One of the problems with standard VPN and proxy programs is that although they add a layer of security in most cases, they also raise a red flag for anyone who looks at their data. To understand this concept just think of a standard log in your local ISP for an ordinary internet user. The log will contain a list of all the websites that user visited, files downloaded, servers contacted. Much of this data is readable, but some will be encrypted such as communication completed through an SSL connection such as banking sites. However the locations and addresses of the web servers will all be visible.
What’s Different about the Logs of VPN Users?
There’s fundamentally two distinct differences between the logs of a standard user and those of a user who accesses the internet using a VPN service.
- Data is encrypted. All the logs of a VPN user are encrypted, so there is no visible data which is readable by anyone looking a the logs. This is of course one of the primary reasons people use VPNs to ensure that their communications are private and not accessible by any intermediate such as an ISP or other intermediate with access to this data.
- Destinations are hidden. The log for a traditional user will contain all the server addresses and names that they visit. However for the VPN user there will be only a single address visible – that of the VPN server that is being accessed.
There’s nothing wrong with this situation however the second point means that in some ways the VPN users data will stand out from the rest. The repeated requests for a single unique address will mark out that connection as related to a VPN or proxy. In some ways this is exactly the opposite effect that the VPN user desires, they still have more privacy than a non-protected user but their data is highlighted because it all travels through a single location. There is a further issue that if anyone wanted full unencrypted logs, these would be accessible from one single location – the VPN server (although it should be highlighted that most of these servers don’t store the logs anyway).
So what are the options for a VPN user how can they stop their data from standing out and protect against the fact that it is all potentially available from a single source. Well what a few of the more secure VPN providers have done like Identity Cloaker is offer the ability to switch the servers used automatically. Identity Cloaker has a proxy switcher feature which automatically changes the server used for the VPN connection. It can be triggered automatically, to switch between different servers, countries or physical locations after a specified duration.
This means that you could configure your connection to switch from a VPN server in the UK after ten minutes to switch to a US server, then a French one and so on. Your data would never be accessible on a single location and the logs although still completely encrypted would now look much more like any other user with different connections being made to different servers over time.
For years people have been using proxies and VPNs not only for security but to bypass the increasing number of filters and blocks that exist online. In the internet’s early days, these didn’t really exist – if you put up a web page you allowed everyone to access it. Obviously there were some exceptions but on the whole most sites were accessible to all, irrespective of your location. Those days have long gone now, with Government’s increasingly operating their own filters and censorship ranging from the ridiculous total block of North Korea to the lighter touch of Western democracies.
In fact, most filtering is now done by the websites themselves usually in the cause of profit maximisation. Most of the world’s biggest media sites for example will analyse your physical location before deciding what you can access, the internet is pretty much multi-tiered. Which is why being able to bypass these artificial restrictions is so important to many people – and why Netflix blocking proxies and VPNs is upsetting so many people.
You see, for years people have been paying for a Netflix subscription in countries where it’s technically not available. There were an estimated quarter of a million Netflix subscribers in Australia years before it was even launched there, people just fired up an American based VPN and access the US site instead. They all paid, they all had valid subscriptions except without a VPN they’d have had to fly to the US to use them. Now Netflix has launched in many more countries, except there’s still a problem – the quality and quantity of movies available varies widely. For example none of the regional versions of Netflix are anywhere near as good as the US one despite the costs being pretty much identical. So the VPN was still used to access the preferred version of Netflix not the one foisted upon you due to your location.
Unfortunately in the last few weeks this has changed and the vast majority of VPNs and proxies no longer work with Netflix – they are blocked almost completely. Netflix have adopted a different approach to most media companies who try and individually block VPNs, they have blocked all commercial IP addresses – just watch this quick video.
As you can see to bypass Netflix’s blocks you must not only use a VPN service but it must also originate from residential classified IP addresses – the one’s that are normally assigned from your ISP. These are unfortunately much more difficult to acquire than commercial addresses which is why most VPNs topped working as they were all based in commercial datacentres. Everyone using a VPN or a proxy would receive a warning message instead of being able to access the Netflix site.
It is quite an aggressive move though and many more people use commercial IP addresses without intending to bypass any blocks. Lots of corporate laptops for example use a VPN as standard simply because of the added security, anyone trying to watch Netflix from their work PC will also be blocked. IN fact Netflix is in some ways stopping the use of what is actually a sensible and secure way of accessing the internet. Using a VPN is pretty much essential for people who want to access secure sites while travelling for example.
How many of these companies are able to adapt to using residential IP addresses is unclear at the moment. Overall Netflix has currently succeeded in stopping access from the vast majority of services, there are a few like Identity Cloaker which have updated their infrastructure but it is a costly experience.
Netflix one of the world’s largest online media services has announced a new phase in it’s expansion plans. It comes at a time when for the first time in it’s history, Netflix is seeing a slowdown in subscriber growth. One of the reasons, although there are several, is the fact that currently Netflix mainly provides English language content. Although this is the biggest worldwide market it does limit it’s appeal in many countries.
Poland is one of those places, although it represents one of the biggest TV markets in Europe – English language programmes are a relatively niche market without widespread appeal. This situation is repeated in many countries across the world where Netflix has provided the service but has yet to see any real expansion. The media giant has decided to ‘go local’ and is using Poland as a pilot for it’s new phase of expansion.
The media giant aims to provide 80% of the content on it’s Polish version of Netflix in the Polish language. That is either the audio dubbed into Polish or Polish subtitles provided on all English films, movies and shows. It is hoped that this will greatly improve the appeal of the service and indeed maybe even lead to a surge in subscribers from the UK who already use a Polish proxy to access domestic TV stations like TV which are also region locked.
If successful we can see this being expanded into other regions where the take up on English language versions of Netflix is poor. Expansion into places like China would obviously be a likely step but also boosting already available regions in South America and Japan who have some local content but it is largely English language content.
Netflix have also commissioned several shows from local talent including a few stand up comics and entertainers from Poland in a further effort to produce a more local version. It also hopes that this will help to stop current subscribers from switching versions by changing their IP address, although Netflix has already been blocking access to with it’s well publicized Netflix VPN ban, there are still millions of subscribers who don’t stick to their region locked version of the service.
This however is likely to continue until Netflix is able to finally produce a standard global service which is accessible to all irrespective of the location they are in. For example it’s obviously unfair for Canadian subscribers to pay the same price for a small percentage of the content available across the US border.
Many people discover when they go on holiday or start travelling that the internet changes depending on where you happen to be. Of course some of it is expected, fire up Google using an access point in a Spanish cafe and you’ll not be surprised to find the Spanish version. What happens is that Google looks up your location and redirects you to the most appropriate version of the search engine interface – in this case Google.es.
This makes sense and is actually quite useful but unfortunately the same technology is used in other ways. It called geotargetting and basically when you visit a web site it takes your IP address and looks up what location it’s registered to, this is then used to either tailor, block or filter what you can see on that site. This is where the problem lies when a US citizen tries to access a US only site from a foreign country they’ll get blocked. Someone from the UK on holiday who logs on to the BBC iPlayer site expecting to watch the news online will also get blocked.
The list is endless, more and more sites are operating in this way meaning what you access from your home country will vary widely when you travel. However there is a way of bypassing these filters and accessing any site, you can watch the BBC from Greece using a UK proxy site to hide your location.
Here’s a simple explanation of how it’s done:
However we should clarify something, in the video above the program was not actually connecting to a UK proxy online, the server actually was something called a VPN server. It works in a similar way to a proxy but is much more difficult to detect. As of this year, most of the biggest media sites block access is you attempt to use a proxy server in order to bypass their blocks. VPN (virtual private network) servers are much more difficult to detect and block than proxies.
It’s probably too early to guess where this battle is going to head. Many of us hope that these companies block this practice of segregating web users by their location, although as it helps maximize profits this may never happen.
From something that’s basically designed to improve security, privacy and confidentiality – it’s often surprising that this question is asked so often. The problem I suspect is not so much suspicion about the technology but merely that often people have no idea how a Virtual Private Network actually works. Currently the numbers of people using this technology is rising at an exponential rate for a variety of reasons which include the following:
- National/Political/Government Filtering – increasingly even moderate governments and security services are seeking to control access to internet sites to their populations. All across the world governments are using advanced controls to filter or block access to specific sites. From the extreme examples of North Korea and China to less obvious examples like Turkey and Australia, millions of web sites are blocked from various countries across the world. In most situations a secure VPN bypasses these filters.
- Corporate/profit Maximization – companies seek to maximize profits online by operating something called price discrimination. This involves trying to sell the same product or service at the maximum price possible to different markets. This means that the same product will be offered at vastly different prices depending on your physical location. Users obviously don’t like this and using a VPN located in a different country will often allow access to the cheaper prices.
- Licensing/Copyright Issues -similar to the above example thousands of websites restrict access based on your location due to copyright restrictions. Unfortunately this is due to a licensing model spread across the world which is simply not compatible with the global, internet enabled world. Pay for your Netflix subscription and then see it blocked or cut when you travel to another country, try and watch the BBC as a license fee payer and watch your access being restricted online because you happen to be on holiday abroad. Again a VPN bypasses these restrictions by hiding your true location.
This list is not complete, in fact there are many other reasons why people use VPNs including the desire for some basic privacy from the huge surveillance efforts of the world’s security efforts plus the risk from cyber thieves using similar techniques to steal your personal information. It is not surprising that the demand is rising, but is a VPN safe – here’s a video.
So what are the risks? Well most of the issues with using a VPN lie with the supplier in both technical and legal competence. Unfortunately it is relatively easy to set up a VPN service and to sell that service onto to other users. However setting up a secure and safe VPN requires a high investment in infrastructure particularly in the servers that operate the network and technical knowledge to both set up the services securely and support them.
Remember when a VPN is enabled you are routing all your network traffic through those specific servers, potentially trusting your entire connection through the company who runs the VPN. Mostly this is not a problem but you should do your due diligence and ensure you’re dealing with a proper business rather than a group of college kids messing around with their University data centres.
A fast, secure VPN service provides a high level of both privacy and security online as long as it is configured and run correctly. It ensures that all your data is encrypted and also hands you to the ability to hide and control your digital location. Whether you just want to watch a different version of Netflix or watch your home News station online while travelling then a VPN is for you. A VPN is not insecure to use, in fact it’s exactly the opposite as long as it’s run correctly.
I’m forever being asked about free proxies or VPNs, because it’s the internet and you can find everything for free somewhere – right? Well although that’s true that you can download pirated games and films, stream pirated copies of music and cracked versions of computer software. However there’s a fundamental difference with proxies and VPN servers and such material – that is they cost money to supply and keep running. Every single byte of data passing through these servers incurs a cost, plus if they are going to be safe and not siphon off your personal details or riddle your PC with viruses, they need ongoing support from technical staff.
It all costs money and without a subscription charge it’s simply doesn’t make sense. So that free proxy server you found online is either hacked or being used to install malware or steal your login credentials. Want to swap the use of a proxy for free access to your Paypal and email account ? Well that’s effectively what you’re doing using these proxies and VPNs that you can find online for free.
There is another reason, not to use free servers apart from the security risk and that’s speed. Even ignoring the privacy concerns anything available for free is going to run like it’s connected to an dial up 28.8k modem, if you remember these you ain’t going to want to relive the experience. Without speed connecting your entire online experience through an intermediate server is going to be very, very painful and streaming video is just not going to work. To access the wonderful world of American based media sites for example you’ll need a fast USA proxy to maintain sanity.
This video demonstrates how to access the AMC site which has some of my favorite shows – including the Walking Dead. This streams perfectly across private proxy services that had enough bandwidth and throughput without endless buffering. There’s nothing to stop you trying to find a fast, free proxy service of course, and you might argue that if you only stream videos and don’t access anything confidential you’ll be ok. The reality is that the risks will still exist but you won’t actually find a fast one anyway.
Too right it does! For anyone who thinks cyber crime is just a tabloid headline or a story spread by scaremongering geeks is I’m afraid very much mistaken – cyber crime is rife and pays extremely well. Forget about the big million dollar stuff, it’s small to moderate stuff that the smarter crooks are targeting – in many cases it doesn’t even get reported as companies are reluctant to admin security breaches.
Here’s a very recent example that happened to a private medical centre in Hollywood, USA. The Hollywood Presbyterian Medical Centre has just paid a $17,000 ransom to a hacking group who installed malware on their computer systems which then encrypted key files. There are limited details of the exact nature of the attack, but it is believed that it was simply a classic ransomware exploit.
Ransomware is simple but very effective malicious software which usually operates in a couple of main ways – it’s focus is denying access rather than actually stealing data.
- Screen Locking – the malware will lock your computer screen or prevent you logging in, effectively stopping all access to the computer. It’s often accompanied with a request for a ‘fine or donation’ payment to remove the screen lock.
- Encryption – this won’t touch your computer system or applications but will encrypt data files effectively blocking your access to them. The ransomware will usually offer to sell you the decryption key
The screen lock type is usually fairly simple to bypass if you have some knowledge and the right tools. However to decrypt the files you’ll need the private key which was used to encrypt them in the first place.
Which is why the hospital was forced to pay the ransom, despite the obvious problems with that tactic. Happily the decryption key was supplied and the hospital was able to recover it’s system and data with the help of some IT experts. Generally the criminals who use ransomware do honour the deal as it encourage future victims to pay.
It’s a good payday though for the hackers for what is likely to be little more than a few hours work. Attackers will generally pick soft targets with poor security to attack, so it’s unlikely it was that difficult to install the malware on their network.
For the attackers though. it’s the forensic investigation that is the most dangerous part of the crime. Covering your tracks after committing a network based attack and ransom is extremely difficult to do properly, sure you can install the malware over a Tor Connection or use a safe VPN in a remote country. However you have to maintain this level of obscurement throughout the attack, specialist investigators can glean lots of information from a variety of advanced forensic tools. The FBI and US security services are notoriously aggressive in pursuing computer criminals across international borders too.
THe internet is by far the biggest global market place that the world has ever seen, but it’s far from the fairest. Across the world one of the goals of economic development has been the operation of free trade, opening up markets across geographical and social divides. Of course, it doesn’t always work like this but to be fair in the infancy of the internet it came pretty close.
When sites like Amazon where in their infancy, it was quite simple to order from a different country with relatively few restrictions. I routinely used to order computer software and hardware from Amazon in France simply because it was often 20-30% cheaper than Amazon prices on their UK site. After a few years most of the sites blocked this behaviour and it became much more difficult to access regional versions of different web sites.
The reason that the internet has become so segmented is primary due to an economic concept called price discrimination.
Here’s how it’s defined on Wikipedia –
Price discrimination is a pricing strategy where identical or largely similar goods or services are transacted at different prices by the same provider in different markets
Basically to maximise profits, a company seeks to try and sell it’s product or service at different prices to different markets. Often this is difficult to do, simply because you have to keep these markets completely separate. Initially the internet made markets more accessible, and consumers used the technology to cross the geographical barriers – however now using a technology called geo-location the barriers are rising again.
Most commercial websites determine your location when you try and access their pages, they look up your IP address and then redirect you based on your location. So if you visit the BBC from outside the UK you’ll be redirected to the international version which doesn’t have any of the iPlayer functionality. So it continues – videos, films, goods and services blocked, filtered or offered at different prices according to where you logon to the web.
Unsurprisingly, this behaviour is not entirely popular and there are a myriad of technologies designed to circumvent these blocks with one of the simplest is by using proxies. Take for example if you want to access UK content but happen to be based somewhere outside the UK – by using an English proxy like the one in this video you can fool the website.
The basic idea is that if you route your internet connection through a proxy server based in a different location, then the web site thinks you are in that country too. Hence you can use an English based proxy to access UK content or sites, a French proxy to use French sites and so on. There are now even services which offer multiple proxies in a variety of countries which you can buy – like this.
The companies obviously are not happy with these services and indeed a ‘cat and mouse’ game of them blocking various proxies and VPNs addresses, then the providers switching IP address and data centres.
Proxies have been the ‘must have’ tool for anyone who wants unrestricted and unfettered access to the internet for years. In July 2007, the BBC launched the iPlayer application on to the internet as a ‘free catch up service’ for UK TV license payers. A few days later thousands were already accessing the service from all over the planet, many who had never even heard of a TV license fee never mind paid it.
To be fair, the BBC has always been fairly laid back about blocking access to it’s TV services. The official line has been that you can’t access without a) a TV license and b) being located in the UK, however this is rarely the case with no millions watching from all over the world – making the BBC a hugely important global media giant. A very simple proxy is all you ever needed until recently to access the BBC iPlayer service. In fact you only ever needed it until the programme started streaming to your computer, switching off the proxy was perfectly possible after the initial location checks had taken place.
Advancements have led to more sophisticated VPN based services like this one, which open up global media even more allowing you to switch your connection through a long list of different locations as you require. However there has always been one issue, the fact that all these services have been much easier to use on a computer. The fact is that we no longer all sit at a powerful PC to access the online world, now we use all sorts of different devices like phones, games consoles and a myriad of other gadgets. These devices can be difficult to use a VPN or proxy on, indeed some are deliberately locked down to prevent their use.
So there are now newer technologies which you can use to access blocked content. If you want to watch the BBC iPLayer from your Spanish residence then you no longer need to try ad configure a UK IP proxy on your Smart TV you can use this –
As you can see from this video, there is no requirement here for a proxy or connection to a VPn server based somewhere. This technology is called Smart DNS and is explained on this site, but it basically works by only routing the location based queries through an intermediary proxy server everything else just streams directly.
There are numerous advantages to this method, for one it’s cheaper as the bandwidth costs are significantly reduced. However the major advantage in this world of internet connected devices is that it’s much easier to configure on things like media streamers, smart TVs and games consoles. The reason is that it doesn’t require any client based software like a VPN, and configuration needs only a change of DNS servers. At the moment this network configuration is openly accessible on most devices and modification requires no technical knowledge at all.
It’s too early to say that Smart DNS will see the demise of proxies and VPNs certainly in the media blocking world. Certainly there are restrictions, Smart DNS provides no layer of security and it could be that it is ultimately much easier to block from the media companies themselves. We’ll have updates on the developments at thenewproxies.com though so watch this space.
SMart DNS is the innovative new technology designed to stop ordinary people getting blocked from their favorite web sites. Many of us discover these blocks when travelling or on holiday, for me it happened years ago when I tried to log onto the BBC website to watch the news and was told because I was not in the UK I couldn’t watch it. I was annoyed, I paid my license fee at home so why should it matter where I happened to be.
Nowadays it’s even more common and in fact most of the larger web sites use geo targeting or blocking to some extent. I certainly don’t think there is a big media site that allows unfettered access to their content to the whole world. Smart DNS changed this and offered an alternative to the usual fix of connecting through a VPN server. Smart DNS doesn’t route your whole connection it just filters the location specific requests and therefore has little impact on your own connection.
If you want to see how Smart DNS works – then this video illustrates how it can be used to bypass these blocks.
As you can see the only modification required is to the DNS settings on your device which is why Smart DNS is so much easier to implement on different devices like Smart Phones, media streamers and even Smart TVs. Unfortunately there does seem to be a downside which has been illustrated by the efforts of Netflix to block use of Smart DNS servers and codes.
The first efforts were successful although not completely, Netflix started to roll out updates to the various Netflix interfaces on device like the Roku. These updates hard codes the addresses of public DNS servers like Google DNS, which meant that any DNS settings you configured would be ignored as the servers were already hardcoded in the the device. This stopped SMart DNS working with Netflix and people were unable to change regions or access Netflix in a country where the media giant hadn’t established a presence. It also was rather unpopular with the owners of these public DNS servers as their servers became flooded with so many DNS requests from millions of devices.
It appeared that they backtracked and removed the static DNS entry requirements. Whether this remains the case, we’ll have to see – Many of the media giants seem more concerned with SMart DNS than they were with VPNs probably because it has the potential to be used on a much wider base of devices and even pre-installed on new hardware without the owners knowledge. Cretainly if the Smart DNS settings are set up a router like this, they’ll effect every device on that network.