them, I'm very sure, the results would be very different.
Polling for the question “websites that may contain pornographic material”
Which is my point. The OSA isn’t popular as a broad piece of legislation, but the “think of the children” aspect that something needs to be done to restrict access to pornography is popular.
Watch the YouTube link I sent to better understand my point.
Personally, I think even the pornography aspect is stupid. If the government couldn’t stop me accessing porn when I was a kid back before the web was invented, then they’re shit out of luck stopping kids these days. The problem isn’t the law, the problem is parents want a way to diminish their own responsibility. It’s the same tired bullshit we see time and time again of blaming everyone else rather than making ourselves accountable.
Except the UK didn't geoblock anything. This is just someone virtue-signalling about internet freedom from a country that has its own problems it should be addressing.
> then suggest something else that actually addresses the problem
As opposed to the original suggestion that doesn't actually address the problem? How is proposing that in the first place more honest than calling it out?
“Something should be done, so let’s do something stupid and harmful, and all you critics have nothing to add so our stupid thing that causes harm is what you must accept”.
I agree, but I sadly believe these requirements will spread to other countries, including the US. The US Supreme Court recently ruled that Texas' ID law is somehow constitutional.
"Constitutional" doesn't mean it's a good law, just that it is not prohibited for the state to make such a law. I personally don't like the law but I have a hard time seeing how it would be unconstitutional.
it should be unconstitutional because it's clearly a content-based restriction of speech, meaning that regulating it entails strict scrutiny. strict scrutiny requires Texas to use the least burdensome means possible to satisfy the state's legitimate interest in preventing minors from accessing obscene content - probably a home network filter appliance parents can opt into. this is what they held in Paxton v. NetChoice (iirc.)
instead, the Court contorted themselves into holding that adults have accessing content obscene to minors without furnishing their ID isn't protected speech. porn still is protected speech, but proving your age isn't protected speech. as a result, the law is content-neutral, not content-based.. somehow.
it was a low point for the Court - clear activist justices legislating morality from the bench.
What do you mean "spread to"? The USA passed a dozen such bills into state law before this actually came into effect. That states compete to ignore each other's laws doesn't change a thing.
A lot of the groups pushing these laws actually have good motives (e.g. child abuse charities) but it's clear the current law and implementations are not the solution.
That would either create a gigantic loophole that makes the safety act toothless, or it would create a giant bureacracy of people who review and approve applications. Either outcome is sub-optimal.
The real answer is to repeal this nonsense (IMHO as a non-UK citizen)
It's almost certainly a) imaginary and b) performative. Like;
> After this, I know I will think twice about visiting the UK
Reallllyyy? Over a bit of porn blocking? Do we not think maybe this is just for show? What do they imagine is going to happen at the border -- their iPhone gets frisked for Page Three nudes?
More to the point, are they banning Texas? Indiana? Oklahoma? Georgia? North Dakota? France?
Or are they just hyperventilating about the latest thing from Britain? Perhaps they think unless Tommy Robinson saves us no-one can.
You've apparently not crossed international borders that often.
> just hyperventilating about the latest thing from Britain?
They've simply decided doing business with the UK is no longer worth the risk. This is no more "hyperventilating" than the people who passed this law in the first place, who are "hyperventilating" over pornography sites when there's no evidence they're a significant social problem.
it's not just porn blocking. That's just what is in newspapers. Porn blocking is only small part.
Essentially, you have to preform risk assessment if your site contains any child inappropriate content (according to new law that is defined kind of vague ), you have to age verify all the visitors from UK or risk getting fines.
Since service allows for user upload, this means that their site could protentional qualify. And even if it does not, you need a lawyer to go through everything, to make sure you don't. Sure the chances their site get targeted is small, but not zero.
I have read up on the law. They have no reason to worry and even if they did, given the extent of non-compliance in the porn industry, they are so far down the pecking order that this reaction looks like what it is: activist narcissism.
If it is only imaginary then it should be no problem for you to write them a contract to take on all legal and panelty costs linked with it for.. lets say 50$?
I think the headline should more accurately be that repo.or.cz has a UK geo-block. I'm unclear why it has one, since it's highly unlikely either that the site contains anything that is covered by the OSA, nor that even if it did, the people running the site should care.
It's a bit hard to find, but going to the service's Mastodon account eventually leads one to https://repo.or.cz/uk-blocked.html
The linked GitHub isssue links to that page, too.
It hosts user uploaded content I would guess, so presumably the OSA could apply to them.
It says so at https://repo.or.cz/uk-blocked.html:
> UK's Online Safety Act 2023 would require us to do a prohibitively complicated risk assessment for our service. We're talking reading through thousands of pages of legal guidelines.
> We're a volunteer operation and would likely be held responsible as individuals. There is talk of fines up to 18 million GBP which would ruin any single one of us, should they get creative about how to actually enforce this.
> Our impression is that this law is deliberately vague, deliberately drastic in its enforcement provisions, and specifically aimed against websites of all sizes, including hobby projects. In other words, this seems to us to be largely indistinguishable from an attempt to basically break the internet for all UK citizens.
> If we could afford to just hope for the best, we'd love to.
The way I understand this is that it's not feasible for them to assess how the legislation impacts them, so they would rather stay safe than risk having their lives destroyed.
>which would ruin any single one of us, should they get creative about how to actually enforce this
actually, it would ruin all of them collectively should "they" get creative enforcing it.
Its such a ridiculous law and this outcome is entirely predictable, but bring this up with the proponents of it and they stick their head in the sand, to the point where I think they are perfectly happy with the UK not having a working Internet.
In this case the reaction is more ridiculous than the law, frankly...
Edit: They are not in the UK and not dealing in anything risky. If they still wanted to demonstrate compliance they could download risk assessment templates (easily available), fill them, keep them on record for the hypothetical future time when they might be asked (they wouldn't). Claiming that it is too risky and complicated so better to ban the UK is either unreasonable or a militant statement but not a "logical reason."
The reaction is entirely reasonable. The only way they can reasonably ensure they protect themselves is to ensure nobody in the UK can access their site.
That is very obviously not true... and a little unhinged.
I'm not deep into this subject, so what's obvious to you isn't so obvious to me. Would you mind explaining a bit more on what's so obvious and why it's particularly unhinged?
[dead]
The reaction is utterly sound. What issue do you have with these very clearly laid out and logical reasons?
Fuck around, find out. When governments start throwing around threats, is it any surprise the goodwill dries up?
They specifically listed their reasons in the geoblock message. As a someone impacted by this I applaud their decision. I also hope more high-profile cases like Wikipedia[1] will surface and expose the utter idiocy of the deliberately vague language of the language and the "guidance".
[1] https://wikimediafoundation.org/news/2025/09/12/wikimedia-fo...
Censorship causes self-censorship born out of caution.
Would you pay their legal fees if they are sued? It's easy to say when you don't have your future on the line.
Was playing around with the idea of p2p source hosting in package trees like nix and did a little weekend package prototype here of my own here:
https://github.com/magnet-linux/magnet-linux
Not really ready for prime time, but I think I have some interesting ideas there at least.
I'm actually working on my own OS agnostic package collection + system management software, and I've found https://radicle.xyz great for this. All repos depended on by the official package collection t will be on the radicle network.
You should focus on the p2p part of code and object distribution. While nix is not perfect, people are not going to learn and adopt yet another package manager.
A distributed git object cache is what is really needed at the moment.
This won't affect most users as they will be using the cache.nixos.org substituter and haven't modified any package that pulls repo.or.cz repositories, but it's still amusing.
Similar stuff happens often with Russian IP addresses, you just gotta deal with it I guess
One reason is DDoS attacks come overwhelmingly from those IPs. Plug them in your firewall, and it’s calm all of a sudden.
What is repo.or.cz? It sounds like the domain name is saying something but I don't understand.
It is a super simple git repo hosting/mirror based in EU. https://repo.or.cz
Probably someone preferred the 3-level domain system (like UK's .co.uk, .gov.uk, e.g. bbc.co.uk) in .cz, and made .or.cz. This is probably before the time people thought "Oh we can make the domains be words, like 'del.icio.us', that'd be cute!"...
It's one of the older Git hosts, predating Github.
Maybe Orcs?
Is this supposed to be a big deal? I use NixOS as a source distribution (nix.settings.substituters = lib.mkForce [ ]) and I get failures when fetching sources pretty regularly. Sometimes the URLs are missing, sometimes the hashes have changed. My usual fix is to fetch the source from cache.nixos.org with nix copy.
I'd say the right answer is to move/add a content addressed model/system for obtaining sources.
>I'd say the right answer is to move/add a content addressed model/system for obtaining sources.
Isn't that almost what the nix file already is while being legal. Having a cache of all build files is not legal to do.
[dead]
The UK should make exceptions for its legal firewall for scientific and economic access.
So I think this law is stupid. But it's also popular, for the reason "something should be done, this is something, so this should be done". I doubt that exceptions are going to be made until the effects are felt strongly by everyone. Geoblocking a .cz site used by a tiny number of developers is not having any effect.
Is it popular? I’m a parent and none of my parent friends like it.
I suspect this law isn’t popular. Just the messaging of doing nothing is more unpopular. So it gets spun as this is popular.
https://youtu.be/ahgjEjJkZks?si=mGE0k5QT3aXycHtU
Polling has shown it is quite popular:
https://yougov.co.uk/technology/articles/52693-how-have-brit...
When you phrase the question in such a way where people presume it will only target pornographic sites.
If you asked them would they support the law if it happens to accidentally block useful sites that have ZERO pornography on them, I'm very sure, the results would be very different.
Polling for the question “websites that may contain pornographic material”
Which is my point. The OSA isn’t popular as a broad piece of legislation, but the “think of the children” aspect that something needs to be done to restrict access to pornography is popular.
Watch the YouTube link I sent to better understand my point.
Personally, I think even the pornography aspect is stupid. If the government couldn’t stop me accessing porn when I was a kid back before the web was invented, then they’re shit out of luck stopping kids these days. The problem isn’t the law, the problem is parents want a way to diminish their own responsibility. It’s the same tired bullshit we see time and time again of blaming everyone else rather than making ourselves accountable.
Except the UK didn't geoblock anything. This is just someone virtue-signalling about internet freedom from a country that has its own problems it should be addressing.
And as always, the answer to "something should be done, but not this" is "then suggest something else that actually addresses the problem".
The internet is full of dishonest "we've tried nothing and we're all out of ideas."
> then suggest something else that actually addresses the problem
As opposed to the original suggestion that doesn't actually address the problem? How is proposing that in the first place more honest than calling it out?
“Something should be done, so let’s do something stupid and harmful, and all you critics have nothing to add so our stupid thing that causes harm is what you must accept”.
That’s some incredible logic.
The UK shouldn't have stupid ID requirement laws at all.
I agree, but I sadly believe these requirements will spread to other countries, including the US. The US Supreme Court recently ruled that Texas' ID law is somehow constitutional.
"Constitutional" doesn't mean it's a good law, just that it is not prohibited for the state to make such a law. I personally don't like the law but I have a hard time seeing how it would be unconstitutional.
it should be unconstitutional because it's clearly a content-based restriction of speech, meaning that regulating it entails strict scrutiny. strict scrutiny requires Texas to use the least burdensome means possible to satisfy the state's legitimate interest in preventing minors from accessing obscene content - probably a home network filter appliance parents can opt into. this is what they held in Paxton v. NetChoice (iirc.)
instead, the Court contorted themselves into holding that adults have accessing content obscene to minors without furnishing their ID isn't protected speech. porn still is protected speech, but proving your age isn't protected speech. as a result, the law is content-neutral, not content-based.. somehow.
it was a low point for the Court - clear activist justices legislating morality from the bench.
I felt the GP was making that same point.
What do you mean "spread to"? The USA passed a dozen such bills into state law before this actually came into effect. That states compete to ignore each other's laws doesn't change a thing.
For the US, I'm referring to federal laws or more laws in more states.
As for other countries, the EU just delayed the vote for "Chat Control" as recently as yesterday!
A lot of the groups pushing these laws actually have good motives (e.g. child abuse charities) but it's clear the current law and implementations are not the solution.
That would either create a gigantic loophole that makes the safety act toothless, or it would create a giant bureacracy of people who review and approve applications. Either outcome is sub-optimal.
The real answer is to repeal this nonsense (IMHO as a non-UK citizen)
Agreed, as a UK citizen.
It as always a stupid idea, see recent discord leak of ID’s.
Peformatively over-compliant, terminally-online freedom fighter silliness strikes again.
If you're willing to insure them for 18M GBP of liability perhaps they'll reconsider.
18M liability for what?
Can we please stop repeating this nonsense.
It's almost certainly a) imaginary and b) performative. Like;
> After this, I know I will think twice about visiting the UK
Reallllyyy? Over a bit of porn blocking? Do we not think maybe this is just for show? What do they imagine is going to happen at the border -- their iPhone gets frisked for Page Three nudes?
More to the point, are they banning Texas? Indiana? Oklahoma? Georgia? North Dakota? France?
Or are they just hyperventilating about the latest thing from Britain? Perhaps they think unless Tommy Robinson saves us no-one can.
> their iPhone gets frisked
You've apparently not crossed international borders that often.
> just hyperventilating about the latest thing from Britain?
They've simply decided doing business with the UK is no longer worth the risk. This is no more "hyperventilating" than the people who passed this law in the first place, who are "hyperventilating" over pornography sites when there's no evidence they're a significant social problem.
it's not just porn blocking. That's just what is in newspapers. Porn blocking is only small part.
Essentially, you have to preform risk assessment if your site contains any child inappropriate content (according to new law that is defined kind of vague ), you have to age verify all the visitors from UK or risk getting fines.
Since service allows for user upload, this means that their site could protentional qualify. And even if it does not, you need a lawyer to go through everything, to make sure you don't. Sure the chances their site get targeted is small, but not zero.
Suggest you read up on that law a bit more, they're not responding to targeting of porn, nothing of the sort.
I have read up on the law. They have no reason to worry and even if they did, given the extent of non-compliance in the porn industry, they are so far down the pecking order that this reaction looks like what it is: activist narcissism.
Fair enough, don't share your confidence, nor the service's reticence to visit in person (at least over this issue).
If it is only imaginary then it should be no problem for you to write them a contract to take on all legal and panelty costs linked with it for.. lets say 50$?