Netflix VPN detection - actual engineer needed
Steve Atkins
steve at blighty.com
Mon Jun 6 16:02:49 UTC 2016
> On Jun 6, 2016, at 8:21 AM, Tore Anderson <tore at fud.no> wrote:
>
> * Spencer Ryan
>
>> As an addendum to this and what someone said earlier about the
>> tunnels not being anonymous: From Netflix's perspective they are. Yes
>> HE knows who controls which tunnel, but if Netflix went to HE and
>> said "Tell me what user has xxxxx/48" HE would say "No". Thus, making
>> them an effective anonymous VPN service from Netflix's perspective.
>
> Every ISP would say «No» to that question. In sane juridstictions only
> law enforcement has any chance of getting that answer (hopefully only if
> they have a valid mandate from some kind of court).
HE.net run a perfectly good rwhois server which has my town, state, country
and zip code for my personal IPv6 tunnel, just the same as they have
full contact information for my HE-provided business IPv6 space.
> But Netflix shouldn't have any need to ask in the first place. Their
> customers need to log in to their own personal accounts in order to
> access any content, when they do Netflix can discover their addresses.
The content providers are concerned about who is consuming the
content, not who is paying for it. Those needn't be the same people,
and given how careful people are not to share netflix creds with friends,
often won't be.
Netflix could stomp on credential sharing, but they don't seem to particularly
want to. Blocking a few VPN providers seems a figleaf to keep the content
providers happier while inconveniencing relatively few end users - anyone
who's using a VPN or tunnel anyway can probably change things around
to avoid the blocking with little effort.
Cheers,
Steve
More information about the NANOG
mailing list