shacris takijah padget

0 views
Skip to first unread message

Heidi Hall

unread,
Aug 2, 2024, 8:29:18 AM8/2/24
to nabarbductland

2) You are using a proxy, some specialised ISPs offer this as a value-add (but more likely someone you live with set it up). ping www.netflix.com and android.nccp.netflix.com and see if the IPs returned are not what you get at work. You could try an IP "whois" and a geoip lookup on those IPs to see if they are owned by AWS and are in the same country respectively. Of course so may be the proxy. Check what your dns server is set to (ipconfig/ifconfig), is it your router or an IP from your ISP?

I found an interesting article that suggest that Netflix is now using some kind of delay detection for proxy and VPN as those type of connection usually add some latency. Let say that for a particular region Netflix should expect a specific delay and for whatever reason this is not, a false positive may occur.

I had those issues and most of the time my internet connection was saturated because someone else in the house was doing big download or also listening video streaming. Stopping the download resolve the proxy error on my netflix session.

I am using Vyatta as a router, but after some trial and error determined having the proxy on but not the url-filtering worked (which is what you also determined). I also determined that no matter what rules I had, if squid guard was running I was not able to use netflix on apple tv.

If you are reading this then I assume you are one of those unfortunate Netlix, Hulu and Co. users who does not live in the US and is upset that you are treated like a second class citizen by those companies? Well, you're damn right to be upset because you know you're paying the same amount of money as other users but getting a lot less for it which is just not fair. You are being discriminated because you don't live in the United States of America and the money in your pocket does not hold a picture of George Washington. It's a bloody pain and if you ask me it's an absolute disgrace that we still live in a time where we have to deal with those types of problems.

I don't even blame Netflix & Co. because these guys already get our money and they would be more than happy for us to watch whatever we want. It's some outdated laws and regulations made up by some poor souls in the content industry who force us into this miserable situation. Now the problem is that the internet is a global place and certainly does not know any borders. It has been the biggest motor of new economic growth for the last couple of decades and made the world a much smaller place than it used to be. If the internet has taught us one thing then it is that anyone can have anything, anywhere in the world with an instant effect and anyone who wants to convince us of the opposite is a dinosaur on the losing track. Patience and borders is a forgein concept which does not exist in the vocabulary of new generations, and that is for a good reason. They are impediments to innovation, growth and evolution.

Obviously the case is not as simple and clear cut as I make it sound, but it doesn't change the fact that there is a lot of stuff going awfully wrong at the moment and I feel like there is a lot of effort being made into the wrong direction. Instead of embracing the internet's full potential of global reach, companies are investing money and technology into setting up virtual borders and building detection software for people who violate those. While everyone else is making great steps forward, the media industry is desperately trying to stay resistent and not adapting to the new economy at all.

You probably know that one popular way of circumventing content restrictions is by streaming media via a VPN or proxy server. Every device which is connected to the internet has a so called IP Address. This address allows content providers to establish your geographic location and serve you a tailored view for your country. By using a proxy server you can pretend to be in a different location and trick a provider into serving you a much better offering than you would usually get. The concept is simple. Instead of streaming directly from Netflix & Co. you connect to an intermediate server, which is geographically located in the country of your desire and let that server stream the content for you on your behalf and forward it back to you. Sounds good in theory, except that Netflix and Co. have ways of detecting this spiel and will block you if not even cancel your account.

The fact that they can do this is quite clever, because it is certainly not an easy thing to do. I don't know how they exactly do it, but there is some basic theory which might give us an idea how they detect whether you are using a VPN or not. First of all they are probably collecting a growing list of IP addresses which they know belong to popular VPN and proxy services. Those IP addresses get simply blacklisted and blocked. Another way of detecting proxy services would be by monitoring the amount of users connecting from the same IP address over a period of time. If you've got hundreds or thousands of users streaming from the same IP address then chances are high that this is a proxy server. Of course it could be a bunch of people streaming from a Starbucks, but even a Starbucks has to close its doors at some point in the day. A genuine user is probably going to work sometimes or at least has to sleep. If you detect streaming behaviour from an IP address which doesn't fit with normal human behaviour than it might be another indicator for dodgy activity. Now I am not saying that this is what Netflix does, and I am sure their detection system is much more sophisticated than this, but I want to share some ideas which demonstrate that detecting a VPN or proxy server is not always an impossible task.

So what can one do to trick those detection systems? Well, you'd have to stop sharing proxy servers for a beginning and make an IP look as normal as possible. Luckily setting up a private proxy server is really not that difficult and can be super cheap as well. As a matter of fact you can set up your own private proxy server entirely for free and I am going to show you how!

Alright so you know Amazon right? It's the book shop which doesn't sell only books anymore. If you are a regular reader of my blog then you might know what I am going to say now, but if you are a non techie who came across this blog post through some other channel then you might be surprised to learn that Amazon was the pioneer of cloud providers. They are not only the largest, but also the most mature cloud operator in the world at the moment. Amazon is doing such a great job that Netflix runs its entire infrastructure in the cloud provided by Amazon.

The reason why I am telling you this is because Amazon's cloud has been so successsful that they are going mainstream by making cloud services easily available to anyone, people like you and me. If Netflix can deliver the latest season of House of Cards to the entire world with the help of Amazon web services, then surely we can host one tiny proxy server in the same cloud as well and circumvent their detection software, right? Yes, we can.

Let's start off with some good news first. Amazon offers a 12 months free tier for new subscribers to their web services. This is an amazing offer and exactly what we are going to use to set up our private proxy. If you ask yourself what happens after those 12 months then wait until the end of this blog post.

The first step lets you choose which image (AMI) to use for your new instance. An image is a snapshot of a pre-installed server. This allows you to create a new server which already has an operating system and other software installed so you don't have to do it manually each time.

On the third step there's a bunch of information available, but luckily the default values are exactly what we need and you don't have to change any of them, except one thing. Scroll down to the bottom and expand the Advanced Details section by clicking on the little arrow next to it:

You will be presented with a text field which can be used to specify additional commands which will run when launching the new EC2 instance. We will add a few commands which will automatically install and configure the Tinyproxy software. Tinyproxy is a free and open source proxy server for POSIX operating systems.

This is an important step, because by default Tinyproxy does not allow any connections other than from the host itself. Therefore we need to configure who is allowed to connect to the proxy server and because we want to keep it private you will enable your own IP address only. Make sense?

This is the last important step during the configuration. Here we configure which ports will be open on the new instance. If this is the first EC2 instance you are going to create then you are likely not going to have any existing security groups set up yet.

By default the wizard will create a new security group for you and add one rule for port 22. This is the default port to SSH into your EC2 instance. Normally as a system administrator you would want to keep this port open, but for the simplicity of this setup we can overwrite it. We don't really need to SSH into the instance and if you really want to you can always edit the security group afterwards.

In the drop down select Custom TCP Rule and enter port 8888 into the Port Range field. Why port 8888? Because this is the default port which Tinyproxy listens to. Under Source pick the Custom IP option and enter your IP address in the field next to it and append "/32" to the end:

Almost done now! The final step is to create a private key pair. The private key pair is something you would need if you wanted to SSH into this instance, but as I said before, for the simple purpose of a proxy server you don't need to do this and therefore I will not go into any more detail. Just make sure you type in a meaningful name, something like "AWS Default Key Pair" or "AWS Proxy Server Key Pair" and hit the Download Key Pair button. Save this file somewhere in a secure place and keep it secret!

90f70e40cf
Reply all
Reply to author
Forward
0 new messages