Netflix Subscriber Growth Falls - VPN Payback

Over the last few weeks, we have covered in these pages the fact that millions of people have been blocked from accessing their Netflix account.   Although perhaps we should clarify that most have been blocked from they're preferred Netflix version rather than completely restricted.

I'm referring of course to the almost 100% ban which has been implemented by Netflix on using VPNs and proxies to circumvent the region locking which is used by the site to stop people sneaking off to use different versions.   Most people for example use these tool to view the US version of Netflix through their account despite not being in the US.   The VPNs could hide your real location and allow you access.whichever version you wanted.

The version was nearly always the US version which has thousands more movies and shows than the other versions of Netflix.  Many Canadians for example rarely logon to the Canadian Netflix instead firing up their VPN and switching to a US server before going to their account.

However then it started - the Netflix Block VPN purge where they suddenly blocked access from any non residential IP address which meant that virtually every VPN server (which all reside in commercial data-centres) stopped working and users received the now infamous error message.

Imagine literally hundreds of thousands subscribers saw this message within a few days as they fired up their faithful VPN clients.  It will have generated some serious ill will towards the media giant - imagine being half way through some US only box set when the rug is literally whipped from under your feet.

What Netflix wants to happen is for people to stop all this geohopping and go back to using their own specific Netflix version.   However it is likely many will simply quit, switch to another media provider or perhaps just go back to downloading via torrents all the stuff on the Netflix servers and more.   There has already been a huge slowdown in subscriber growth, the simple reality is that many Netflix users aren't interested in their own geographically locked version - most want the US Netflix.

It will be interesting to see how this develops, there is little doubt that Netflix will have been under pressure from the content providers and copyright holders to lock out these VPN users.   The costs might have been seriously underestimated from the media giant though, VPN based subscribers represent a significant portion of users and many will simply go elsewhere.


Using a Proxy for Netflix

I've had a few comments with this question, so I thought since this blog has covered the use of proxies for many years I'd better try and answer.  So can you use a Proxy for Netflix?   Well the simplest answer is no, they don't work - it's kind of sad but true, the days of simply using a proxy server to bypass region locks are pretty much gone.

Of course, I've still got many proxies installed in various places across the world but unfortunately most of these are of very little use now, except for a few of my more obscure projects.
The problem is that all the big media sites, governments and intelligence agencies can easily automatically identify the use of a proxy now, it's then very easy to block them.  They haven't worked with Netflix for some time and in fact the only real use for a proxy was to access the BBC iPlayer which never seemed that bothered about them - but even they blocked access from a proxy last year too though.

To access these media servers from a different country you can forget using a proxy for Netflix - you need to use something more difficult to detect like a VPN.

If I can't Use a Proxy for Netflix? What Now?

Doe that mean you're stuck with the crappy localized version based on your real location, will Canadian Netflix users have to stare jealously whilst US users a few miles away pay the same price for three times as much.  Well thankfully no, but you will need to use something more sophisticated which is harder to detect such as a VPN or SSH tunnel.   These can be encrypted and are not identifiable when you visit a website, at least not if they're configured correctly.

Netflix though has gone further than all the other media companies, they have targeted VPN services heavily too.  At the time of writing about 95% of these VPN services are blocked also, if you try and use a VPN to access Netflix you'll get this message.

Proxy for Netflix

Netflix have started to block based on the classification of the IP address which is connecting. So although they can't actually identity the presence of the VPN, they know that almost all of these services use a commercial IP address. This is actually an easy block to implement and Netflix have simply restricted access to residential IP addresses. The difficulty is that these addresses are not easy to find, if you've ever looked for a residential VPN service then you'll know that they are both rare and very expensive.  This is because they're normally only available to ISPs to service home user connections, you can't normally assign these to data center server.   However one company has solved this -
Identity Cloaker are one of the VPN providers who have implemented a solution, although currently it only allows access to the US version Netflix. What the software does it to detect when a connection is made to the US version of Netflix, then it will route the VPN through a residential IP address instead of a commercial one.

This has the advantage of allowing access to US Netflix whilst minimizing the use of these residential addresses which reduces the cost. Transferring entirely to a residential IP network would involve a heft price rise simply to break even.

So forget using a proxy for Netflix now, but you can always use Identity Cloaker - test the trial here.  It works for all the other media sites too but only uses residential addresses for US Netflix currently.


Residential VPN Services and Netflix Blocks

So what exactly are residential VPN services and why are they so hard to find?    Well millions of  us have been using VPN services for many years for a variety of  reasons usually involving online privacy, security and bypassing all these stupid region locks that appear all over the internet.

It is probably region locking which is the important factor here because if your focus is simply anonymity there is little difference between a residential VPN and an ordinary service.  In truth, anonymity is probably best served by establishing a connection to a server housed in a secure non-residential data center.

The difference between residential VPN services and a standard one is simply the type of IP address that is assigned to your connection.

There are in fact two distinct groups of IP addresses -

  • Standard Commercial IP address assigned from a Datacentre
  • Residential IP address assigned normally from your ISP

For many years this distinction was unimportant, you needed an IP address to get online and it didn't much matter where it was assigned from.  But in the last few months this has begun to change and there's every indication that it's going to get more and more important.

What do you mean Netflix doesn't work anymore!!!
The first indication has been in the ongoing war between the online media giants who are determined to use region locking to control our viewing.  It's why you can't watch the BBC iPlayer outside the UK, Hulu outside the USA and use your Netflix account in a country where it's not supported - all these companies actively block such connections.

This has been a problem easily circumvented though simply by hiding your real IP address and instead connecting through a VPN/proxy service.  Unfortunately the companies are fighting a real war against these services - proxies are now pretty much useless as most of the media giants can detect and block them easily.

VPNs have survived longer because the encrypted connections are much more difficult to identify.  However these too have now begun to be blocked particularly by the media giant - Netflix.   Nearly all VPN services are now blocked by Netflix, see Netflix Blocking VPN and you'll get this warning message if you try and use one -

What Netflix is doing is not trying to detect the VPN or proxy itself but merely  the source of the IP address.  If it originates from a standard data center then it is deemed to be a proxy or VPN service and blocked. Netflix now only allows access to residential based IP addresses assigned from an ISP.

Almost overnight every single VPN service became useless for accessing Netflix - which was quite upsetting to many of us!  Fortunately the services are beginning to fight back and a couple of the most advanced services like Identity Cloaker are already bypassing these blocks again.

What they are doing is using residential IP addresses assigned to their VPN servers.  For example Identity Cloaker now assigned a random residential IP address to any connection made directly to any Netflix website - this ensures that the connection is never blocked.

There are not many of these residential VPN services available yet simply because the technology to assign them is quite new and these addresses actually cost much more than standard IP addresses.   It is expected though that many of the other big media sites will follow Netflix's route in the future and block all non-residential traffic.

You can try the 10 Day trial for Identity Cloaker here - but please note that you'll only get a US residential IP address when connecting to US Netflix as they are not yet required for the other media sites.


Netflix Blocking VPN - Why My VPN doesn't Work Anymore!

Throughout the internet at the moment this is a common cry - support calls and posts of anguish all saying the same thing  - why has my VPN stopped working? Why does the BBC not stream anymore, why is Netflix blocking VPN servers!

In truth though most of these VPNs are actually working perfectly well, the problem is that many websites have started  blocking the use of them.

Region Locking and VPNs
The spectacularly rise of the use of virtual private networks is not entirely due to the worries about cyber crimes and lack of privacy online, although these are a significant factor.  The real reason is the increase is the use of region locking - the practice where particular online entertainment services are restricted based on your physical location.

So for example, you can't use the wonderful BBC iPlayer to listen to the cricket or watch David Attenborough unless you connect from the UK.   Your Netflix subscription won't give you access to the US Netflix site (which is by far the best) unless you're physically located in the USA.  All this is kind of annoying especially for scenarios where a BBC license fee payer can't watch the BBC News online if he's out of the country or an American traveller can't watch Netflix when he's abroad on business.

Netflix blocking VPN

A VPN solved all this, because your physical location wasn't determined by where you happened to be - simply where the endpoint of the VPN tunnel was. This was the IP address the website saw, so a UK VPN would have an English IP address and so on.  So I can sit happily in a hotel room in Istanbul, fire up a US VPN service and stream US Netflix directly to my laptop without an issue.  The same thing works for thousands of other media websites - a VPN unlocks them all.

This worked great for literally millions of people and now sophisticated VPN services like Identity Cloaker mean that you can get access to connections in lots of countries across the world.  You can unblock TV stations in whichever country you need simply by switching to a VPN based in that country.  For example I frequently switch around the different regional versions of Netflix to find something I want to watch - the US version has loads more stuff than any other though.

So what's the problem with VPNs now?
Well the issue if that the world's copyright system is in a bit of a mess when it comes to global access, which is why so many restrictions exist.Netflix might pay for the ability to stream a certain blockbuster in the US but it may not have those rights for the UK or Canada for example, which is why they have so many different regional versions.  Most companies are coming under increasing pressure to stop this practice and enforce the region blocks.

The BBC has started blocking loads of VPNs en masse and so have lots of the other big media broadcasters who operate online.  One of the most aggressive though is Netflix which seem to be trying to completely block all VPN access to their services - you'll just see this picture if you try.

Over the last few weeks virtually every single VPN provider has been blocked from accessing Netflix - which is why so many people are getting upset.  Remember you can pay for a Netflix subscription but if you're country doesn't have a licensed version then you'll get no access.

How are they doing this and what's the best VPN for Netflix now?

There are potentially a few methods companies like Netflix could be using for doing this. However it seems fairly obvious which one they are employing.  Most IP addresses in use on the internet are split into two sections - residential and datacentres.   Most VPN servers are of course set up in these datacentres across the world and they're fairly easy to identify.  Although these companies can't identify that a VPN is being used they are able to determine that an IP is non-residential - which is how they are blocking VPNs so conclusively.

Obviously the war is now moving on and a couple of the best services are fighting back.  Identity Cloaker will be releasing an update to it's program this week which will include several hundred residential IP addresses in it's service to be used when Netflix is being accessed.  These are indistinguishable from normal home based IP addresses so won't be blocked. The disadvantage is that they are much more expensive so we could find that the best VPN for Netflix turns out to be quite expensive, but perhaps these companies will absorb the cost.

For those still suffering - with the BBC, Hulu and others such as Netflix block VPN services - there is good news.  Identity Cloaker Netflix have risen to the challenge and integrated loads of residential IP addresses into their infrastructure - primarily for Netflix use - currently only supporting US Netflix (which is the best anyway!)


How to Get a Random English IP Address

The new wave of VPN and proxy services are becoming increasingly sophisticated in part due to the increasing efforts to identify and block them. There is something of a technological war going on between these services on one side and an array of logging, filtering and blocking software and hardware on the other.
The first casualty is arguably the simple proxy, for sometime this offered a simple method of sidestepping these blocks but unfortunately these rarely work now. Even the BBC which operated a rather lax blocking regime for non-UK visitors for many years now stops proxies connecting to their online services.

In some sense it's not surprising that proxies have had their day, they were a little too simple and ultimately often created more security issues than they solved. The upside is that the VPN/SSH services offer much more privacy and a host of security features.

Using a Random UK IP Address,

This is one of my favorite features from the security program Identity Cloaker which I've personally used for many years. It gives you the facility to switch IP addresses automatically and rotate them.

Here's a quick video demonstrating this feature in action:
So why would you want to switch addresses like this?

Well one reason is it increases your level of privacy and makes it much harder to spot that your using a proxy/vpn service. For example consider what logs look like at the ISP if you're using a static VPN service. Although nobody can see your data, they will notice that every web transaction goes through a single server address - it's fairly simple to see that you are using a proxy or VPN.

Same goes for your logs on any internal network, a single IP address for all your web traffic suggest that your data is being routed through a server usually a proxy. If you happen to live in a country where the government actively seek to control the internet this can be dangerous too. The use of a single VPN is not hard to detect if you spend the time looking for it. This is why it can be so useful to periodically rotate your IP address it make it much more difficult to detect.

As you can see from the demonstration you have complete control over this feature, from specifying the exact time when you should switch servers, right to controlling which countries you switch too.  So it's perfectly possible to configure a different England IP Address to be assigned every 30 minutes or so.

There is a slight break in your internet connection whilst the software switches servers but it's hardly noticeable unless you set it to change every few minutes.  You would set it to a specific country to ensure your browsing experience doesn't change much, e.g Google would use the correct country and so on.   However for the ultimate security you should change to Any Country and a smallish rotation time for a totally random IP address every few minutes !