Tuesday

Broken Smart DNS - Netflix Fights Back

For many people, finding ways to access the world's best media sites can be a full time job.  Depending on where you live, it can be very difficult to access anything online.  Although many solutions exist for a computer it becomes even more tricky to get these streams working on other network devices like Smart TVs, media streamers and tablets.

Which is why Smart DNS was becoming so popular, because it was very simple and could be enabled on the majority of devices with ease.  How it worked was surprisingly simple but very effective, all you had to do was change your DNS server to one of the Smart DNS enabled ones.  This then would intercept any requests for media sites which checked your location and rerouted the initial connection through an appropriate proxy server.

So if you were in France and wanted to access Hulu for example, the Smart DNS server would route your initial connection through a US server, enabling the USA only stream whilst having virtually no impact on speed!   Some of the best Smart DNS service providers like Overplay even allowed you to specify your exact location.  This was great for services like Netflix as you could switch between any version of Netflix you required, for example Netflix USA has by far the biggest choice, but Netflix UK has some great British content.


You could add the DNS setting to your TV, tablet, phone quickly and easily.  In fact you could modify the DNS server which was supplied by your router and effectively enable every device in your home all at the same time.  All your other browsing would not be effected and DNS requests would resolve normally, a great, efficient work around if you used a fast service.  However even the dodgy DNS codes would work reasonably well and often worked for a couple of days rather than for just a couple of hours like free proxies.

However this all changed with the latest update to the Netflix interface, which has been rolling out over the last few weeks.  This update is not just to make the interface look prettier and easier to use (although it does) - it includes a function to break the Smart DNS workaround.

How does it break the Smart DNS Code Method?

It's surprisingly simple - the new Netflix interface hard codes the DNS servers to use.  So whatever device you access Netlifx from it tries to use, the Google DNS and Open DNS servers for name resolution.   This obviously completely bypasses the Smart DNS servers you have configured and thus the redirection which fools the Netflix servers doesn't happen.

The result, if you're in the UK and try and get US Netflix you'll get an error message.  If you try and access Netflix from a country which doesn't have any version and you'll get completely blocked again.  It's very frustrating especially as you have to be paying for a Netflix subscription in the first place.

Fortunately, there is a fix although how long it will work for I'm not sure.   It involves ensuring that the Netflix application can't access the Google and Open DNS servers, which then falls back to your Smart DNS server.  Currently it seems to work very well, but the method looks vulnerable, Netflix could go further to stop this.  There are a variety of methods to achieve this DNS server block, but one of the best write ups is here - Broken Smart DNS - the Fix a fairly straight forward method of setting up a static route for each of the DNS servers which block access.

There are other options, and indeed many people will not have the facility to set up static routes on their routers.  Basically you just need to ensure that the client cannot access those DNS servers, you could use firewalls, Internet security software, perhaps even your hosts file to redirect those requests (Windows will use the hosts file before any DNS resolutions are attempted).  It just suddenly makes using Smart DNS much more complicated and needs some technical knowledge.

Will Netflix pursue this further?   They certainly could, their method would easily extend and indeed they could enforce those DNS requirements (or Netflix wouldn't work) - although they have to be careful that they don't cause other issues.  It might be that Netflix will leave the current situation, it's made the use of Smart DNS more difficult and less appealing certainly for accessing their service.


The Smart Phone Device That Can Steal Your ATM PIN

Technology can obviously bring huge benefits to society as a whole, but sometimes it can work the wrong way - at least when it's in the wrong hands.  Which is unfortunately the case with the amazing little gadget that has been recently released which works with the iPhone 5.

It's called the FLIR ONE and it's one of the wonderful little devices that you desperately want to have but just have to work out a justification for buying one. It's basically a device which can turn your iPhone into a fully fledged infrared personal thermal image camera.  So instead to trying to explain that, a picture will probably demonstrate exactly what it does.


As can be seen you simply point it and you can see all the different temperatures of everything around you.  It basically works by detecting the wavelength of infra red light being reflected, this varies with the temperature and so the FLIR ONE is able to detect the relative temperatures and display or take photos of them.

It's pretty neat, but unfortunately (or fortunately depending on your point of view). it has a rather impressive criminal potential, which maybe already being exploited.  You see this device if pointed at an ATM machine has the potential to identify the relative temperatures of the keys on the machine.   This temperature is of course caused by the fingers of the person who used the machine last.  Hence it can be used to identity the key presses that constitute your PIN number from the residual heat from your fingers.

There have already been demonstrations of how this might work, but it always involved large clunky infra red equipment, which would be rather difficult to conceal.  But imagine how much easier it is to just queue up behind people and then simply take a quick thermal photo before moving on.

Of course, they still need your card to actually be able to steal your cash, but the technology for that has been around for years certainly in the murkier areas of the web and the Darknet.  All you need if a $50 RFID reader and a $300 card magnetizing device and you have everything you need to steal and clone a card details from anyone nearby carrying an RFID enabled card.

So there you are a complete kit for creating a duplicate card and stealing the PIN number all for about $750. What's worse it involves little technical knowledge and all the gear can fit into a small bag !!!

Monday

Russian Media Scores Own Goal

Media companies throughout the world are beginning to learn that some of the dubious practices they have taken part in over the years, don't really work in the modern, digital age.   The days where a newspaper or a TV station can effectively control the news feed are virtually gone.

There is the odd exception, places like North Korea are still living in the 20th century thanks to a digital lock down and a paranoid dictatorship.   They also seem slightly insane, just recently announcing to the population that the North Korean Football team had reached the World Cup Final (despite not being there or even qualifying).


Here's the mocked up shot from the Youtube video with Kim Jong-Un receiving the plaudits in Rio.  We're not quite sure if it's really been released by the North Korean state media or if it's just a spoof.  Either eventuality is equally likely and indeed North Korea have done this before.

But for the rest of us, the truth is out there and tends to be fairly accessible despite the best efforts of certain world Governments.  This is what the Russian State media have just found out, and are left looking even more guilty than when they started.

The allegations refer to the ill advised edit of a Wikipedia page recording the Malaysian Airlines (MH17) disaster which took the lives of 298 innocent people. The page described the disaster as being caused by
"by terrorists of the self-proclaimed Donetsk People's Republic with Buk system missiles, which the terrorists received from the Russian Federation."
However about an hour later the Wiki page was changed to
"the plane was shot down by Ukrainian soldiers."
Nice little subtle change which completely shifts the blame from Russian State supported rebels to Ukranian soldiers. The problem was that whoever did it, rather amateurishly did it from a computer owned by the All-Russia State television and Radio Broadcasting Company. Like the vast majority of websites, all IP addresses are logged and recorded and indeed on Wikipedia they are even publicly displayed which is how a Twitter Bot picked up the edits.

Your IP address is linked to the computer you are using and unless you take steps to hide it and stay anonymous, such as using Identity Cloaker then it could potentially become public knowledge.  Wikipedia edits are always being highlighted in these situations from technically naive individuals trying to make sneaky changes.  Politicians, celebrities and media employees in all sorts of areas are always being caught, indeed I've seen a local footballer once being caught modifying the 'goals scored' stats on his own page!