There's a lot more than just recognizing known raw IP addresses used as endpoints.
One method larger services with CDNs use effectively is to use DNS for blocking. When you try to access a site, your DNS request will resolve to a server close to you, with your location determining the domain resolving to a different IP. Then the platform just responds to those requests from outside their normal area with a consistent message. No need to know whether it's actually a VPN or not, the traffic is acting like it is and doesn't really have much of a reason to do that normally.
This isnt new. Its been happening for years. There is a post about this on lemmy every few weeks. It just doesnt happen consistently, so people always think that they "discovered" this for the first time.
But this is even dumber than before, you can't even login to bypass. What about people living in a country where youtube is blocked. I guess Google just says "fuck 'em"?
What about people living in a country where youtube is blocked. I guess Google just says “fuck 'em”?
Yyep.
If you're using a VPN, you're likely anonymized and not directly making YouTube any money. Those are leeches, as far as a Google accountant is concerned.
A few days ago I gotta message from google saying they "can't verify my age" (meaning they want gov ID I'm sure) so I'm forced to use safe search and other stuff too.
To continue, turn off your VPN/Proxy. This will allow YouTube to locate the best content".
"We refuse to serve you anything other than the best 'located content'."
A fat lie. Combining refusal with the completely unrelated supposed service improvement of location-based content. To disingenuously sound like they're doing you a service.
This happens via simple lists of IP addresses, no? I.e. the VPN has a limited number of exit IPs and once it's known who they belong to, they're easy to block?
They always could. What appears to be happening is that channels now have the option to turn on "a switch" so that content wont play if a VPN is detected. Most VPN ip addresses are well known, because they arent a secret. Everyone who uses the VPN goes through it.
If you come across the above message, its because the content creator turned it on. I had it come up with "stick to football". Its the only thing that it comes up with. I just unsubbed and wont watch anymore. Im not turning off my VPN for anyone or anything. Id rather just go with out. I encourage all of you to do the same.
You could probably just record the users ID and it's IP address. IP addresses that see a lot of different user IDs are either VPNs, companies or universities.
Another thing that only very large companies can do is see the response time and compare packet size from different servers to narrow down your location, effectively defeating the VPN in a lot of cases.
Hypothetically, a specific amount of bytes gets sent to server B, response time indicates it was received 300 miles away which matches the response time of going from Server B to Server A where the user lives.
Of course it's still important to use a VPN, if only because those big companies don't want us to.
The latency to your VPN server is a constant added to the latency between your VPN server and whatever servers you are connected to. As long as the user's VPN service doesn't use different VPN servers for different destinations, it is impossible to determine the location of the user behind the VPN based on latency, and in general it is impossible to determine how far a user is from their VPN server because of varying latency introduced by the user's own network or by bad infrastructure at the local ISP level. You can only know how far they aren't based on the speed of light across the surface of the earth.
But, without a VPN, this is a real attack that was proven by a high school student using some quirks of Discord CDNs. Even without using Discord's CDNs, if somebody wanted to locate web visitors using this technique, they could just rent CDN resources like nearly every big company is doing. Of course, if you have the opportunity to pull this off, you normally have the user's IP address and don't care about inferring the location by latency. The reason why it was notable with Discord was because the attacker was not able to obtain the victim's IP address.
You say what I described is impossible but it's been demonstrated by researchers such as "CPV: Delay-Based Location Verification for the Internet" by AbdelRahman Abdou with the Department of Systems and Computer Engineering, Carleton University Ontario.
Furthermore, on top of that method, if a company has access to data from servers in multiple places along the chain between endpoints, then they can see that a series of packets of specific size are traveling in a specific direction, narrowing down the location of the other endpoint. A company like Amazon, whose AWS servers make up almost 30% of the internet.
One of the more convoluted methods to defeat this approach was to simply add more stops along the chain, fragment the encrypted data into multiple parts, and pass it along random paths to the endpoint. I believe, but I could be wrong, that Tor utilizes this method. The problem with that is: it's slower.
It is impossible. CPV is only going to allow the attacker to know that the device is probably not located next to the VPN server. It can only prove a positive, not a negative.
The second method you're describing is only possible for people who control internet infrastructure and are able to infer correlations data going into your VPN server with data going out of your VPN server, which is both easier and more difficult than you're suggesting. The attacker does not need to most of the internet routers because they only care about the data going into and out of the VPN server (it's onion routing where the attacker needs to control many routers), but the attacker does need to have a powerful enough device to be inferring (hopefully) encrypted network flows on the public network to the packet sizes of encrypted VPN traffic for all of the traffic that is passing through that VPN server at the same time.
I imagine they could compile large datasets of ping times and server locations and do some extrapolation. I don't think it ever goes past a best guess but they'd have an idea (if what this person said actually happens).
Companies dont really need to know where you are. They just need to know where you aren't. If you are not within a certain threshold of response time to certain cdn servers, then its reasonable to assume that you are outside their contractually obligated broadcast region.
They kind of have it backwards. They aren't triangulating your location, they are taking the location your connection tells them you are and tests to see if that is correct or not by checking with known servers in an area around your claimed location. It can verify you are not where you say you are, but beyond that it can't find you. At least, not the paper the person is mentioning - this "other method" they mention doesn't appear to be linked to any paper or anything and might just be their personal theory, not sure.
Yeah there was a cool paper on Delay Response method by AbdelRahman Abdou with Department of Systems and Computer Engineering, Carleton University called "CPV: Delay-Based Location Verification for the Internet".
The other method I mentioned, checking packet size and general direction, would require accessing data along multiple stops before reaching the other endpoint with which to compare the sizes of encrypted data packets and use that to identify what is traveling where, which either has not been demonstrated or the companies utilizing it haven't admitted to it, yet. It's not a stretch to think it's happening, though, with massive companies like AWS and CloudFlare or telecom giants like AT&T.
The CPV paper was not doing what you are saying, defeating a VPN by finding your real location. It is basically the opposite - if you are using a VPN to claim you are in a place, it can verify that you are not in that place. It doesn't find your location, it can only verify you aren't in the area you claim to be.
Not really, because the only reason they have a location to test against is because the connection looks like it is coming from the vpn server location. They don't have any other location data to test against, and even if they decided to then run the test against every possible location on the planet, they still have the issue that their data is heavily skewed by the fact your traffic is flowing through a vpn, so your latency is not going to be perfectly matching their test servers unless they force the test servers' traffic through the same vpn server.
Nothing about this is setup to find your location on the other side of a vpn - it is basically testing if you are using a vpn or otherwise "spoofing" your location and returning a yes or a no.
I was like 3 paragraphs into a writeup about response times, latency, probabilities, etc but I realized you already have all the information and can't be reasoned with.
You do know what I mean by "response time" right? The recieving computer gets the packets and sends word back. NOT the VPN node, the VPN is not unencrypting traffic to emulate a real computer, it's instead just relaying the packets TO YOUR MACHINE. VPNs are not the perfect black box void immune to complicated analysis.
Do you not think a VPN will affect response time?? I implore you re-read the paper you keep referring to because they spell it out pretty basically what they are doing - and finding a person's actual physical location behind a VPN is not it.
I am not claiming a VPN is a perfect or complete solution... The modern web has an absolute ton of ways to track you even through a VPN, but CPV isn't it.
Sure, but there are also lots of other ways around it. Non-chrome browsers (or Chromium-based browsers) still allow for good extensions that can block YouTube ads.
Firefox + uBlock Origin still works great, even when all the front-ends are broken.
Which is why there needs to be better pushback "Okay, so where exactly are you selling a functional SNES cart that I can plug into my SNES and play?" as an example.
I’m not sure how that pushback can be applied. It’s not a legal argument that I am justified in stealing something if you won’t sell it to me. Although, at the same time, I don’t know what basis they have for claiming damages.
The pushback would be when they cry about monetary losses for something they literally don't even sell anymore. Is this not why they're always trying to take down ROM sites?
As someone who uses multiple VPNs daily I have a suggestion. Try to locate a different server and connect to it. See if there’s a drop down menu in your VPN app. Sometimes a particular IP on one of those servers flags websites’ fraud detection. Sometimes I can switch servers on my VPN and refresh the page and it loads just fine.
Excellent advice. It’s a game of cat and mouse (or whack-a-mole, whatever metaphor works…).
Sites that want your data for whatever reason hate VPNs, so they identify exit points and blacklist traffic from them. VPN providers know this so they spin up new exit points with different IP.
Just try a different server. Sometimes it’s a regional ’rights’ issue, so pick another server that is in the same jurisdiction, for instance in the case of streaming.
FWIW though I did try, connected via a random VPN from ProtonVPN from Argentina... and it wasn't in that list. So it's not perfect. Also ProtonVPN has apparently today 13K servers according to https://protonvpn.com/vpn-servers
That being said I can imagine that Google, which is literally built on crawling the Web, has all the infrastructure and expertise needed to have such lists and up to date ones.
I'm not justifying blocking VPN here, only trying to clarify that unless you self-host in a rather specific setup (i.e. not relying a popular cloud provider but truly self hosting) it's technically not hard to block VPNs.
Yeah, detecting the VPN isn’t really difficult at all. VPN providers sometimes try to cycle through IP addresses to make it harder, but there’s only so much they can do.
This isn’t really noteworthy, especially when you consider how many services require a sign in when you’re on a VPN anyways. It’s shitty, but not really surprising; They want to be able to tie your traffic to you, not just to a random VPN server. Hell, even without signing in, they probably have your browser fingerprinted. If you’re privacy focused, you probably have a lot of privacy based extensions, in a privacy based browser. And that makes you easy to fingerprint.
Many websites now just block a large range of cloud and VPS services in order to reduce DDOS from AI crawlers. For youtube and reddit you can still access if you are logged in though.
Just hold your driving license up next to your face so we know who's watching gay porn in a world increasingly intolerant to gay people. No problem there.
My ISP has started throttling YouTube to ~2mbps when viewed from desktop. Using a VPN gets around this and lets me watch in HD. Luckily I've not encountered this error yet, but if I do I guess it's no more YouTube for me, 480p is just way too blurry to put up with.
They're 5g based, so I suspect it's within the terms of service somewhere that they can limit the streaming quality? Historically I'd only ever noticed deprioritization, never a hard bandwidth limit.
I use 1.1.1.1 so I don't think it's easily ignored by changing DNS. But interestingly while using Revanced and NewPipe on my phone I don't have any of the same problems. Maybe my computer is ignoring my router's DNS? Maybe mobile YouTube is delivered from a different server? I wish I knew but ultimately using a VPN still works for me and is a very low effort fix.
What I don't get is why it's only YouTube they choose to throttle. I've never noticed any issues on other streaming websites and fast.com which literally uses Netflix servers is also full speed.
ReVanced will work almost flawlessly 90% of the time. Newpipe, Freetube, Pipepipe, Invidious, etc. will frequently break and require so much VPN hopping that I barely bother with them. Watching YT on my laptop is a pain in the ass compared to my phone.
Honestly, until late summer ReVanced hadn't done me wrong at all and I had been using it for about a year, but YT managed to patch whatever loophole they found for YT Music, so I suffered for a month and listened on the regular YT app. It works now, although sometimes I have to VPN hop because it'll play a song only up to a minute, and then hang.
Revanced doesn't just flawlessly patch YouTube (and gives you additional options like skipping promos), you can use it to patch all sorts of other apps too.
Listen at this point, we either re-upload our favorite creator's content to other platforms. Convince them to join alternatives or help out *their replacements" on those alternative platforms to grow.
Either way I do not respect content-creators that do not support alternative platforms (& decentralization) on principle
Listen at this point, we either re-upload our favorite creator’s content to other platforms. Convince them to join alternatives or help out their replacements on thise alternative platforms to grow.
I am with this, tired of using a yt frontend to watch videos (sometimes real website), and no reuploads nor have alternatives.
Yeah, i even made a script just to log into its container (proxmox lxc) and pull the latest image when i see videos cant load.
It’s almost always google actively changing things, sometimes directly targeting invidious.
What did also helped was give its container 2 cpu cores rather than just 1. The internally errors and timeouts causes by google changes cause a big strain on it so it often crashed in combination with needing an update (leaving me unable to backup my up to date subscription list)
See, there is the problem, if you use a VPN you dont allow Google to locate the best content! Nothing to see here, YouTube is only trying to be helpful here, Google is absolutely not trying to use you as a data nugget to get rich from
People don't realize how much shit youtube/google ignores over time, for whatever reasons (but mostly because it's cheaper to ignoer I'd guess). With most major consumer VPN providers, this is very easy to detect. Adblockers are easy to detect. Tampering with the website structure? Believe it or not, quite easy to detect when someone hide a component or change a title or a button.
If they decided to seriously get after people that circumvent geofencing, people that block ads, people that change the interface to their liking, or people that plainly use alternative websites, they could easily. And it would require far less effort on their end to keep things complicated than it would require on our end to keep things working at an acceptable level.
If they did implement all those measures, all you do is launch a puppet browser rendered off screen and scrape the content you want. This could work for any site and it is impossible for anyone to detect.
For ads, as a nuclear option, you can detect when they occur and black the stream out.
I would personally do this if left with no other option.
Cue detection of "realistic" human activity on the UI and preventing streaming if the server determine this activity does not match a human enough pattern.
I'm exaggerating on that one, but… that's not even that implausible these days.
My point was, dancing this dance with "big website", whoever it is, will always be an endless uphill battle.
Uh. I don't know how it is on the other side of the ocean, but around here, it's a nice goal, but there's much more care going into making messes than implementing accessible websites. Even official government services sometimes just barely slaps an "accessibility conformity: partial/none" and keep going on.
I'm not sure having an accessible web is enough to overcome the thirst for ad money and control.
Sometimes I do get YouTube telling me that I need to disable my adblocker to access a video, so they do try to block that stuff (though I suspect that the infrequency with which this happens combined with the fact that not everyone does experience it when some people do report this happening suggests that they're just testing methods of detection and blocking)
Usually when it happens, I just go into my Ublock settings and update stuff. I can't remember that ever not working. It feels like a low-key arms race, in a cold-war kind of way
Google bought YouTube in like 2006. I liked it before they bought it, sure, but I would be hard pressed to say it’s been all downhill after the first year.
I've been getting a "You must sign on to see this content" from YouTube (refusing to play the video if I don't) for ages when I'm behind a VPN, but if I disconnect the VPN and try again I don't get it.
Curiously, sometimes it doesn't happen.
I guess YouTube has a list of IP addresses of VPN exit points and will do that if it detects a connection coming from one of those, but at least for my VPN provider some exit points are not in the list.
Idk, for me it works well, i have almost the same latency and speed as if i wasn't using it, maybe because their nodes are near me, Dunno, but i live in europe and there are a lot of people and nearby countries so it may be
I'm in Europe too and my experience with TOR is not quite the same.
Then again I'm in one the more peripheric bits of Europe and not surrounded by countries were people run TOR nodes, so TOR probably more bottlenecked than in a more central place in Europe.
That said, surfing behind a VPN (which I pay for) plus provides me the level of privacy which I need at the moment.
I watched youtube religously 10-15 years ago. Now when I try to enjoy some content, I struggle to find anything of quality that's in my feed. Sometimes I'm scrolling for 10 minutes and give up. Their algorithm for what might interest me was so much better back then.
Apps don't need finances to survive. The creator of the app could be working on it entirely because they want to, and not because they get paid. As far as I know, NewPipe is just a front-end. It doesn't host anything, and just runs as a client to essentially give a new interfwce to YouTube.
Everything detects VPNs. Reddit has an error screen I've never seen before about network activity when I use a VPN and I'm not logged in. YouTube refuses to let me watch embedded videos when I'm on my VPN. Many pages simply refuse to load.
Reddit?! Okay, that's pretty terrible. It's one thing to have region-locked copyright for stuff, but disallowing VPNs for a web forum? While we don't need more evidence that they've turned heel, that's an awful big red flag.
"In order to enhance your viewing experience, we've sold your data to your government"
The man sighs as he read the text on his computer screen, as loud knocking is heard on his apartment door. He looks through the peephole, there are men with uniforms outside.
Lately while on VPN I’m able to watch videos and sometime have to solve a captcha to prove I’m not a bot, but if I’m using nothing (at home on WiFi) it’ll ask me to sign in to make sure I’m not a bot 🤷🏻♂️🤷🏻♂️.. Like wtf
Yeah, so I understand why I have to solve a captcha when using VPN, but I literally (at times) cannot use YT ‘anonymously’ from my residential IP without signing in to an account.
Usually ISPs don't give a unique IP to every user but sometimes they give the same IP to more people, so based on what they did it can happend that you may get limited/banned or have to solve many captchas
I use Mullvad servers in South America and Southeast Asia for youtube and it works. No issues with Netflix with the servers in Europe and Asia that I use.
One of my reddit accounts was locked/suspended when I logged in though, and I can’t unlock it because it doesn’t have an email attached to it for account recovery. But just browsing isn’t an issue with old.reddit.
reddit has always been able to detect vpn/vps, its just they dont ban you immediately, if they even detect your IP, or fingerprinting pattern it usually a shadowban. thats why people used other methods to evade it.
That's probably not too hard to detect based on IP. They only do it for some content though. The only content I watch that has this block is official Formula 1 content on YouTube. It's probably something that creators can enable when they want to region lock content or something
I'd like to see folks do more PeerTube instances in the future or something similar grow but there is cost involved that people don't have with YouTube.
I currently watch YouTube with the Wcosia browser on my phone and have barely gotten any ads since I started using it for this purpose. I dunno why it is like this. I think I have gotten one ad in months and all I had to do was refresh the browser and it went away.
Used to use DuckDuckGo and their video player which also works fine. No ads.
It probably won't last forever. YouTube seems hellbend on becoming AdTube, but for now, this is a fine alternative. I dunno how watching YouTube works with ecosia on the computer, if there are ads there, but on the phone, nothing.
I think you can change some config thing to have the exit node be in a certain country so it may help? (Thought i am not sure if there is, the last time i configurated anything was for using HTTP), also, i have had a good expirience with the speed on TOR, i am in europe, where are you?
No, NordWhisper is for people to connect to the VPN, not for the VPN to connect to youtube. It's all about what IP's Google knows are VPN's. If you're blocked, switch server or country and try your luck.
Switching protocols reconnects you to the VPN. Unless you manually select a default server, even reconnecting to the same country is likely to give you a different IP. 🤷♂️
I needed to fiddle around with YouTube a lot, so it won't try to shove mediocre Pewdiepie clones but Hungarian (or more recently, Hungarian chud slop) down my throat.
I know and I don't need any of that. Stremio replaces every streaming app except YouTube, so those are the only two apps I need on my TV. If it's not on YouTube, it's on Stremio, and vice versa.
The problem is, any alternative is shit, my preferred creator remain on youtube and i don't want to stare at a wall when i am bored lmao.
Not using youtube is the worst thing you can do right now for your entertainment, what i do is using Revanced and on desktop Floorp + uBlock and i also try to support FairPlay (an alternative to youtube that is still in development) how i can (can't do much rn but i can at least spread the voice)
that's not the same, if i was commit a hate crime for example, on this profile, and the police investigated it, they can get my ip address from my client connection. however, someone doing the same and masking their ip address with a VPN to like, i dunno, sweeden but they live in the UK, is a big problem when VPN providers make bold claims of "protecting your identity"
Getting an IP isn't even enough since the average user has a dynamic IP resolving to a box or center nearby but not yheir actual home address. They'd have to subpeona the ISP, which isn't necessarily compelled to comply.
Hell, my IP doesnt even resolve to the same city I am in.
That's one small use case. There are many other legitimate uses for them. Seems a bit odd to be so against them because they might possibly be used for nefarious purposes. Have you personally been victimized by a VPN user?
You sound scared. You don’t have to be online if there is too much risk of you getting your feelings hurt, you can just go touch grass. Even the people you don’t like have a right to privacy.
im sorry sir you need to hand over all your knives because LUNATICS use them to attack others
also put this straitjacket on while youre doing so, as MANIACS use their fists to attack others
VPNs aren't hard to detect, especially if you're using a major service.
100% this, I work in cyber sec and it's very easy these days for services to detect this.
What about TOR browser?
That's even easier. The list of exit nodes is public.
Feel sorry for the guy in the datacenter using Netflix on his brake.
Offering Xzibit some new ideas
Yo, we heard you like watching Netflix on your break, so we put big screen tvs on your brakes so you can watch Netflix on your brakes while on break.
Yo dawg, we heard you like Netflix so we put Netflix on yo brakes so when you brake you can watch Netflix, dawg,
Must be hard to see all the way down in the foot well.
That seems like a failure on their part. Buy more exit IPs.
There's a lot more than just recognizing known raw IP addresses used as endpoints.
One method larger services with CDNs use effectively is to use DNS for blocking. When you try to access a site, your DNS request will resolve to a server close to you, with your location determining the domain resolving to a different IP. Then the platform just responds to those requests from outside their normal area with a consistent message. No need to know whether it's actually a VPN or not, the traffic is acting like it is and doesn't really have much of a reason to do that normally.
Well, you can put your DNS requests over the proxy as well, so kinda a skill issue. I don't know if people do though - you're the professional.
This isnt new. Its been happening for years. There is a post about this on lemmy every few weeks. It just doesnt happen consistently, so people always think that they "discovered" this for the first time.
But this is even dumber than before, you can't even login to bypass. What about people living in a country where youtube is blocked. I guess Google just says "fuck 'em"?
Yyep.
If you're using a VPN, you're likely anonymized and not directly making YouTube any money. Those are leeches, as far as a Google accountant is concerned.
They said logging in doesn't make it go away. Being logged in means they can already track you, so this is pretty ridiculous of them tbh.
Being logged in means they can track what you watch. Being logged in via a VPN means they can't track your location.
Literally valuable information.
Yes, 100%, absokutely correct.
Google is a company.
Companies do not care about you. You are not a person, you are a number.
Google is a
companymulti-billion dollar corporation.CompaniesMulti-billion dollar corporations do not care about you. You are not a person, you are a number.(Well ok, there is plenty of small business who also don't care about you, that's not my point).
Trillion*
You can count the number of companies this rich on one hand.
I see. I havent had a Google account for like 8 years, so i didnt notice the difference.
A few days ago I gotta message from google saying they "can't verify my age" (meaning they want gov ID I'm sure) so I'm forced to use safe search and other stuff too.
Fuck. That!
Why is YouTube blocked?
Authoritarianism.
Free access to "radical" ideas doesn't bode well with conservative governments.
Probably part of the age verification bullshit
The real highlight is the contradictory text.
"We refuse to serve you anything other than the best 'located content'."
A fat lie. Combining refusal with the completely unrelated supposed service improvement of location-based content. To disingenuously sound like they're doing you a service.
"This will allow Youtube to locate the best content" 🤡
It's so insulting they add flavour text like this as if to call you a fucking moron to your face
“We know what’s best for you”
It seems like most people will believe any technical-seeming message shown to them.
But I don't want the best content.
I want the old YouTube
This happens via simple lists of IP addresses, no? I.e. the VPN has a limited number of exit IPs and once it's known who they belong to, they're easy to block?
Yeah, it's pretty trivial to do, and it's honestly surprising it took YT so long to do it.
They always could. What appears to be happening is that channels now have the option to turn on "a switch" so that content wont play if a VPN is detected. Most VPN ip addresses are well known, because they arent a secret. Everyone who uses the VPN goes through it.
If you come across the above message, its because the content creator turned it on. I had it come up with "stick to football". Its the only thing that it comes up with. I just unsubbed and wont watch anymore. Im not turning off my VPN for anyone or anything. Id rather just go with out. I encourage all of you to do the same.
You could probably just record the users ID and it's IP address. IP addresses that see a lot of different user IDs are either VPNs, companies or universities.
Or they are just home users behind a CGNAT, which more and more ISPs use.
And even if they aren't, home users usually have dynamic IPs, meaning it can change.
Another thing that only very large companies can do is see the response time and compare packet size from different servers to narrow down your location, effectively defeating the VPN in a lot of cases.
Hypothetically, a specific amount of bytes gets sent to server B, response time indicates it was received 300 miles away which matches the response time of going from Server B to Server A where the user lives.
Of course it's still important to use a VPN, if only because those big companies don't want us to.
The latency to your VPN server is a constant added to the latency between your VPN server and whatever servers you are connected to. As long as the user's VPN service doesn't use different VPN servers for different destinations, it is impossible to determine the location of the user behind the VPN based on latency, and in general it is impossible to determine how far a user is from their VPN server because of varying latency introduced by the user's own network or by bad infrastructure at the local ISP level. You can only know how far they aren't based on the speed of light across the surface of the earth.
But, without a VPN, this is a real attack that was proven by a high school student using some quirks of Discord CDNs. Even without using Discord's CDNs, if somebody wanted to locate web visitors using this technique, they could just rent CDN resources like nearly every big company is doing. Of course, if you have the opportunity to pull this off, you normally have the user's IP address and don't care about inferring the location by latency. The reason why it was notable with Discord was because the attacker was not able to obtain the victim's IP address.
You say what I described is impossible but it's been demonstrated by researchers such as "CPV: Delay-Based Location Verification for the Internet" by AbdelRahman Abdou with the Department of Systems and Computer Engineering, Carleton University Ontario.
Furthermore, on top of that method, if a company has access to data from servers in multiple places along the chain between endpoints, then they can see that a series of packets of specific size are traveling in a specific direction, narrowing down the location of the other endpoint. A company like Amazon, whose AWS servers make up almost 30% of the internet.
One of the more convoluted methods to defeat this approach was to simply add more stops along the chain, fragment the encrypted data into multiple parts, and pass it along random paths to the endpoint. I believe, but I could be wrong, that Tor utilizes this method. The problem with that is: it's slower.
It is impossible. CPV is only going to allow the attacker to know that the device is probably not located next to the VPN server. It can only prove a positive, not a negative.
The second method you're describing is only possible for people who control internet infrastructure and are able to infer correlations data going into your VPN server with data going out of your VPN server, which is both easier and more difficult than you're suggesting. The attacker does not need to most of the internet routers because they only care about the data going into and out of the VPN server (it's onion routing where the attacker needs to control many routers), but the attacker does need to have a powerful enough device to be inferring (hopefully) encrypted network flows on the public network to the packet sizes of encrypted VPN traffic for all of the traffic that is passing through that VPN server at the same time.
This...sounds a bit like bs. Can you share a more detailed writeup? At best you could get a radius, but that wouldn't really be helpful
I imagine they could compile large datasets of ping times and server locations and do some extrapolation. I don't think it ever goes past a best guess but they'd have an idea (if what this person said actually happens).
Companies dont really need to know where you are. They just need to know where you aren't. If you are not within a certain threshold of response time to certain cdn servers, then its reasonable to assume that you are outside their contractually obligated broadcast region.
They kind of have it backwards. They aren't triangulating your location, they are taking the location your connection tells them you are and tests to see if that is correct or not by checking with known servers in an area around your claimed location. It can verify you are not where you say you are, but beyond that it can't find you. At least, not the paper the person is mentioning - this "other method" they mention doesn't appear to be linked to any paper or anything and might just be their personal theory, not sure.
Yeah there was a cool paper on Delay Response method by AbdelRahman Abdou with Department of Systems and Computer Engineering, Carleton University called "CPV: Delay-Based Location Verification for the Internet".
The other method I mentioned, checking packet size and general direction, would require accessing data along multiple stops before reaching the other endpoint with which to compare the sizes of encrypted data packets and use that to identify what is traveling where, which either has not been demonstrated or the companies utilizing it haven't admitted to it, yet. It's not a stretch to think it's happening, though, with massive companies like AWS and CloudFlare or telecom giants like AT&T.
The CPV paper was not doing what you are saying, defeating a VPN by finding your real location. It is basically the opposite - if you are using a VPN to claim you are in a place, it can verify that you are not in that place. It doesn't find your location, it can only verify you aren't in the area you claim to be.
If you can prove where people aren't then you can prove where they are.
Not really, because the only reason they have a location to test against is because the connection looks like it is coming from the vpn server location. They don't have any other location data to test against, and even if they decided to then run the test against every possible location on the planet, they still have the issue that their data is heavily skewed by the fact your traffic is flowing through a vpn, so your latency is not going to be perfectly matching their test servers unless they force the test servers' traffic through the same vpn server.
Nothing about this is setup to find your location on the other side of a vpn - it is basically testing if you are using a vpn or otherwise "spoofing" your location and returning a yes or a no.
I was like 3 paragraphs into a writeup about response times, latency, probabilities, etc but I realized you already have all the information and can't be reasoned with.
You do know what I mean by "response time" right? The recieving computer gets the packets and sends word back. NOT the VPN node, the VPN is not unencrypting traffic to emulate a real computer, it's instead just relaying the packets TO YOUR MACHINE. VPNs are not the perfect black box void immune to complicated analysis.
Do you not think a VPN will affect response time?? I implore you re-read the paper you keep referring to because they spell it out pretty basically what they are doing - and finding a person's actual physical location behind a VPN is not it.
I am not claiming a VPN is a perfect or complete solution... The modern web has an absolute ton of ways to track you even through a VPN, but CPV isn't it.
Sure, but there are also lots of other ways around it. Non-chrome browsers (or Chromium-based browsers) still allow for good extensions that can block YouTube ads.
Firefox + uBlock Origin still works great, even when all the front-ends are broken.
I encounter VPN blocks everywhere frequently. I usually just reroll my selected server until the block goes away
The "best content" being ip-located ads, probably.
probablyTIL ads are content!
They are if you own the platform.
VPN ads seriously need to stop promising that you can get around content restrictions.
People should educate others on how to get content not available in their area for free without the hassle.
If media isn't available in your area, then the company is telling you they don't want your money. There is a $0.00 loss to them if you pirate it.
Unless you calculate it using the Nintendo formula, in which case you owe them $3 million.
Which is why there needs to be better pushback "Okay, so where exactly are you selling a functional SNES cart that I can plug into my SNES and play?" as an example.
I’m not sure how that pushback can be applied. It’s not a legal argument that I am justified in stealing something if you won’t sell it to me. Although, at the same time, I don’t know what basis they have for claiming damages.
The pushback would be when they cry about monetary losses for something they literally don't even sell anymore. Is this not why they're always trying to take down ROM sites?
Yeah the damages don’t make sense. They might be able to press other changes.
Or they need to do a better job at getting around content restrictions
Yeah they need to start rotating egress ips regularly. It's a cat and mouse game
Well, they need to make sure the right people are watching the right propaganda.
They lobby both parties, people are just talking about the Trump donations now as he is currently in power
https://www.opensecrets.org/political-action-committees-pacs/google-inc/C00428623/candidate-recipients/2024
That only covers political donations, not outright payoffs.
https://www.merkley.senate.gov/wyden-merkley-colleagues-question-youtube-google-on-potential-quid-pro-quo-settlement-with-trump-administration/
If money is speech, what is a company “saying” when it donates to both parties?
It’s just lobbying to get their interests. They aren’t specifically pro rep or pro dem they are pro google
As someone who uses multiple VPNs daily I have a suggestion. Try to locate a different server and connect to it. See if there’s a drop down menu in your VPN app. Sometimes a particular IP on one of those servers flags websites’ fraud detection. Sometimes I can switch servers on my VPN and refresh the page and it loads just fine.
Excellent advice. It’s a game of cat and mouse (or whack-a-mole, whatever metaphor works…).
Sites that want your data for whatever reason hate VPNs, so they identify exit points and blacklist traffic from them. VPN providers know this so they spin up new exit points with different IP.
Just try a different server. Sometimes it’s a regional ’rights’ issue, so pick another server that is in the same jurisdiction, for instance in the case of streaming.
I mean... detecting (some) VPNs is as trivial as
fetch('https://github.com/NazgulCoder/IPLists/raw/refs/heads/main/output/vpn-ipv4.txt').then( res => res.text() ).then( res => console.log( res.includes( "1.2.3.4" ) ) )thanks to https://github.com/NazgulCoder/IPLists/
FWIW though I did try, connected via a random VPN from ProtonVPN from Argentina... and it wasn't in that list. So it's not perfect. Also ProtonVPN has apparently today 13K servers according to https://protonvpn.com/vpn-servers
That being said I can imagine that Google, which is literally built on crawling the Web, has all the infrastructure and expertise needed to have such lists and up to date ones.
I'm not justifying blocking VPN here, only trying to clarify that unless you self-host in a rather specific setup (i.e. not relying a popular cloud provider but truly self hosting) it's technically not hard to block VPNs.
Understanding is the first step to fighting draconian policies.
Yeah, detecting the VPN isn’t really difficult at all. VPN providers sometimes try to cycle through IP addresses to make it harder, but there’s only so much they can do.
This isn’t really noteworthy, especially when you consider how many services require a sign in when you’re on a VPN anyways. It’s shitty, but not really surprising; They want to be able to tie your traffic to you, not just to a random VPN server. Hell, even without signing in, they probably have your browser fingerprinted. If you’re privacy focused, you probably have a lot of privacy based extensions, in a privacy based browser. And that makes you easy to fingerprint.
Many websites now just block a large range of cloud and VPS services in order to reduce DDOS from AI crawlers. For youtube and reddit you can still access if you are logged in though.
If only you don't serve ads containing literal porn to my face with my VPN off 😡😡
😮 you use a vpn to avoid porn? That's a novel use case.
I block porn with my firewall so I have to VPN to get around it.
My state requires an ID to view porn so it's all blocked for me!
Weeeee
Just hold your driving license up next to your face so we know who's watching gay porn in a world increasingly intolerant to gay people. No problem there.
Try xvideo
Thanks! Yeah it works. So so dumb.
Huh? I don't use a VPN unless I want to watch geoblocked content, and adblocking works just fine without.
Couldn't you just use uBlock and/or NextDNS/PiHole to avoid porn ads rather than use a VPN?
This is for the mobile app. I already use uBO on all my browsers.
My ISP has started throttling YouTube to ~2mbps when viewed from desktop. Using a VPN gets around this and lets me watch in HD. Luckily I've not encountered this error yet, but if I do I guess it's no more YouTube for me, 480p is just way too blurry to put up with.
Why would your ISP do that?
They're 5g based, so I suspect it's within the terms of service somewhere that they can limit the streaming quality? Historically I'd only ever noticed deprioritization, never a hard bandwidth limit.
Rip net neutrality
to save bandwidth
I wonder if there’s any workaround besides VPNs like changing DNS or something?
Phone->revanced
Smart tv->smart tube next
I don't ever watch YouTube on my laptop but I'm sure there are utilities available.
I prefer NewPipe to Revanced.
So long as you're denying Alphabet the ad revenue, then you are doing the right and just thing.
Revanced is only in android right?
I think so. Only apple product I ever had was an iPod, so I'm extremely unfamiliar with their ecosystem.
I use 1.1.1.1 so I don't think it's easily ignored by changing DNS. But interestingly while using Revanced and NewPipe on my phone I don't have any of the same problems. Maybe my computer is ignoring my router's DNS? Maybe mobile YouTube is delivered from a different server? I wish I knew but ultimately using a VPN still works for me and is a very low effort fix.
What I don't get is why it's only YouTube they choose to throttle. I've never noticed any issues on other streaming websites and fast.com which literally uses Netflix servers is also full speed.
I'm surprised it took so long, I've not been able to watch Channel 5 for years.
Anyhow, I love Revanced.
Every time I see people talk YouTube alternatives they complain that Revanced is bad and Newpipe is good.
ReVanced will work almost flawlessly 90% of the time. Newpipe, Freetube, Pipepipe, Invidious, etc. will frequently break and require so much VPN hopping that I barely bother with them. Watching YT on my laptop is a pain in the ass compared to my phone.
Honestly, until late summer ReVanced hadn't done me wrong at all and I had been using it for about a year, but YT managed to patch whatever loophole they found for YT Music, so I suffered for a month and listened on the regular YT app. It works now, although sometimes I have to VPN hop because it'll play a song only up to a minute, and then hang.
For when on desktop just use Firefox +uBlock
ReVanced looks pretty good installed on a desktop Android emulator / VM set to Tablet mode FYI
ReVanced allow you to turn the screen off?
Yes!
I've never heard anyone say newpipe is good
A bunch in this thread are doing so.
Revanced doesn't just flawlessly patch YouTube (and gives you additional options like skipping promos), you can use it to patch all sorts of other apps too.
Listen at this point, we either re-upload our favorite creator's content to other platforms. Convince them to join alternatives or help out *their replacements" on those alternative platforms to grow.
Either way I do not respect content-creators that do not support alternative platforms (& decentralization) on principle
I am with this, tired of using a yt frontend to watch videos (sometimes real website), and no reuploads nor have alternatives.
I vote for all of what you said
Oh, so what they’re really saying is that a platform owned by GOOGLE has trouble FINDING the best content?
Everyone knows.
If you find what you're looking for the first time, they can't serve you as many ads.
Can’t argue with that, there goes my oneliner 🤣
Sure, there's big lists of them right here.
https://github.com/az0/vpn_ip
Hardly a secret.
Been trying out Invidious lately. Nice stuff if it is not down for a reason or two.
Oh! Speaking of a devil. It is down right now!
Yeah, i even made a script just to log into its container (proxmox lxc) and pull the latest image when i see videos cant load.
It’s almost always google actively changing things, sometimes directly targeting invidious.
What did also helped was give its container 2 cpu cores rather than just 1. The internally errors and timeouts causes by google changes cause a big strain on it so it often crashed in combination with needing an update (leaving me unable to backup my up to date subscription list)
I haven't used Invidious, but I've never had.an issue with PipePipe being down.
See, there is the problem, if you use a VPN you dont allow Google to locate the best content! Nothing to see here, YouTube is only trying to be helpful here, Google is absolutely not trying to use you as a data nugget to get rich from
Dude, I seem to find more sites that break when using my VPN than those that allow it. The bastards are winning
I'll change servers a couple times, and if it still doesn't work, I'll just move on
At this point no corpo site is worth the hassle.
People don't realize how much shit youtube/google ignores over time, for whatever reasons (but mostly because it's cheaper to ignoer I'd guess). With most major consumer VPN providers, this is very easy to detect. Adblockers are easy to detect. Tampering with the website structure? Believe it or not, quite easy to detect when someone hide a component or change a title or a button.
If they decided to seriously get after people that circumvent geofencing, people that block ads, people that change the interface to their liking, or people that plainly use alternative websites, they could easily. And it would require far less effort on their end to keep things complicated than it would require on our end to keep things working at an acceptable level.
Only kind of true.
If they did implement all those measures, all you do is launch a puppet browser rendered off screen and scrape the content you want. This could work for any site and it is impossible for anyone to detect.
For ads, as a nuclear option, you can detect when they occur and black the stream out.
I would personally do this if left with no other option.
Cue detection of "realistic" human activity on the UI and preventing streaming if the server determine this activity does not match a human enough pattern.
I'm exaggerating on that one, but… that's not even that implausible these days.
My point was, dancing this dance with "big website", whoever it is, will always be an endless uphill battle.
They can't do that because of accessibility reasons. If they did that, a disabled person has grounds to sue them for proper aria hints & controls.
It doesn't matter what kind of content it is, either. It must be made accessible.
Uh. I don't know how it is on the other side of the ocean, but around here, it's a nice goal, but there's much more care going into making messes than implementing accessible websites. Even official government services sometimes just barely slaps an "accessibility conformity: partial/none" and keep going on.
I'm not sure having an accessible web is enough to overcome the thirst for ad money and control.
Sometimes I do get YouTube telling me that I need to disable my adblocker to access a video, so they do try to block that stuff (though I suspect that the infrequency with which this happens combined with the fact that not everyone does experience it when some people do report this happening suggests that they're just testing methods of detection and blocking)
Usually when it happens, I just go into my Ublock settings and update stuff. I can't remember that ever not working. It feels like a low-key arms race, in a cold-war kind of way
i use vorapis v3 cause they fucked with the video player.
They mean slop? Another reason why I still use Newpipe on mobile.
I'm so damn tired of corporations telling me what I can and can't do.
youtube sucks ever since googol bought it. I cannot believe people still use it.
Google bought YouTube in like 2006. I liked it before they bought it, sure, but I would be hard pressed to say it’s been all downhill after the first year.
I've been getting a "You must sign on to see this content" from YouTube (refusing to play the video if I don't) for ages when I'm behind a VPN, but if I disconnect the VPN and try again I don't get it.
Curiously, sometimes it doesn't happen.
I guess YouTube has a list of IP addresses of VPN exit points and will do that if it detects a connection coming from one of those, but at least for my VPN provider some exit points are not in the list.
With TOR i don't have problems on youtube, somehow
Isn't TOR a bit too slow to watch videos in YouTube?
Idk, for me it works well, i have almost the same latency and speed as if i wasn't using it, maybe because their nodes are near me, Dunno, but i live in europe and there are a lot of people and nearby countries so it may be
I'm in Europe too and my experience with TOR is not quite the same.
Then again I'm in one the more peripheric bits of Europe and not surrounded by countries were people run TOR nodes, so TOR probably more bottlenecked than in a more central place in Europe.
That said, surfing behind a VPN (which I pay for) plus provides me the level of privacy which I need at the moment.
I am near France, Austria, Swiss and not too distant from germany too, so i suppose i have a couple of nodes nearby
Hell nah, please dont
Tip: Peertube Companion is a good extension for directing you to duplicates of the video you're trying to watch if it can be found elsewhere.
I have a Tridactyl rule to rewrite YouTube URL to
youtube-local(repository https://github.com/user234683/youtube-local/ ) e.g. https://www.youtube.com/ becomes http://localhost:9999/https://www.youtube.com but as others have suggested, I do my bet to avoid YouTube entirely, because Google is bad, Big Tech is bad.I watched youtube religously 10-15 years ago. Now when I try to enjoy some content, I struggle to find anything of quality that's in my feed. Sometimes I'm scrolling for 10 minutes and give up. Their algorithm for what might interest me was so much better back then.
https://newpipe.net/
Pipepipe has been more reliable for me, lately.
But who knows how long these alternative front-ends will last? It's a constant cat and mouse game between volunteers and Google.
How does this app survive economically?
Apps don't need finances to survive. The creator of the app could be working on it entirely because they want to, and not because they get paid. As far as I know, NewPipe is just a front-end. It doesn't host anything, and just runs as a client to essentially give a new interfwce to YouTube.
It seems to do some transcoding and storage. I suspect there are cpu and database costs that aren't free.
Labor of love, I suspect
Most open source projects are not financially driven. The bigger projects, such as this, usually function like non-profit organizations.
https://newpipe-ev.de/
https://smarttubeapp.github.io/
Everything detects VPNs. Reddit has an error screen I've never seen before about network activity when I use a VPN and I'm not logged in. YouTube refuses to let me watch embedded videos when I'm on my VPN. Many pages simply refuse to load.
Reddit?! Okay, that's pretty terrible. It's one thing to have region-locked copyright for stuff, but disallowing VPNs for a web forum? While we don't need more evidence that they've turned heel, that's an awful big red flag.
Not to defend that shithole, but honestly, it's probably just to enforce IP based bans.
You will definitely get the best content in the countries where YouTube is blocked /s
"In order to enhance your viewing experience, we've sold your data to your government"
The man sighs as he read the text on his computer screen, as loud knocking is heard on his apartment door. He looks through the peephole, there are men with uniforms outside.
[Ending 42/666, The Gulag Ending]
Just install Revanced
How on iOS?
Really, if you've kept using apple all the way up until now, it's kinda on you.
Fact
Websites have been able to detect VPN usage for a long time.
Lately while on VPN I’m able to watch videos and sometime have to solve a captcha to prove I’m not a bot, but if I’m using nothing (at home on WiFi) it’ll ask me to sign in to make sure I’m not a bot 🤷🏻♂️🤷🏻♂️.. Like wtf
Because there is a lot of traffic from the same IP and the site get suspicious
Yeah, so I understand why I have to solve a captcha when using VPN, but I literally (at times) cannot use YT ‘anonymously’ from my residential IP without signing in to an account.
Usually ISPs don't give a unique IP to every user but sometimes they give the same IP to more people, so based on what they did it can happend that you may get limited/banned or have to solve many captchas
They've been able to detect commercial VPNs for a long time. They're just starting to care enough to take some action now.
I rolled my own VPN, no issues. Won't say how because I got my ass beat for recommending it last time.
just gotta get a good vpn that knows how to play the dance.
Which one do you suggest?
i personally use mullvad (for something quick because i love their ethos) and windscribe (paid) for port forwarding
Thanks!
FYI, most Mullvad exit nodes are blocked by big services.
You have to try different ones to find one that works. I have found just a couple that work for, for example, Netflix or Reddit.
Proton and PIA seemed to be easier, I think they have more exits and/or rotate the IP addresses of the exits.
I like Mullvad as a company better so I use them.
I think they offer unique ips if you request.
I use Mullvad servers in South America and Southeast Asia for youtube and it works. No issues with Netflix with the servers in Europe and Asia that I use.
One of my reddit accounts was locked/suspended when I logged in though, and I can’t unlock it because it doesn’t have an email attached to it for account recovery. But just browsing isn’t an issue with old.reddit.
reddit has always been able to detect vpn/vps, its just they dont ban you immediately, if they even detect your IP, or fingerprinting pattern it usually a shadowban. thats why people used other methods to evade it.
Oh no, I guess I'll just have to not use YouTube. How tragic?
Pretty confident you could get around this but is it even worth clicking the button to switch addresses or use a different VPN? Eh...
Not worth it
That's probably not too hard to detect based on IP. They only do it for some content though. The only content I watch that has this block is official Formula 1 content on YouTube. It's probably something that creators can enable when they want to region lock content or something
NewPipe
Honestly, Newpipe gets blocked more often than just using browser. Probably because of they detected API calls or something.
I don't think NewPipe uses yt's API. yt-dlp certainly doesn't. It's kinda the whole point of these alternative frontends.
Try pipepipe, haven't had it blocked ever for the couple years I've used it
I use it, great app but I have seen my VPN blocked every once in a while. I end up changing IP addresses three or four times before it works again.
The Newpipe community is pretty big so even if it is blocked it is temporary
Revanced.
NewPipe.
VPN still does this on my revanced
Me: Leave that to me. I know what I want.
Proxies still have an IP address.
Revanced ftw.
Lol, I guess I wont be watching the latest mr beast mukbang
I'm just going to say it: YouTube really started going to shit when professional, monetized YouTubers started becoming a big thing.
I'd like to see folks do more PeerTube instances in the future or something similar grow but there is cost involved that people don't have with YouTube.
I currently watch YouTube with the Wcosia browser on my phone and have barely gotten any ads since I started using it for this purpose. I dunno why it is like this. I think I have gotten one ad in months and all I had to do was refresh the browser and it went away.
Used to use DuckDuckGo and their video player which also works fine. No ads.
It probably won't last forever. YouTube seems hellbend on becoming AdTube, but for now, this is a fine alternative. I dunno how watching YouTube works with ecosia on the computer, if there are ads there, but on the phone, nothing.
They always could, they're just more confident these days.
I guess I'm lucky that this ain't happening for me at least
💀 Ikr
TOR?
Brb, gonna change the circuit 20 times to find that one exit IP that didn't get blocked.
Also waiting 10 minutes for the video to load, xD
I think you can change some config thing to have the exit node be in a certain country so it may help? (Thought i am not sure if there is, the last time i configurated anything was for using HTTP), also, i have had a good expirience with the speed on TOR, i am in europe, where are you?
this pipe looks kinda new
Welp.
At least nord has some protcol thing that should be able to avoid it
(edit: it's called NordWhisper)
No, NordWhisper is for people to connect to the VPN, not for the VPN to connect to youtube. It's all about what IP's Google knows are VPN's. If you're blocked, switch server or country and try your luck.
Normally if a website asks me to stop using my VPN I just switch to NordWhisper and it's fixed.
Switching protocols reconnects you to the VPN. Unless you manually select a default server, even reconnecting to the same country is likely to give you a different IP. 🤷♂️
I needed to fiddle around with YouTube a lot, so it won't try to shove mediocre Pewdiepie clones but Hungarian (or more recently, Hungarian chud slop) down my throat.
Using Tor right now, no idea what you are talking about... oh right you use that instance.
.world =/= "Lemmy" 😉
Yeah, world is kinda shitty for that
Change your instance (posted via a VPN)
There aren't really any alternatives.
I'm ok with YouTube due to using strong ad-blockers, browser extensions, and I don't log in. Seems that these 3 things cut most of the bullshit.
Cause there's nothing else to watch. YouTube has replaced TV in the average household.
And none of them have anything worth watching.
It's not that choice isn't a thing; it's that there are thousands of choices and they all suck.
"Hundreds of channels, and nothing good on."
I know and I don't need any of that. Stremio replaces every streaming app except YouTube, so those are the only two apps I need on my TV. If it's not on YouTube, it's on Stremio, and vice versa.
literally the only two streaming apps i have on my onn tv box w/ Projectivy launcher
Don't like YouTube, do like the content creators on YouTube.
There are literally 0 good alternatives now, my only hope is fairplay (which is now in development)
The problem is, any alternative is shit, my preferred creator remain on youtube and i don't want to stare at a wall when i am bored lmao.
Not using youtube is the worst thing you can do right now for your entertainment, what i do is using Revanced and on desktop Floorp + uBlock and i also try to support FairPlay (an alternative to youtube that is still in development) how i can (can't do much rn but i can at least spread the voice)
A store can give me the same item another sell.
Peertube can't give me a video of TheLoneGamer or MorroLinux
Because all the videos are still there.
If that seems like a self-perpetuating problem, it's because it is.
good. fuck VPNs (other than for business purposes)
What's wrong with VPNs for personal use? Serious question; I've never seen someone opposed to them.
people use them to mask their identity and attack others online
What’s your real name and address?
Seems like you’re using 1985MustangCobra to mask your identity. We should ban all online usernames and tie everything to a digital Id
that's not the same, if i was commit a hate crime for example, on this profile, and the police investigated it, they can get my ip address from my client connection. however, someone doing the same and masking their ip address with a VPN to like, i dunno, sweeden but they live in the UK, is a big problem when VPN providers make bold claims of "protecting your identity"
Getting an IP isn't even enough since the average user has a dynamic IP resolving to a box or center nearby but not yheir actual home address. They'd have to subpeona the ISP, which isn't necessarily compelled to comply.
Hell, my IP doesnt even resolve to the same city I am in.
Here ips resolve to neighborhoods
You’ll be happy to learn that most don’t protect anything.
They have tons of legitimate uses
so you want the government to be able to geolocate anybody? alright reddit, this one escaped
so you want the government to be able to geolocate anybody? alright reddit, this one escaped
People do that even more without a VPN.
That's one small use case. There are many other legitimate uses for them. Seems a bit odd to be so against them because they might possibly be used for nefarious purposes. Have you personally been victimized by a VPN user?
You sound scared. You don’t have to be online if there is too much risk of you getting your feelings hurt, you can just go touch grass. Even the people you don’t like have a right to privacy.
I think alot of people online need to touch grass.
I think you should probably take your own advice.
i do touch a lot of grass. just cut the lawn today, front and back.
im sorry sir you need to hand over all your knives because LUNATICS use them to attack others also put this straitjacket on while youre doing so, as MANIACS use their fists to attack others