Hiding Your IP Address to Watch the BBC

Every single device which is connected to the internet has an IP address.  That little network number is something that you literally cannot do without if you want to access anything on the internet.  The reason is that to communicate over the web you need to use something called TCP/IP which requires every device to have a network number in order to work.

That number might look rather generic or made up, but in fact it’s unique on the internet.  No other device anywhere on the planet has the same address as you and it’s the nearest thing to a digital identity that we all have.   Unfortunately, it is also used against us in a variety of ways ranging from the annoying to the sinister.

Now we’ve probably all seen those spy or crime solving dramas where the ‘IP address is traced’ and of course this is perfectly feasible.  Most IP addresses can be traced back fairly easily to the exact device which is using it.  However more problematic is the increasing way that this address is used to filter or make more money from us.

Your IP address is also an indicator of your nationality, at least your current national location.  If I try and access my Hulu account while travelling, I’ll get blocked because it’s decided I’m not in the USA.  However the real tribulation is losing access to the BBC the minute I’m not in the UK, this is a major loss!

Now the reasons for these restriction vary from channel to channel. Hulu places restrictions probably because it has the broadcasting rights for a specific country and if you move outside this area they’re not covered.  The BBC used to be quite relaxed about allowing it’s content to be visible from anywhere but they got very strict a couple of years ago.  Yet there’s no need to worry although these channels use our IP address against us, you can actually take back control and watch whatever you want irrespective of your location.

As you can see in this video, it is possible to watch all the BBC programmes online from anywhere including Australia. You can do this by hiding your real IP address and showing a false one instead. There are many methods of doing this, however most of them involve hiding your true location by routing your connection through a server based in the correct country.

These server are called proxies or VPN servers and there are two main requirements for them to work properly. Firstly they must be undetectable, and secondly they need to be based in the location your pretending to be from. So if you want to watch the BBC then you need a UK server, for US channels you need one somewhere in the USA. There are variants of course, and a new system called Smart DNS is one of them which is becoming increasingly popular.

If you’re outside the UK, missing the BBC and want to see it in action then check out this post – Watch BBC Abroad for Free – Trial Offer which gives you 14 days to try it out. Unlike the normal VPN solutions it’s actually very simple to set up as all you need to do is modify your DNS servers. On most devices this is relatively straight forward and even means you can set this up on smart TV and phones.

One things for sure, when you take control of your IP address you regain a huge element of control when you’re online.

How to Activate Hotstar in UK or USA

For those of us who grew up with the internet or should I say grew with the internet then the increasing amount of filtering and censorship is somewhat worrying. I remember it wasn’t always the same. A memory comes to mind of about 1997 firing up my 486 computer, clicking on that connect button and listening to my 14.4k modem beep and click as it made my internet connection. There was still that excitement and wonder of connecting to a different world, a little device which enabled free communication with people from across the planet.

I was looking for information about ailments on elephants for one of my students in my internet class. They worked in a local zoo and were worried about one of their elderly elephants. The world was nowhere near as connected as it is today and it was thought that the internet may help. We first logged in using a telnet session to the University of Wales online database, no real restrictions or passwords as I remember. Just free open access to a useful information portal. Then we found email addresses and even a newsgroups frequented by vets, biologists and various Zoo type people. In all we found the help he needed, and boy did it feel good.

Although now it’s arguably easier to find your way around the internet, it’s also becoming increasingly frustrating. In the last few years it seems I’m forever getting redirected or messages telling me that something’s not available due to my location. In the Internet I remember, location didn’t matter – this was a virtual, digital world where everyone is equal.

Wherever you go online you seem to be confronted with barriers now – take this screen which you receive if you try and visit the Hotstar site, a wonderful Indian media broadcaster.
Activate Hotstar in UK

I went there mainly for the sport, there’s a huge cricket session including the IPL coverage.  Also if  you want to watch Premiership football without being conned into a massive Sky or BT package, the Hotstar has rights at least it did last season.  Yet again I was frustrated as the whole site is only accessible if you have an Indian IP address,

Now I’d normally use Identity Cloaker to bypass these blocks but they don’t actually have any Indian VPN servers so it wouldn’t work.   However there are other options and I thought I’d try out a Smart DNS solution instead, to be more specific the 14 day free trial from Smart DNS Proxy .  It worked wonderfully as you can see in the following video which is hosted currently on YouTube.

As you can see it’s pretty much transparent after you set it up, certainly more so than using a VPN which needs to be connected while you’re accessing the Hotstar site. The other big advantage is that because you don’t stream the entire connection through the VPN server you don’t have that extra hop to slow you down. The other speed boost over a VPN is that there is no layer of encryption to slow the stream down either. Now obviously this means that it adds no security at all, but it could be argued that it’s not really needed if you’re just streaming video.

There’s another post about accessing the site here – How to Watch Hotstar in the UK. As you can see it works perfectly and seamlessly in the background. I am starting to see the benefits of using these Smart DNS systems too as I was able to quickly configure my NVidia Shield with the same DNS settings so I could watch using that.

Works a treat, and Hotstar is brilliant fun – it’s also worth checking out the various documentaries and news programmes many of them are in English. Gives you a whole new perspective of the world to be honest.

Why Travellers Should Always use a VPN

Most of us now consider a VPN service as an essential tool for doing anything online.  If you travel and use access points in places like hotels, cafes and airports – using a VPN is pretty much essential.   If you don’t then it’s almost inevitable that at some point you’ll be the victim of some sort of cyber crime.

One of the main issues with these free Wifi points is that they are nearly always installed and configured with someone with no comprehension of computer security.  Indeed many surveys have found a huge proportion of these devices are installed with default settings. Only the larger chain organisations are likely to have some dedicated staff able to configure these properly and even then this isn’t often the case.

Think of all the places you use free internet access, who supports the connection do you think?  Who would you call if there was a problem?  In most cases the information would be very hard to find as they are probably installed in flying visit then some vague telephone support at the end of the phone.  In smaller organisations it’s often the dreaded – ‘friend who knows computers’.

It’s why all these access points are so tempting to identity thieves and cyber criminals.  Here’s just a small selection of the major issues:

  • Central Access Points used often by hundreds of people to check secure sites like email, banking, paypal etc.
  • Often poorly configured with low security.
  • Allow access to intercept all sorts of data using Man in the Middle style attacks.
  • Allows anonymity for attackers who don’t even have to present if they hack into the router.

They’re certainly a huge attraction for organised identity thieves for example who can steal all sorts of data if they are able to hack into the router. The other popular method is to simply set up a free internal access point in the same location and give it a similar name. Setting up this somewhere near a hotel lobby or coffee shop means you can steal peoples details while they browse. This attack is often known as the “evil Twin” attack using a bogus access point.

If someone compromises an access point or gets you to connect to a fake one then your data is in real trouble. Forget about SSL or HTTPS all these can be bypassed if they have control of the access point you’re using. Pretty soon the cyber criminals can have emails accounts, banking details and all sorts of personal details.

Your only hope is to add your own personal layer of encryption which protects account names and details – for this you need a VPN. Now over the years many people have been using proxies and VPNs for a variety of reasons. However for people travelling then the overriding priority should be security. The best VPN for BBC iPlayer might not be the best VPN to keep your internet connection secure for example.

Many people use Smart DNS systems to bypass geo-blocks on popular media sites however these should be avoided. Although they can work for bypassing blocks they offer no security whatsoever and there is no encryption layer added to any of the connections. The Smart DNS services are not secure nor where they designed to offer any online protection.

The same could be said for all the specialised proxies you see for sale too. Although a proxy will hide your identity to some extent from the website you are visiting and your ISP. It will offer virtually no protection against any other sort of middle man attacks. Even some of the highly specialized ones used for merchandising bots don’t really help. You can invest hundreds of dollars in the best rotating proxies you can buy, yet without an encryption layer you are still vulnerable.

Fortunately there are some VPN services which offer the best of both worlds. Firstly avoid those who sell themselves as TV watching services, they won’t take the security side seriously. They’ll also likely have slower servers as all the users will be constantly streaming video through them. Look for companies who stress the security of their system, make sure they don’t keep logs and have proper grown up responses to privacy issues.

Choosing the Right ISP for your Needs

Obviously the choice you have for your internet connection varies depending on numerous factors. In many areas especially in the remoter regions there is little to no option available, so you’re left to take whatever you can. However fortunately in most areas at least of the more developed nations there’s a decent choice of both Internet service providers but also individual plans that they offer.

If you live in a large city in somewhere like the US or the United Kingdom you’ll have the benefit of lots of different options, speeds and prices to choose from. The more competition there is the better the options are likely to be although, being in a rural remote area will also impact this factor significantly.

So if the range is largely dependent on your location then you’d think choosing the right plan would then be fairly straightforward. After all if you can check things like price and speed then it would appear fairly easy to compare and choose the best ones. However this is not always the case and often the consumer will only see a proportion of the available internet plans. This sounds strange but the reality is that most ISPs have two distinct sales departments one for home customers and another for businesses. What’s more these departments will also have two separate offerings as far as internet plans go one for business and one for the home users. However in most cases there’s no issue about which plans you choose whether you have a trading company or not.

Now business plans will for the most part be more expensive than ordinary residential plans. However there is a reason for this and that’s mainly because you’ll find better speeds, lower contention and much more responsive support. You might see similar speeds promised across different plans but usually these will be figures that promise speeds – ‘up to’ a specified range. In reality the business users will consistently see much higher speeds than the residential users simply because less people will be using the same lines.

Remember you don’t need to run a business to invest in a business plan, and sometimes although they look more costly they can often be much better value than the residential offerings. Of course many people now often run part time businesses too, perhaps running a YouTube channel or buying and selling on eBay, Gumtree or Amazon. This may be an even bigger incentive to invest in one of the better business subscriptions to ensure that you maintain access to the internet on a consistent basis.

There are other things to consider though especially if you run some sort of business on the side. One of the considerations is something that many people don;t even consider and that’s the classification of your IP address. With some ISP plans this classification changes depending on which plan you use, so the business customers have business IP addresses and the home users residential ones. This can possibly be important as in some areas, access from a commercial IP address is restricted. For example the media giant Netflix blocks access from any business registered IP addresses in order to block people circumventing their geo-restrictions. You can learn a little bit more about the differences between residential and commercial IP addresses in this site – http://residentialip.net/ and there are many other resources too.

THe issues is that business plans although often faster are focused more on workplace and web hosting. So although speeds can be better there’s often less flexibility for ‘normal web browsing’ mainly because of the commercial IP address.

Further Reading: Using Residential Proxies

Interpreting the Use of Digital Identity

At the center of this service-oriented economic state are network-based, automated operations. Automated purchases are definitely essentially different than the operations that transpire within the physical world. The moment I stop by the convenience store in order to purchase a snack, I can easily switch money for peanuts. Unless the clerk happens to know me, the transaction is confidential. In contrast, in the service– oriented economy, confidential transactions are scarce, simply because delivering service immediately generally implies that you have so as to know something pertaining to who’s receiving the service, otherwise their names, then at the very least their choices or other attributes.

This identifying data is commonly transmitted digitally, across the network. Inside a service-oriented economy, electronic identity matters. Naturally whenever we talk about the service-oriented economy, we’re not actually merely talking about e-commerce. Take note that my example with the convenience store involved a tiny cash transaction. Nevertheless imagine the identical situation, with the exception of this time around I utilize a debit card, credit card, or check. Throughout any of those scenarios, I’ve invoked a network-based monetary service as part of the overall transaction.

Network-based support services are as pervasive in transactions that take place in the physical world as they are in online interaction and communications. In an automated, network-based service, I have in order to know who you are in order to offer anyone accessibility to my service. Since these particular services are significantly delivered over electronic digital networks, businesses really need trustworthy, safe and secure, and private means for producing, storing, transmitting, and employing digital identities.

Network-based, automatic services are not only delivered to customers, workers, partners, and providers also interact along with the company via services. In a lot of cases, anonymous service is impossible or undesired, and as a consequence, digital identities must be assigned and managed. In addition to determining clients in order to sell them services, business have an increasing need to identify employees, systems, resources, and services in a step-by-step way to create business agility and assure the security of business assets.

This is being made increasingly complicated by the global marketplace and transactions stretching across national boundaries.  For example there’s nothing to stop someone from France making digital transactions with a US or UK firm.  Normally these can of course be identified by their is a further complication if the individual hides their location perhaps by using something like a UK VPN connection.

Using Digital Identity

Digital identity is generally the lynch pin within every of the activities we have actually just discussed, along with a wide assortment of other activities important to business. For this reason, exactly how your organization manages digital identities will have a great influence on whether you are continuously dealing with issues brought on simply by a lack of attention to taking care of identity, or whether you are exploiting opportunity enabled by a flexible and rational digital identity infrastructure.

Additional – http://www.iplayerabroad.com/2018/03/30/watch-uk-tv-online-vpn/

Using Your VPN – Apprendre le Français

You might think that VPNs and proxies are just technical tools only useful for geeks and nerds, but that’s not quite the truth.  Well it’s partly true but the reality is that a VPN offers something much more than an encrypted connection between two computers.

Although initially the original and primary reason for a VPN to be used is security nowadays it has arguably a  more important role – to bypass blocks and filters.  You see every single one of us has access to a ‘restricted’ version of the internet.  Not one of us has equal access to each other when we’re online.  We all use a regionalised version of the internet where some sites are blocked or filtered depending on our locations.

Of course, the extent of these filters varies greatly depending on your location. It’s fair to say that European access is way more extensive than connecting from Thailand , China or Turkey for example.   Most countries operate some sort of restrictions, in most democratic nations it normally revolves around criminals sites.  However other countries will extend these blocks to include all sorts of political, religious and moral restrictions, for example many gay rights and atheist sites are inaccessible online from Turkey.

A VPN offers the potential to bypass all these blocks and filters with relative ease and you can decide what content you are able to access irrespective of your location.  The reason this works is that the VPN stops most content filtering methods from working.   There’s another sector of websites that restrict access but these are generally down to copyright or licensing issues.  Most large media sites operate these blocking access from countries outside their domestic market.

Which means that many of the best, most informative and interesting sites are restricted to the location they are based in.  Sounds crazy doesn’t it – a global network like the internet slowly being segmented and filtered.  However not if you have a VPN, all these sites can be available irrespective of your location.

Let’s take an example, perhaps you’re learning French but because you’re based in the USA.  Lots of the French and Canadian French TV and educational sites are inaccessible from a US IP address.  Same goes for other media sites in different countries, your access is only not restricted to sites based in the USA.  However the VPN opens up that access, so you can watch online TV stations in France like M6 Replay or indeed any sites from anywhere – such as BBC iPlayer France!

So studying French, want to practice your vocabulary by watching The Simpsons dubbed into French – then make sure you connect to a VPN server based in France.  Want to try out the BBC educational content and programmes switch it to a UK one and so one.

Further Information: Streaming UK TV 

Accessing Blocked Content in France

Like many websites particularly those in the media sector, the French TV site M6 Replay is only accessible from domestic connections.  If you access from inside France then you’ll have no problem at all but if you are in a different country and try to access M6 Replay then you’ll get blocked from most of the video streams.

These sites often block access or filter their content for a variety of reasons.  Much of it is to do with copyright issues, that their programmes are only licensed for a specific country or region.   Other reasons are usually focused on maximizing profit by selling broadcasting rights separately to other organisations or media companies.    If you access any media site in any country you’ll normally find that the functionality is restricted primarily to it’s home market.

The method for enforcing these restrictions are however usually very similar and involve determining the location of the connection.   This is normally done by looking up the IP address of the incoming connection and looking up the country of origin.   These can be determined from vast databases which map all registered IP addresses to their corresponding countries.  So a connection from Canada would be mapped to a Canadian IP address and so on.

This is the standard method for controlling, filtering and restricting access – often known as geotargeting or geoblocking.   It means that in order to bypass these blocks and gain access to these sites irrespective of your actual location then you need to gain some control of your IP address.    Unfortunately it’s not actually possible to change your address as this is allocated directly from the ISP where connect to the internet.  These are always locked to the specific country, so you’ll get the address based on the country you’re connecting from.

There is a method though which can unlock any website irrespective of your location – here’s a demonstration:

As you can see the way to bypass these checks is to hide your real IP address by using an intermediate server to route the connection. So to access the M6 Replay site from outside France you need to relay your connection through a French proxy server.

As long as the server is configured properly then the website will only see the IP address of the proxy server and not the actual client. Developments in this areas have included the use of VPN (Virtual private Networks) which are even more difficult to detect than proxies. Furthermore the VPN connection is encrypted so it’s more secure than using a simple proxy server.

TCP Configuration: Windows Scale Options

There are many ways to configure the way TCP/IP operates on specific networks.  Some of these parameters are rarely used but when you’re running fast Gigabit networks with a wide variety of network hardware and infrastructure some options are extremely useful.  One of those is the Windows Scale option which can be used to modify the definition of the TCP Window from it’s default of 16 bits.

For example in some environments it may be appropriate to increase the size of the TCP windows to 32 bits.   What actually happens is that instead of changing the size of the header to allow the larger windows, the header still holds a 16-bit value.   However an option allows a scaling parameter to be applied to the value which allows TCP to maintain the actual value of 32 bits internally.

The option for scaling can only appear in the SYN segment of the transaction which means that the scaling value by definition will be fixed in both directions when the connection is initially established.   In order for window scaling to be enable both ends of the connection must include the option in their SYN segments.   It should be noted thought that the scale option can be different in each direction.

There are methods for allowing suitable communication between different levels of hardware.   For example the scaling factor can be reduced by sending a non zero scale factor which cancels the scaling if a windows scaling option is not received in the return SYN.   This behaviour is specified in the relevant RFC which specifies that TCP must accept these options in any segment.   This includes all sorts of of connection remember these can be across wide areas, imagine a US IP address connecting to a Netflix server on super fast hardware.   However it should also be noted that TCP/IP will always ignore any option that it doesn’t understand.

For illustration, if the windows scale option is being used with a shift count of X for sending and Y for receiving.  This would mean that every 16 bit window which is advertised would be left shifted by Y bits to obtain the real advertised window.  So every time a windows advertisement is sent then we’d also take the 32 bit windows size and right shift by X bit to discover the real 16 bit value which is in the TCP header.

Any shift count is automatically controlled by TCP, which is because the size of the receiving buffer is important and cannot be controlled by the other size of the connection.

Further Reading

TCP Tricks, receiving BBC iPlayer in France – http://bbciplayerabroad.co.uk/how-do-i-get-bbc-iplayer-in-france/

 

Networking Terms: LAN

LAN in networking terms stands for Local Area Network and it refers to a shared communication system that many computers and other devices are attached.   The distinction between this and other networks is that a LAN is a network limited to a local area.

The first recorded use of LANs where in the 1970s, where they grew from the very first basic networking setups.  These consisted of two devices connected by a single network wire much like a child’s string and paper cup model designed to mimic the telephone.   Computer scientists started to think why limit to two devices when the same cable could theoretically connect multiple devices.   There were complications though, and possibly the most basic was finding a mechanism that ensured that multiple devices didn’t use the cable at the same time.

The methods used to ensure that use of the cables are shared properly are called ‘medium access controls’ for self explanatory reasons.  There are a variety of these ranging from allowing workstations to announce their communications to a central device which controls access and allocates bandwidth as required.  In some senses in the same way an individual may buy uk proxy access in order to route their connection privately whilst hiding their own IP address.

Although LANs are normally restricted to a smaller geographical location there are actually different topologies.   The simplest and originally was the most common is the liner bus and the star configuration.   The linear bus involves a cable laid throughout a building from one workstation to another.  Whereas the star configuration has each workstation attached to a central location or hub connected by it’s own specific cable.  There are pros and cons to each configuration and in fact if you use the most popular networking medium ethernet you can use either topology.

A local Area Network is actually a connectionless networking configuration. That definition is important and actually means that once a device is ready to use the network to transmit data it simply releases the data onto the cable and ‘hopes’ that it reaches it’s destination.    In this basic setup, no initial process involves ensuring that the data reaches it’s recipient nor is there any check to see whether it has been received.

When data is transmitted across the LAN it is packaged into ‘frames’ before being dispatched.  At the basic hardware level, each frame is transmitted as a bit stream across the wire.  Every single device connected to this network will listed to the transmission although only the intended recipient will actually receive the data.    Normally this is the case but it is possible to transmit on a multicast address which specifies that all devices on the LAN should receive the data. Other higher level protocols will actually package the data further into datagrams examples of these are IP or IPX.

Further Reading:

Network Troubleshooting – Which Smart DNS Still Works with Netflix

RSVP (Resource Reservation Protocol)

There is no doubt that TCP/IP has transformed our computer networks and played a pivotal role in the expansion of the world wide web, however it is far from perfect.   RSVP is an Internet protocol designed to alleviate some of the issues with TCP/IP particularly regarding delivering data on time and in the right order.  This has been always one of TCP/IP’s biggest shortcomings – it’s ‘best effort’ IP delivery service has no guarantees.  Whereas TCP which is connection orientated does guarantee delivery but gives no assurances on the time it takes.

Guaranteed on time delivery is essential in many of the modern day applications particularly over the internet – especially those including voice and video delivery.  Indeed most web sites involve large amounts of video and voice data which require fast, reliable and timely delivery whenever possible.  If anyone has tried streaming or downloading from applications like the BBC iPlayer like this for example they will know how frustrating slow speeds and missing data packets can be.

The issues are well known and RSVP is an attempt to provide a suitable quality of service for video and voice delivery particularly across the internet and other large TCP/IP based networks.  The way RSVP works is to reserve bandwidth across router connected networks.   It does this by asking each router to keep some of it’s bandwidth allocated to particular traffic flow.  In some senses it is an attempt to add some of the quality features of ATM to TCP/IP in order to facilitate the changing requirements of modern day networks.

RSVP is one of the first attempts to introduce a quality service to TCP/IP but many vendors are looking at introducing many other options too.  Most of them focus like RSVP on reserving bandwidth however this isn’t always an ideal situation.  The obvious issue is that if you reserve network capacity for specific traffic or connection then the amount is reduced for all other users and applications. Some of this issue has been mitigated by  the increase in capacity of both corporate networks and the connections for individual users to the internet.

RSVP works by establishing and maintain bandwidth reservations on a specific network so it’s not a WAN or wide area solution normally. The protocol works from router to router setting up a reservation from each end of the system. It is primarily a signalling protocol not specifically a routing protocol.  If a specific router along the connection cannot provide the requested bandwidth then RSVP will look for an alternative route.  Obviously this only works if the routers have RSVP enabled which many currently do to support this process.   Applications can also use this feature by making similar requests.

Further Reading:

Watching UK TV in USA – a study in optimizing video streams using QoS enabled routers.