Monday

My VPN Stopped Working

Throughout the internet at the moment this is a common cry - support calls and posts of anguish all saying the same thing  - why has my VPN stopped working?

In truth though most of these VPNs are actually working perfectly well, the problem is that many websites have started  blocking the use of them.

Region Locking and VPNs
The spectacularly rise of the use of virtual private networks is not entirely due to the worries about cyber crimes and lack of privacy online, although these are a significant factor.  The real reason is the increase is the use of region locking - the practice where particular online entertainment services are restricted based on your physical location.

So for example, you can't use the wonderful BBC iPlayer to listen to the cricket or watch David Attenborough unless you connect from the UK.   Your Netflix subscription won't give you access to the US Netflix site (which is by far the best) unless you're physically located in the USA.  All this is kind of annoying especially for scenarios where a BBC license fee payer can't watch the BBC News online if he's out of the country or an American traveller can't watch Netflix when he's abroad on business.

VPN Stopped Working


A VPN solved all this, because your physical location wasn't determined by where you happened to be - simply where the endpoint of the VPN tunnel was. This was the IP address the website saw, so a UK VPN would have an English IP address and so on.  So I can sit happily in a hotel room in Istanbul, fire up a US VPN service and stream US Netflix directly to my laptop without an issue.  The same thing works for thousands of other media websites - a VPN unlocks them all.

This worked great for literally millions of people and now sophisticated VPN services like Identity Cloaker mean that you can get access to connections in lots of countries across the world.  You can unblock TV stations in whichever country you need simply by switching to a VPN based in that country.  For example I frequently switch around the different regional versions of Netflix to find something I want to watch - the US version has loads more stuff than any other though.

So what's the problem with VPNs now?
Well the issue if that the world's copyright system is in a bit of a mess when it comes to global access, which is why so many restrictions exist.Netflix might pay for the ability to stream a certain blockbuster in the US but it may not have those rights for the UK or Canada for example, which is why they have so many different regional versions.  Most companies are coming under increasing pressure to stop this practice and enforce the region blocks.

The BBC has started blocking loads of VPNs en masse and so have lots of the other big media broadcasters who operate online.  One of the most aggressive though is Netflix which seem to be trying to completely block all VPN access to their services - you'll just see this picture if you try.



Over the last few weeks virtually every single VPN provider has been blocked from accessing Netflix - which is why so many people are getting upset.  Remember you can pay for a Netflix subscription but if you're country doesn't have a licensed version then you'll get no access.

How are they doing this and what's the best VPN for Netflix now?

There are potentially a few methods companies like Netflix could be using for doing this. However it seems fairly obvious which one they are employing.  Most IP addresses in use on the internet are split into two sections - residential and datacentres.   Most VPN servers are of course set up in these datacentres across the world and they're fairly easy to identify.  Although these companies can't identify that a VPN is being used they are able to determine that an IP is non-residential - which is how they are blocking VPNs so conclusively.

Obviously the war is now moving on and a couple of the best services are fighting back.  Identity Cloaker will be releasing an update to it's program this week which will include several hundred residential IP addresses in it's service to be used when Netflix is being accessed.  These are indistinguishable from normal home based IP addresses so won't be blocked. The disadvantage is that they are much more expensive so we could find that the best VPN for Netflix turns out to be quite expensive, but perhaps these companies will absorb the cost.




Friday

How to Get a Random English IP Address

The new wave of VPN and proxy services are becoming increasingly sophisticated in part due to the increasing efforts to identify and block them. There is something of a technological war going on between these services on one side and an array of logging, filtering and blocking software and hardware on the other.
The first casualty is arguably the simple proxy, for sometime this offered a simple method of sidestepping these blocks but unfortunately these rarely work now. Even the BBC which operated a rather lax blocking regime for non-UK visitors for many years now stops proxies connecting to their online services.

In some sense it's not surprising that proxies have had their day, they were a little too simple and ultimately often created more security issues than they solved. The upside is that the VPN/SSH services offer much more privacy and a host of security features.

Using a Random UK IP Address,

This is one of my favorite features from the security program Identity Cloaker which I've personally used for many years. It gives you the facility to switch IP addresses automatically and rotate them.

Here's a quick video demonstrating this feature in action:
 
So why would you want to switch addresses like this?

Well one reason is it increases your level of privacy and makes it much harder to spot that your using a proxy/vpn service. For example consider what logs look like at the ISP if you're using a static VPN service. Although nobody can see your data, they will notice that every web transaction goes through a single server address - it's fairly simple to see that you are using a proxy or VPN.

Same goes for your logs on any internal network, a single IP address for all your web traffic suggest that your data is being routed through a server usually a proxy. If you happen to live in a country where the government actively seek to control the internet this can be dangerous too. The use of a single VPN is not hard to detect if you spend the time looking for it. This is why it can be so useful to periodically rotate your IP address it make it much more difficult to detect.

As you can see from the demonstration you have complete control over this feature, from specifying the exact time when you should switch servers, right to controlling which countries you switch too.  So it's perfectly possible to configure a different England IP Address to be assigned every 30 minutes or so.

There is a slight break in your internet connection whilst the software switches servers but it's hardly noticeable unless you set it to change every few minutes.  You would set it to a specific country to ensure your browsing experience doesn't change much, e.g Google would use the correct country and so on.   However for the ultimate security you should change to Any Country and a smallish rotation time for a totally random IP address every few minutes !


Watching BBC World News Streaming

There is one area where the internet reigns supreme and that's being able to keep up with news and current affair.  However to focus on the important events, most of us tend to focus on a particular provider - for me it's the BBC.    Ever since I had the pleasure of meeting the wonderful Kate Adie, one of the BBC's veteran war correspondents in the 1990s, I will always watch the BBC whenever possible.

The internet has of course completely changed the game even with traditional news media, many newspapers are online - some free and others by subscription.  Gone are the days where a UK traveller would have to spend a small fortune to buy a week old copy of the Daily Mirror in a hotel somewhere just to satiate their news fix.  However quality is still somewhat in short supply online and the BBC is still one of the forerunners even in the digital space.

All of the BBC News programmes are available online, you can either watch a recording or live from the website with a couple of clicks and no account.   Unfortunately watching BBC News is a little more complicated depending on where you are because the facilities are only available when you're physically located in the UK, otherwise you'll not have access to any of the live TV functionality on their web site.

The reason you can't watch BBC world News streaming online is because for licensing reasons, the vast majority of the BBC's programmes are blocked outside the UK presumably to protect the value of the license fee.   When you visit the BBC TV website and click to watch the News for instance you'll just get a little warning that the BBC iPlayer only works in the UK

However there is a fix and here's how you can watch BBC news live and indeed any other UK TV station online from anywhere,
It uses a VPN connection, to hide your real location by routing through a UK based server. It's terribly simple to use, and for anyone who lives away from home a worthwhile investment to allow you to surf anonymously online. When you connect to the BBC News site with the VPN connection active it only sees the IP address of the UK server and allows instant access to watch BBC world news online.

Unfortunately simple proxies (which you could sometimes find for free online) don't work anymore as the BBC now actively checks for them and blocks their use. It does seem kind of sad that in a time when the internet is being so widely abused for spreading disinformation that one of the truly independent and reliable news sources is not available to the world.

I can understand why the BBC restricts access to it's popular shows and TV programmes in order to resell them, yet the BBC News at 10 is not really in that same category. Perhaps the BBC will one day extend the news component of it's web site and allow anyone to watch from across the world like the World Service currently does on long wave radio.

Your Chance to Hack the Pentagon

If you're feeling bored and fancy a challenge which may test your hacking skills then you're possibly in luck.  The Pentagon has followed the lead of many security savvy companies who allow people to attack their networks in order to test their security.  The project is called , rather unimaginatively I thought, Hack the Pentagon.

Of course, for many hackers the first thought is -

However it does seem that they are quite serious and are keen to attract talented hackers to test their digital defenses.  There is talk of even some sort of monetary reward, although the kudos of legitimately bypassing the Pentagon defense's will be enough for most of us!

But before you rush off and blow your cash and buy VPN servers across the world, then there are a few caveats.   First of all you must be a US citizen, and I'm not sure Edward Snowden counts.   Next you must register your intent officially, this is starting to sound less fun I would imagine.  Then you'll have to undergo a background check to assess your suitability to be granted approval to take on the Pentagon's security systems without a 'little knock on the door' following quickly afterwards.

But all going well, then some people will be given the go ahead to attack the Pentagon and try and breach their security infrastructure.

We'll keep you posted on the rules and regulations as they are released but it's expected to be happening in April sometime.   It should be mentioned that only selected services will be included in the first phase  project, presumably excluding sensitive and highly critical systems.