How Can I Get a UK IP Address ?

This very question was sent to me by a US reader who wanted to change his US address to a UK IP address for a single reason - Television. Specifically he wanted to watch Match of the Day, the BBC Formula One coverage and Dr Who on the BBC. All these shows are available online through the wonderful BBC Iplayer but unfortunately it is only accessible to those based in the UK or more accurately those with a UK IP address.

The reason is that the BBC like most other media companies who operate online use a technology called geotargeting. It sounds a complicated, geeky term but it isn't really. It's short for geographical targeting and is a way for a website to display different content to different readers. It's probably best illustrated with an example. The following is a screenshot of a search I ran in Google for 'Plumbers'

Google has determined that I'm using in the UK and decided to show me lots plumbers in and around the London area.

But lets change my IP address to a different country and run the query again.   For this one I'll change my address to an IP address in the United States.

This time Google has decided that I'm in Arizona (it's actually where this IP address is registered to - so logically has decided to show me lots of plumbers and adverts for plumbers from within Arizona. Loads of web sites do this which is normally great, but of course can be annoying when they block you from accessing content based on your location.

Everyone of the main media sites do this, Hulu, ABC, NBC in the US, BBC1, ITV and the other UK stations in Britain and virtually every major broadcaster across the world.  It's getting more common too in other areas, with companies trying to offer different pricing  models dependent on your location.

So How Do Web Sites Determine if I Have a UK IP address or a US one?

Well it's actually quite simple, they simply record your IP address when you connect and look it up in big country directory database. It's actually very easy to set up yourself on your own site if you wish. You can download the IP address database here from a company like Maxmind, then load it into a spreadsheet or database and look up addresses from there. Most websites will either pay for a service or just run their own scripts against this database to determine which location your IP address is registered to.

There are other more sophisticated methods but largely this or a variant is the one utilized by most companies online - obviously depends on your budget.  Many companies now are investing heavily in this  technology.

So to bypass these restrictions you need to ensure that your IP address is from the correct location - this is very usually the country of origin. So for example

• Hulu - US Address
• BBC - UK Address
• Pandora - US Address
• ABC - US Address
• CTV - Canadian Address
• RTE - Irish Address
• M6 Replay - French Address

And so on, it is unfortunate in some instance that the people who most want to access these online services - Ex-Pats, people working abroad etc are the ones who can't access them by default.

Originally people used proxy servers that they found online, these are computers which sit in between the web site and your PC. They are commonly used in corporate and educational networks as a barrier to the internet. If you can access the internet at work it is almost certainly through a proxy server. However the ones available online are very dangerous to use as they are often used to steal information and spread viruses - the ones that aren't are nearly always extremely overloaded and too slow for accessing video.

There was obviously a gap in the market! So many of us spend so much time online, for entertainment, research and for work - and our addresses are used to block, restrict and filter what we do online. The requirement was filled by hundreds of proxy/VPN providers who offered a commercial service which you could use to shield your real IP address when you needed to.

There's literally hundreds of these companies now, many market themselves quite openly as TV proxy services (you should be careful with these as they can be shut down overnight). The more sophisticated option is the security software which are generally better run, also offer a wide range of country IP addresses (rather than one or two) and a faster infrastructure.

My recommendation is Identity Cloaker whose software is easy to use and offers access to servers in about a dozen different countries (including USA, UK, France, Germany, Canada, Australia and quite a few more). With a click of a button you can change your address to a US or UK IP address or whatever you require. Their trial offer is here - Identity Cloaker or if you want to see it running - I've got a video demonstration here - of me watching BBC Iplayer abroad in Turkey.

There are loads of others though, I do favor the ones that have developed their own software and are proper tax paying companies.  Too many of the sites are set up by a kid from his bedroom with a cheap hosting and a mate who's really good at web design !!

Updated - May 29th - 2013

Anonymous Surfing needs More than a Proxy

It's almost become synonymous on the net, proxies = anonymity, yet I'm afraid it's simply not true anonymous surfing can be assisted by using proxies, however it can also actually be impeded.

First of all let me tell you why I started looking seriously at products that allow you to surf anonymously. Well I work in the security profession, mainly designing secure windows infrastructures, so I am obviously interested in all security related subjects. Because of my job, I am well aware of the many risks to our data and identities as we surf online. There are lots of related posts on various security risks and issues on this blog, but the main reasons that made me actually start surfing anonymously are actually quite simple ones.    

The first is the security side, when you have actually seen fake wifi portals set up in hotels, you know the threat is very real, there are people actively harvesting personal details from everywhere and anywhere. Combine this with the reality that the vast majority of data you transmit is actually in readable text (HTTP is a clear text protocol). That's right completely clear, readable text. I can sit here in my house and see quite clearly every web site my neighbours visit on their open wifi portal. Just as I can see the data from fellow residents on most hotel WiFi networks, quite easily.

So my interest in anonymous surfing was probably fuelled by this knowledge, but unfortunately there is so much more. You see you may not be aware but because we surf mainly in clear text, this means that there is a complete accessible list of all your online activities in one place, your ISP. Now you may, or may not trust your ISP with securing this data (have you ever asked? ), but did you know that most governments in the West are ensuring that they have access to this data when required ? (and probably most governments already are if the truth be told)

In Europe there is already a directive called the European Data Directive which forces ISPs to maintain all their logs for up to two years. Most countries are actively supporting this, although there is hope that Sweden won't (good on you!)and possibly Germany, but alas some countries are even going further - the UK Government is among many who are planning central databases so that 'selected' agencies can access your surfing history easily from their desk (the main barrier at the moment seems to be the credit crunch!).

 In America the same, the NSA monitor and access ISP logs routinely, commonly not needing as much as a search warrant to check what you've been surfing. They know that sitting in your ISP is the most complete profile of a person and their activities that you could possibly get without their knowledge.

So I guess my two main reasons are protecting my data from hackers and criminals, plus the idea that the state can routinely  
monitor what I do on line, suddenly keeping your privacy becomes rather more important.

Of course if I lived in a country where I had reasons to be genuinely scared of my government, it would have even more importance.  But luckily I'm not quite in that position yet, although I do travel to these places.

There are of course a myriad of other reasons why people might want to surf anonymously. Here's a little list of side benefits you can get when you are completely anonymous online.

Some Anonymous Surfing Benefits

1. You can access any media content you like, irrespective of country restrictions,  I can access Hulu, BBC, ABC, Pandora or any media station in the world wherever I am.
2. I can bypass country censorship, for instance facebook and Youtube are blocked in many countries across the world.
3. Nobody can monitor or block my internet access from whichever network I am using.
4. I can bypass IP blocks whenever I need for instance forum restrictions.

But most of all I am safe, I am invisible online, no hackers or identity thieves can intercept my data and passwords.   I can surf wherever and whenever I want irrespective of my location, and nobody can monitor or block my access, and that includes the authorities.

Look for example at this screen from the software I use, it allows you to connect and tunnel through an internal work proxy, most anonymous proxies would fail to bypass an internal firewall in this situation - neat huh !

But of course there are many ways of achieving an anonymous surfing goal, most components can be put together yourself or by using a commercial product.  There are two main elements that must exist to maintain your privacy - firstly shielding your IP address with a proxy and then using encryption to actually protect the data you send and receive.   Without both these components you will not be secure, not even close and in some cases you'll be worse off than doing nothing.

So why the opening title of my post, do I warn against proxies? Well simply because when you use any proxy you are trusting the owner of that proxy with all your data, much like you do with your ISP. So think carefully, you're not going to stay anonymous online if the owner of that $2 .info domain with a home made proxy is scanning all your details for account, card numbers and passwords.

Proxies are essential to obscure your IP address but they must be extremely secure and in my opinion the logs should be deleted immediately, otherwise your just creating another log of your activities.  That is what I do to check any security program, it is my data, the owner of the proxy has no rights to hold, store or view this information at all.   Make sure you do this check.

There is much, much more to this subject and if you explore my blog, you'll find much more information on this subject which will hopefully be useful.  On this website you'll find I only recommend a program called Identity Cloaker, simply because out of all the commercial products I found it was the only one that provided complete security, was able to be used on a USB key (which is important to me as I often switch computers), had a network of fast proxies in countries across the world, deleted all my logs - but perhaps most importantly convinced me they were technically capable of running a network of highly secure proxies.

There are other products out there and indeed some good ones, but watch out for those that use free anonymous proxies, many are run by the identity thieves themselves!  Make sure any product you use protects your IP address using private, secure proxies and encrypts your connection (VPN, SSH or SSL tunnel), at the moment I haven't researched one as closely as Identity Cloaker but I know there are some good alternatives which I will review on this site shortly.

If you don't have the budget for something commercial, I can recommend TOR, it has it's problems and can make surfing a bit slow but it's a great concept, which we should all support, if you use it please donate what you can.  However you manage to secure your browsing and obtain anonymous surfing, remember to be especially careful with how the proxies are run and by whom.

Updated

Who Wants to See Your Google Fact File?

We can probably only guess at the amount of information that Google has stored about us.  If you remember a few years back the Search Engine Giant collected over 600GB of personal data from unsecured wireless connections during it's data collection for Streetview.  To be fair the company did insist that the collection was accidental, although it's quite an achievement to gather that much data from 30 countries by mistake.

Anyway the incident caused the company great embarrassment and an agreement was signed in November 2010 that all the data should be forensically destroyed.  In December 2010 the company stated that all the data had been destroyed.   Unfortunately it hadn't and much of the data is still in existence the company has now announced.

It's now August 2012, so the data allegedly destroyed about 2 1/2 years ago still exists.  It appears that this is mainly due to incompetency rather than any deliberate misconduct.  However given the huge amount of personal data Google holds this is hardly going to be reassuring to it's many users.

Of course this is the main problem - it's not just whether this was unintentional blundering or something more sinister - the fact is that companies like Facebook, Google et al just possess enormous amounts of profiling information about each and every one of us.

Have a look at the Google Dashboard to get an idea of what information the Search Engine Giant says it's holding about you.   If you have a Google account (most do I'd warrant) and have been online for any length of time then it will probably be like a walk down memory lane.  Those half remembered chat conversations, the Google Docs you've opened, the YouTube activity, the thousands of emails and possibly worst of all the slightly disturbing web history.

Just have a look at the information and imagine if it portrays an accurate picture of you and your interests.  In most cases it is great profiling information but of course it's often missing background context.  A Middle East War reporter is quite possibly going to look like a terrorist or fundamentalist is you just look at the web history.

Who is Looking at Your Web History ?

Well there's again little way to tell, even using European data protection and privacy laws it would be difficult to find out.  Google though does attempt some transparency by publishing the requests for accessing this data by Governments and Federal Organisations -   here's the top of the table for the last 6 months of 2011.

United States leads the way with over 6300 requests regarding 12, 243 individuals Google Data.  Then India, Brazil and the biggest European countries not far behind.   An interesting statistic is the percentage of requests complied with - presumably those which have some legal or moral justification?

If you check out the chart you'll find although Turkey, Hungary and Russia made relatively small number of requests - none were successful.

In any case, you can see there is a substantial interest in the personal data held by companies like Google.   These numbers are very likely only the very tip of the iceberg, although what the true extent is we are unlikely to find out under present legislation.