Category: News

IP Address Mapping Hell in Kansas

Is there such a thing as a ‘digital hell’ well although it sounds like some sort of melodramatic media headline, one couple in Kansas could arguably have been living there for several years.

Everything that is connected to the internet has an IP address, every computer, laptop, tablet or smart phone needs some sort of address in order to communicate on the world wide web. Tracking, mapping and filtering these addresses is big business and many companies have sprung up providing accurate information on the IP address attached to your device.

Obviously knowing the location is one major part of the puzzle and there are several services for looking up the physical location of an IP address. You can have a look here at where your IP address appears to be located – https://www.whatismyip.com/ – did it return your correct location?  Sometimes these can be very accurate, the information sourced from companies like MaxMind has been built up over many years through a variety of methods. The information is used for a variety of reasons, from targeting advertising to region locking and filtering used by companies like Netflix

Sometimes, however this information is not very accurate at all  but sufficient if you just want a specific country or region. However when a company like MaxMind have no relevant data on an IP address they will tend to resort to assigning a default location. For example if they have no further information other than country is USA, Maxmind will return a default location – the geographic center of the United States.

ipad-632394_640-1

Sounds logical? It is until you realise that located in the geographical center of the US is a small farm in Kansas owned by James and Theresa Arnold. Furthermore there are quite a few IP addresses which are registered to this ‘default location’ – specifically just over 600 million addresses.

Now it might seem that this isn’t really a problem, but unfortunately this is not the case. These 600 million addresses are real and being used online all the time – and of course with such a huge volume some of these addresses are being used for all sorts of activities. Spammers, hackers, cyber crime, terrorists, pedophiles are all using these IP addresses online and when anyone tries to investigate their location – they are directed to this small rural farm in Kansas.

For years the couple have been subject to all sorts of accusations – they’ve had visits from law enforcement agencies, public officials, ordinary people who’ve been crime victims and have tracked the IP address back to the Arnold’s home address. You can imagine the volume when even a small percentage of 600 million addresses are used for criminal purposes.

It’s not the only situation like this, there is a house located at the end of a cul-de-sac in Ashburn, Virginia which has similar problems. The town itself is the home to several huge data centers and server farms, all with registered commercial IP addresses – the house was unfortunately given as the default location for millions more IP addresses with similar results – strange accusations and police raids being a common occurrence.

Fortunately there should be a happy ending for both these parties as the ‘default locations’ for unknown IP addresses is being changed to non-residential addresses such as the middle of a lake! The Arnold’s though are unsurprisingly also seeking some financial compensation for the distress and inconvenience over the year, and you can hardly blame them!

The Big Business Hackers

When you imagine a team of highly skilled hackers attempting to make money, most people will probably think of some criminal exercise of exploitation, cyber crime or extortion.   You certainly wouldn’t think of the stock market or investment firms profiting directly from this sort of enterprise – yet it seems this is exactly what is happening.

Hacking is going mainstream and it looks likely that there will be a lot more profit going legitimate than through the standard ransom or blackmailing routes.   Others will perhaps argue that these new methods are pretty much the same as the criminals use.

The story arises from the tactics of a company called MedSec a cyber security firm which has recently started up.  They investigated a range of hospitals and medical hardware for potential security issues and identified one medical devices company to be at particular risk – St Jude Medical Incorporated, more specifically the pacemakers and defibrillators they make.

At this point MedSec faced a classic, traditional ‘hackers dilemma’ – you find a serious vulnerability – what do you do?   For the ethical hacker it often represented a difficult choice particularly if a little digital trespassing was involved.  Many individuals have found themselves behind bars after attempting to inform a company or organisation about a vulnerability in their software or network, while some have been praised and rewarded.   The MedSec guys though have a plan to inform and profit at the same time, although the ethics seem fairly dubious to many.

They approached an investment firm run by Carson Block called Muddy Waters Capital LLC with their money making initiative.   The idea was unusual, MedSec team would prepare all the evidence demonstrating the problems with the medical devices, however before making this public the investment company would take out a short position on the parent company of St Jude Medical.    Basically they would both make money if the share price fell in response to the negative news.

Sounds like insider dealing? Perhaps, although it is assumed legal advice was taken before this unusual tactic  – here’s a MedSec representative justifying their tactics.

Convinced? Nope me neither, I suspect they may be in trouble for using this tactic. Where will it end ? The false concern about patients using these medical devices to try and justify their money making scheme was particularly hard to believe. Currently the tactic seems to have paid off though with the share price falling significantly and presumably making the ‘short’ position profitable.

Activism or Sensationalism – Erdogan Emails

It’s a pretty turbulent in Turkey at the moment, with many people genuinely worrying about it’s future as a democratic republic.  The failed military coup has ignited all sectors of the country and President Erdogan has seized the opportunity to round up his enemies and imprison them.

So it’s obviously a pretty dramatic time for WikiLeaks to release what’s it’s calling the Erdogan Emails which it says is leaked from the AKP, the ruling party in Turkey.  There are approximately 300,000 which are being released in stages, you can find them on the WikiLeaks website in a searchable database.

turkey-953415_640

The response has been predictable, the WikiLeaks site has been blocked in Turkey and the activists around the world have shouted and tweeted about the censorship of the Turkish Government. Although people in Turkey are well versed in the use of Open DNS, VPNs and proxies so this has very little effect.

They are of course right, but it doesn’t take much for the Turkish authorities to start banning stuff, in fact it doesn’t mean anything in itself.  Which in this case seems to be the problem, this leak doesn’t seem to actually contain much more than personal information of ordinary Turkish women.   I have had a decent look and found nothing but apparently others have been combing through this stuff for days without finding anything vaguely relevant to power (and/or the abuse of it).

There is however a lot of personal private information of ordinary Turkish voters such as the home addresses, phone numbers or women in most of the Turkish voters list.    Also identifying information such as the Turkish Citizen ID whether they’re in the AKP and similar – in truth it’s the sort of information of much more use to Identity thieves and stalkers than freedom fighters.

There is no doubt that this information could be used to cause significant damage to innocent individuals, so was WikiLeaks right to publish this?

It’s easy to argue the case that WikiLeaks isn’t responsible for deciding what is or isn’t released. Plus the resources needed to individually check and verify the data fully is probably beyond the organisation. However surely there should be some cursory checks before releasing the personal details of so many innocent Turkish women. It really is difficult to get passed the mundane and personal feel to these emails, much of it just simple correspondence from Turkish citizens.

The reality is that the information was probably already available before WikiLeaks released it, including all the people likely to try and exploit this information. The opposite argument suggests that once information is already released then it’s best for as many people possible to be aware, the victims are better forewarned than ignorant.

Overall though I think an organisation like WikiLeaks should be careful that the information released is in the public interest, perhaps we might find something in the coming months in these emails too.

Security Concerns of Pokémon GO

There’s a certain virtual reality type game that’s causing quite a stir at the moment, it’s called Pokémon GO and in common with anyone over 40 years old – I think it’s utterly pointless. However I seem to be in a minority and there does seem to be some upside – my son actually voluntarily walked the dog yesterday, I feel the need to add exclamation marks to this statement but instead here’s a picture which perhaps illustrates better ….

pokemon-dog

Yes of course he didn’t actually want to walk the dog he went searching for these virtual, cartoon type things with his phone.   Look carefully as you go about your business and you’ll notice these Pokemon hunters blindly walking into street signs, busy roads all the time transfixed by their phones.    Reading up in the papers and online there are stories of people walking off cliffs, being mugged and even finding corpses whilst engaged in Pokémon GO.

So here’s some brief security tips on playing safely:

  1. Download from a trusted source: There are bound to be dodgy or malware filled copies of the game floating around all over the internet, don’t be dumb download it from a reputable source. Go to Google Play or Apple App store, search for the application and select the one with millions and millions of downloads. Seriously it might be slow but you should be ultra careful installing anything which has access to your GPS.
  2.  Remember GPS: Your location will be tagged and marked, if you want to remain incognito or simply want to keep your location discrete don’t play.
  3.  Keep your Privacy: Don’t log into the app with your main account. Don’t log in with your main gmail, google or Facebook account you will be releasing your personal information to the app owner who can of course tie it into your physical location using the GPS data, too creepy – use a throwaway account or login directly.
  4. Play Safe: Don’t wander around dangerous places you are unfamiliar with, staring at your phone like an idiot waiting to be mugged. Be sensible and keep to safe and public places, don’t trespass or climb into private property – imagine how sad you’re going to look when the police are called.
  5. Everyone Can See Pokestops: Be especially careful when using Pokestops, try to go with a friend or group. Don’t visit them late at night in remote places, people have been mugged or robbed at these locations.

There will inevitably be some stories of bad stuff happening to Pokémon GO players. However in reality bad stuff happens to people all the time, although stupidity does increase your chances. I suspect it will eventually get taken off the market when a series of law suits arrives from Pokémon GO related incidents. At the moment though it’s at least trebled my teenage son’s activity level, my dog walking duties have been reduced and well all these kids seem to have a smile on their face for a change – so enjoy.

Finding a US Netflix VPN

There is something of a battle going on across the internet and it looks like it’s going to continue for a long time.  On the one side are the media giants of the internet, companies like Netflix, Amazon, BBC and Hulu who supply streaming media services to millions across the planet, on the other are the users of these services who use the better VPN services when they access the internet.   The growth of the VPN (virtual private network) has been pretty incredible, once they were primarily used for very high security connections such as people dialing back into corporate networks to access confidential servers.  Nowadays millions of people use them for everyday browsing and accessing secure sites online, they also use them to bypass the various blocks and filters which have been established by the media companies – but what is really the a good US Netflix VPN.

This is a big problem for the media companies, many of whom have very specific licensing agreements which allow them to broadcast in specific countries.  This however has led to huge disparities in the service offered across different countries – the Netflix service in some countries offers a very small proportion of the movies and shows available in US Netflix for example.   Not surprisingly people use VPNs to allow them to switch to the better services, in fact it is estimated that there were nearly half a million Australian Netflix subscribers before it was even available in that country! The practice was pretty much ignored until recently, most of the media companies blocked the easier to detect proxies but didn’t do anything about the many VPN users, until recently.

There’s obviously something happening behind the scenes, likely the content providers themselves are forcing the media companies to enforce the licensing agreements.  It’s  a crazy situation where online media is still licensed in this way, instead of globally which is after all how the internet was meant to work.   The reality is that millions of VPN users are now finding their service blocked or restricted in the wake of this clampdown.  Netflix have been particularly aggressive in blocking access to people using a VPN, it used to be simple but now you’re liable to get the following message –

US Netflix VPN

Quite a friendly, happy message but it’s meant millions have been either blocked completely from accessing Netflix or restricted to using the one offered in their own country.    Some VPNs still work, however before I give some clues to how to choose a US Netflix VPN I’d first like to clarify a couple of points that I see in comments on this site and across the internet.

  • First, a VPN is not illegal, criminal or anything like that.  It is perfectly legitimate to use a VPN all the time when you connect to the internet and many millions do to protect their security and privacy.
  • You are also not committing a criminal act by using an American VPN to access US Netflix from somewhere like Canada, UK or Europe.   At the very worst you are breaking the Netflix Terms and Conditions and could get your subscription cancelled – though it’s not happened to anyone yet as far as I’m aware.
  • VPNs are now useless because they can be detected by media websites, this is incorrect.  A VPN service still provides you with encryption and privacy whilst you’re online and they are still very smart thing to use particularly if you’re travelling and using unknown Wifi hot spots and networks.  The media companies block these VPN connections by building up lists of IP addresses which they suspect to be VPNs.

This is the reality of the situation, although it’s virtually impossible to detect the use of a VPN – companies like Netflix can build up lists of IP addresses used by VPN services and put them into a black list denied access.    This is quite easy to do, they simply target high profile online services who advertise a lot and they also monitor which IP addresses are used for multiple, simultaneous connections.

When choosing the best VPN for Netflix and other services, there’s a few simple rules to follow.  Firstly look for a low key web site which doesn’t openly advertise the facility to watch these services.  One of my favorite pre-purge options for watching US Netflix was a successful company called Overplay and their Smart DNS service, their servers were among the first to be blocked and stopped working for me several months ago for Netflix.  They have also aggressively targeted the online TV watching facilities, both directly on their websites and through advertising.

Choose a VPN service which doesn’t mention the media companies, they still work the same way but are less likely to get blocked.

Be cautious, particularly if your primary requirement is a VPN to watch a specific region of Netflix.  What is currently happening, is a cat and mouse game – Netflix will block a range of IP addresses and access will be blocked, the VPN service will switch out these ranges and replace with others enabling them to work with Netflix again.  This has been continuing over the last few months and there’s no way of knowing how long this will last.   It is time consuming and expensive for both sides in the war, and the result probably depends on whether Netflix continues their efforts to block all VPN servers.

Update – July 7th 2016, Netflix have now blocked almost all VPN services from accessing their site by restricting access to only residential IP addresses. However . have issued an update and expanded their network to include residential addresses. I’ve been testing for a couple of weeks and it now works perfectly for US Netflix – you can try their . here. It’s now not only the Best VPN for Netflix but one of the only ones that now works, currently you can only access the US version of Netflix but that’s expected to expand although this is the version that most VPN users want access to.