Thursday

Online You Are Just a Number

Just like the famous and incredibly stylish 1960s TV series, the Prisoner - when you do anything online you are basically just a number. Patrick McGoohan was designated the number 6 when he was transported to a rather strange prison, a categorisation that he wasn't too impressed with famously replying with

 I will not be pushed, filed, stamped, indexed, briefed or numbered.
The programme and star has become somewhat of an icon to many, with some of the incredibly bizarre situations becoming rather potentious  in our current surveillance world.

When you do anything online you are assigned a number, it's called an IP Address which stands for Internet Protocol.  This number isn't really assigned for a any sinister reason, it's simply used to enable the communication protocol of the internet - TCP/IP to function.

You'll often come across this address - currently they are in the format - 192.168.1.1 and each is completely unique to every device connected to the internet. This uniqueness is essential, because without it then packets and data would be misdirected and the internet simply wouldn't work.  Unfortunately this is now being used to censor, filter and control access by the more commercial web sites on the web.

For instance a company like Netflix will secure copyright deals for films and movies based on specific countries, so they may have secured the rights to screen a programme in the USA but not in Europe.  The only way they can control this is by looking up your location when you connect, which can only be done by using your IP address.  It's extremely annoying particularly if you happen to spend any amount of time in certain countries without any agreements - my Netflix  account is quite often blocked when I travel abroad.

The number of sites that do this is increasing exponentially every year as companies seek to maximise profits and control access based on location.  It's hardly surprising that now people try and control their geolocation data by choosing to buy IP address services like the one in this video.



Services like these mean that the control switches to the user instead of the web site.  If I want to watch the news live on the BBC whilst holidaying in Spain, I merely select a UK IP address which will obscure my Spanish one.   It gives allows you to bypass all these country based filters and access sites which are normally inaccessible.

The other benefit of some of these services is the privacy aspect, a large proportion of them work as a secure VPN service like this.  This means as well as keeping your location secret, they also encrypt all the data you send online.  For travellers this is especially useful as it means that when you access confidential sites when using insecure, public wifi in places like hotels and cafes - your data is actually protected from being intercepted maliciously.

At the heart of these geotracking sites though is the fact that companies are still operating using a 20th century model.  By sticking to outdated economic models like price discrimination and regional copyright controls they will forever be battling these services and worst the growth of piracy as people simply steal and share their content.  The internet is a global marketplace and we all should be treated equally not split into profit centres to exploit and restrict.

Wednesday

Hiding the Proxy/VPN Service

For those of us who take steps to maintain our privacy online, then using a VPN is pretty much essential nowadays.  For example every time you visit a web site, watch a video, download some music - it's all logged in a variety of places in particular at your ISP.  Now ok, you might think that there's no harm in select Government Agencies having access to your complete online record but stop and think about it for a minute.

I'm based in the UK and we probably have one of the more benevolent and democratic Governments in the world, however I certainly wouldn't trust them with details of my entire online life.  Imagine a situation where a recovering drug addict, someone with sexual or mental health issues - would their online activities have any record of this?  Of course they would, and now imagine that information made it's way to other departments - perhaps a recovering (but clean) drug addict applied for a Civil service role?  Of course, there's also the huge possibility of misinterpretation, does the 19 year old Middle Eastern scholars web history bear any resemblance to that of a terrorist?   Very probably.

So using a VPN makes a huge amount of sense for any individual who simply wants to maintain their privacy. However there is an issue with this method especially if you are using one from a corporate or academic network which heavily monitors internet access - it's evident that you are using a proxy/VPN service.

Although it's highly unlikely that anyone would :
  • Notice
  • Figure it out.
Technically it's perfectly possible to figure out that an individual is using a proxy or VPN service from looking at the server logs.  Although no one can see the sites you visit or any other web activity, there is one piece of evidence that does give you away - the single IP address.  Instead of making connections to thousands of different web servers, the logs of a VPN user would have only one IP ADDRESS recorded that of the VPN server itself.   If anyone searched the logs it would be possible to identify those who used a proxy or VPN, so the secret is to rotate that IP address routinely.

As you can see you can, you can set the program to rotate between remote proxies automatically depending on your preferences effectively routing your connection all across the world.   This would obscure the fact that you are using a secure connection from most investigation.

Tuesday

Bangladesh Government's Crime Strategy

It's quite a worrying time in Bangladesh at the moment, there are threats not only from terrorism but general unrest throughout the country.  At the moment the UK Government is advising against all travel to the Chittagong Hill Tracts and most other Western Governments have similar advisories in place.

Yesterday (23rd Nov) there was a countrywide strike and there is a violent feel of unrest in the air in many places.  Last week there was another terrorist attack against an Italian priest, which was reportedly claimed by ISIL.  The target was 57 year old Piero Parolari, who was gunned down whilst cycling to a catholic missionary hospital where he worked as a doctor, fortunately he survived although he has suffered serious injuries.


There are problems from the civilian population too, particularly supporters of the Jamaat-e-Islami party who are organising protests to support two former leaders who face the death penalty in relation to crimes committed in the 1971 war of independence against Pakistan.

So in a classic, not sure what to do over reaction, the Government has instigated a block against a variety of social networking sites.  Facebook has been blocked, plus the Facebook Messenger app.  Lots of other messaging and chat apps have also been banned including WhatsApp and Viber.  The justification is that they are being used to organise criminal behaviour, although no more details seem to be available.  The idea is a long standing one, if your population are organising protests, strikes and rallies then block as many social networking sites as possible.

Obviously these inept measures have been matched with a similar hapless technical implementation, with a combination of different methods used depending on which ISP you choose.  The reality is that it's a very haphazard ban and one that's very easy to bypass by using a VPN or proxy.  In fact thousands of people already use these to watch the BBC abroad and will similarly be unaffected by the blocks in any case.

As a method of blocking civil disobedience and political dissent, it's a hopeless and desperate move.  It has much the same same (non)-effect as Turkey who frequently use this method with negligible results other than to earn the derision from the population and civil rights organisations across the world.  Bangladesh seem intent on dealing with their problems by picking an easy and inneffective target - social media.

Incidentally if you're in Bangladesh and affected by this block, please read my post here - http://www.anonymous-proxies.org/2009/04/facebook-banned-facebook-blocked.html which shows you how to use the demo version of Identity Cloaker to bypass blocks to Facebook.  It's 6 years old but still works although the demo version won't help with the other social applications that are being blocked.


Thursday

BBC Locks Down iPlayer from VPN and Proxy Access

For millions of people across the world, there is one reason and one reason only that they use a VPN - it's called BBC iPlayer.  For many expats using a Virtual private network has become a lifeline to home, for others it's just the chance to watch quality TV without being bombarded with advertising every few minutes.

Many of us who live outside the UK remember the disappointment of connecting to the BBC iPlayer site and discovering that it simply wouldn't work from outside the UK.


Fortunately this was short lived as we discovered that there is a workaround being used by millions of people across the world.  This is the reason why technologically challenged pensioners suddenly started ordering proxy servers and VPNs - so that they could still watch Match of the Day, the News or Eastenders from anywhere in the world.

Virtual Private Networks have many uses including allow the user to encrypt their data and hide their location when browsing online.  The offshoot of this is that when a website checks your location, you can control what it sees.  Connect through a UK VPN and you can watch any of the UK TV sites online including the BBC.  In fact now the most advanced VPN solutions like Identity Cloaker even allow you to switch locations at will, so you can watch US, Canadian, Irish or Australian TV channels too.

Some of the media sites have fought back, Hulu for example waged war on these services in 2014 wiping out the use of proxies and blocking many VPN services.  Netflix, ABC and NBC also have active controls and frequently target these services.  However the BBC has never seemed to try very hard to block remote users who use a work around.

Now this has all changed, the BBC has blocked thousands of UK based VPN addresses.  It appears to have drawn up a list of providers to target, from my research it appears to be the most obvious targets.  The largest VPN providers and those who actively market  their services as TV watching VPNs have been the biggest sufferers.

There has been a wave of disappointment across the globe as people fired up their VPNs over the last few days and were greeted with the simple message that the BBC iPlayer was only available in the UK.

Fortunately there is a solution, there has been no great technological leap in VPN detection, it appears the block is simply placed on the IP addresses.   Stay clear of the TV watching VPNs and stick to a security based product and you should be fine.  Identity Cloaker has been unaffected so far, and you can still watch BBC iPlayer through their VPNs.  As for the blocked providers it's likely they will simply update their IP addresses and be back working soon in any case.