HN

Need help?
<- Back
VPN location claims don't match real traffic exits

VPN location claims don't match real traffic exits

mmaia

Comments (110)

  • systemtest
    I'm a big VPN user since I am the citizen of one country and the resident of another. Even for government services I have to use a VPN. I tried to access the bureau of statistics of my home country through my foreign residential IP and got 404s on all pages. Enabled VPN and everything magically started working. For watching the election result video stream I also had to VPN but at least that one gave me a clear message. For doing taxes in my home country I then have to disable VPN since all VPN access is blocked but it's OK to use a foreign residential IP.I would easily pay €30 a month for a VPN in my home country that uses a residential IP and isn't noticeable. I am aware that those exist, but 99% of them are shady.
  • reimertz
    I know multiple people who worked / working at Mullvad and they take their business, security and privacy _very_ seriously. Not surprised to see them shine here.
  • varenc
    Very interesting to learn you can identify the real country/area of origin using probe latency. Though could this be simulated? Like what if the VPN IP just added 100ms-300ms of latency to all of its outgoing traffic? Ideally vary the latency based on the requesting IP's location. And also just ignore typical probe requests like ICMP. And ideally all the IPs near the end of the traceroute would do all this too.To use an example, 74.118.126.204 claims to be a Somalian IP address, but ipinfo.io identifies it as being from London based on latency. Compare `curl ipinfo.io/74.118.126.204/json` vs `curl ipwhois.app/json/74.118.126.204` to see. If that IP ignored pings and added latency to all outgoing packets, I wonder if that would stymie ipinfo's ability to identify its true origin.
  • tallytarik
    Most of these providers are in fact open about the fact that these locations are “virtual”, so it’s misleading to say they don’t match where they claim to be.There is however an interesting question about how VPNs should be considered from a geolocation perspective.Should they record where the exit server is located, or the country claimed by the VPN (even if this is a “virtual” location)? In my view there is useful information in where the user wanted to be located in the latter case, which you lose if you only ever report the location of servers.(disclaimer: I run a competing service. we currently provide the VPN reported locations because the majority of our customers expect it to work that way, as well as clearly flagging them as VPNs)
  • why-o-why
    I tried to use ProtonVPN when I switched over to ProtonMail a year ago. But so much of the web does not work when you're on a VPN. For example even HackerNews has VPN restrictions. More and more sites know where VPN endpoints originate. How will VPNs prevent this in the future without them just become easy to block?
  • anon
    undefined
  • Beijinger
    I am not sure that I really understand what they did. I am also missing some major VPNs in the list. I currently use AirVPN but this has something to do with my use case and pricing.Why do you want to use a VPN?- Privacy- Anonymity (hint: don't!)- unblock geolocation- torrents- GFCThe last point is the hardest.https://expatcircle.com/cms/privacy/vpn-services/
  • snickerer
    I can't connect to this site because my adblocker doesn't like it. It seems to be on the bad-domain-list https://www.cromite.org/filters/badblock_lite.txt. Now is the question: is ipinfo.io on this list for a good reason?
  • ramity
    Contrasting take: RTT and a service providing black box knowledge is not equivalent to knowledge of the backbone. To assume traffic is always efficiently routed seems dubious when considering a global scale. The supporting infrastructure of telecom is likely shaped by volume/size of traffic and not shortest paths. I'll confess my evaluation here might be overlooking some details. I'm curious on others' thoughts on this.
  • HotGarbage
    While exits matter to avoid countries with a nation-wide firewall, the geoip industry is a scourge.If an ISP wants to help their users avoid geoblocking via https://www.rfc-editor.org/rfc/rfc8805.html more power to them.
  • crazygringo
    Is there any real-life situation in which this matters, though?If you're picking a country so you can access a Netflix show that geolimits to that country, but Netflix is also using this same faulty list... then you still get to watch your show.If you're picking a country for latency reasons, you're still getting a real location "close enough". Plus latency is affected by tons of things such as VPN server saturation, so exact geography isn't always what matters most anyways.And if your main interest is privacy from your ISP or local WiFi network, then any location will do.I'm trying to think if there's ever a legal reason why e.g. a political dissident would need to control the precise country their traffic exited from, but I'm struggling. If you need to make sure a particular government can't de-anonymize your traffic, it seems like the legal domicile of the VPN provider is what matters most, and whether the government you're worried about has subpoena power over them. Not where the exit node is.Am I missing anything?I mean, obviously truth in advertising is important. I'm just wondering if there's any actual harm here, or if this is ultimately nothing more than a curiosity.
  • atmosx
    Using FreeBSD dummynet it’s possible to modify the characteristics of network traffic and emulate e.g. Somalia performance from a datacenter in France.
  • cluckindan
    This seems like circumstantial evidence for most VPN providers mostly serving customers who are in the business of spreading targeted misinformation on social media.
  • lossolo
    And it's super easy to do. I had my own ASN and my own IPv4 and IPv6 address space, you basically just write whatever you want into RIPE Database objects (or ARIN, APNIC etc.) Today your IP space can be in one country, and tomorrow in a different one.
  • Papazsazsa
    Cool, even our privacy protection is fraught with scammers and liars.
  • drnick1
    Looks like the link is dead.
  • illusive4080
    Mullvad is the only VPN I will ever trust. Yet again they ace the test.
  • anon
    undefined
  • ctippett
    I get advertisements for VPN providers almost everywhere. I've never been interested, but I do subscribe to Mullvad via Tailscale. So, I'm thankful and appreciative that they did their due diligence and partnered with a reputable provider. I've been very happy with the service.Edit: Welp. How could this possibly be my most downvoted comment. Am I not entitled to an opinion? I ain't no AI.
  • eek2121
    This was a dumb study, and if they'd asked the VPN providers, I'm sure someone would tell them why.All the VPN providers I've used let you select the endpoint from a dropdown menu. I'm not using a VPN to make it appear I'm in Russia, I'm using it as one of many tools to help further my browsing privacy.My endpoint is one of 2 major cities that are close to me. Could I pick some random 3rd world country? Sure! That isn't the goal. The goal is to prevent my mostly static IP address from being tied to sites I use every day.EDIT:Small point of clarification:All the VPN providers I use have custom or 3rd party software that allows you to select a location for the VPN. All of the VPN providers I've used also select the location with the lowest ping times as a default. I suspect most folks are just sticking with the defaults. I certainly haven't strayed outside the US/EU for any of my attempts. I have occasionally selected an EU location for specific sites not available in the US, where I live, but beyond that?