Your browser (Internet Explorer 6) is out of date. It has known security flaws and may not display all features of this and other websites. Learn how to update your browser.

When is a Proxy Secure?

For many people, using proxies is an essential step to enable security and personal privacy.  They will know that every time they use the internet for anything that a record is kept in many places about their activity.  Often it’s just a small cookie or a record in a log, but at your ISP for instance there is a complete record of every site you visit, every file download and every video watched.   This is where the authorities go for instance when they want to investigate something, your ISP.

So it’s hardly surprising that many people seek to hide some of this information, you don’t need to be an international jewel thief or extremist terrorist to want a little more privacy than is currently available to the average internet user – i.e none at all.

So then they look at proxies, and indeed a ten minute Google search will point you in this direction.  The proxy server will sit in between you and the web site you visit, meaning that they cannot record your visit properly – only the proxy address.  You’ll still get everything logged in your ISP though unless the connection is encrypted perhaps using a VPN or SSH instead.

But here lies a problem, proxies can offer a layer of security but only when they are configured and administered properly.  If they aren’t then you are merely handing over yet another complete record of your online activity to another server.  In fact it can be worse than that, lots of of the ‘free proxies’ available online are only put there to steal and harvest people’s data.  Enterprising hackers will take over these open proxies and log all the data that is transmitted through them – looking for usernames, passwords and identity information that can be used to make them money.

The internet is swarming with free proxies, using the vast majority of them is a really bad idea. I logged into four the other week completely at random and all of them were completely insecure in fact two of them had the proxy service itself running in the context of the ‘root’ account – something only a real IT novice would ever do and extremely dangerous.  The reality is that a server is only secure when someone is taking the time and effort to ensure it is secure – that knowledge and effort is rarely available for free.

However if you’re only using a proxy to stream video, perhaps from BBC iPlayer or another media site then perhaps a free proxy could work?  After all there’s no personal data just a stream of video so what’s the harm?

Well nothing really, the problem here is much more about practicalities, all these free proxies are completely overloaded and run at a pitifully slow rate.  Occasionally you’ll unearth a little fast gem that has escaped notice by the proxy scrapers – but it won’t be fast for long -rarely longer than an hour or so.  Expect to spend more time looking for new servers than using them.   If you can afford it then a paid subscription is definitely the way forward.  Here’s one I recommend in this video – Fast Proxy Server.

As you can see the proxies in this program run very quickly indeed, if you want to stream HD or even standard resolution video or media then a slow proxy will make most un watchable.


Lost, Gone from Netflix but Not Forgotten

I used to love Netflix, it’s different, has lots of great movies/series and it’s very easy to access using Smart TVs or my favorite the Roku. But this Summer they pushed me too far, I had ‘discovered’ the show – Lost about 8 years later than everyone else. I’d listened to everyone rave about this, glazed over as they discussed strange sound plots and completely ignored it – mainly due to the hype. Well one day I noticed it on my Netflix account and thought I’d give it a try, the rest is a story about obsession. For a few days I watch a couple of episodes a day – right up to my vacation. I couldn’t wait to get back to complete the series but when I returned it had gone !!!!

Lost no longer appeared anywhere on the listings, a search revealed it was ‘unable to stream’. A Google search revealed lots of very upset people like me, stuck on an episode somewhere, stranded at some cliff hanger movement and now we were all ‘Lost’.

No warning, no countdown enabling you to take a few days off work and cram them in. One day Lost was there and the next day it had completely disappeared, what a wonderful way to treat your customers! Well a little research, led me to a few conclusions – firstly the show had only actually been removed from the UK Netflix, secondly Lost was still streaming on the US version and lastly my account would work on US Netflix if I had an American IP address.

So here’s what I discovered –

The truth is that if you use IP cloaking software like Identity Cloaker and hide your real IP address – you can be watching US Netflix irrespective of your real location.  If you haven’t checked it out, then you’ll also discover that the US version had loads more shows and films – usually much more up to date stuff too.  So it doesn’t matter if you’re in Canada, Germany, UK or Italy then you don’t have to stick with the version of Netflix you have been assigned you can pick your own.

You don’t need to open a new Netflix account, they seem to be global but just redirected to the country you are in.


How to Watch Canadian TV from the US

Most of the blocks, bans and filters online are based on your location. It’s slightly ironic that the internet was meant to bring us all together, yet most of the world’s media sites are working out ways they can block people from different locations.

Canadian TV - CTV

Anyway the vast majority of these sites simply look up your IP address when you connect before deciding if you watch or not. So for example to watch CTV the Canadian broadcaster, you’ll have to be based in Canada or connect from a Canadian IP address.

Unfortunately it’s difficult to control your real address as this is assigned to you when you connect to  the internet by your ISP.  Although it will sometimes vary, it will always be linked to the country you are connecting from.

Fortunately, you can hide your real IP address by conencting via an intermediary – often known as a proxy or VPN server.

How to Watch CTV Outside Canada

Anyway the easiest way to see how it’s done is to watch this short video.

That’s all there is to it. Using a program like Identity Cloaker means you can swap your IP address with a click of the mouse whenever you like. Switch to a Canadian one for CTV, then back to a US address for Hulu followed by a British IP address for the wonderful BBC iPLayer – more here –

If you want to do it for free, you’ll need to find a free Canadian proxy you can use and modify your browser settings to use it instead. It’s not hard to do but unfortunately it’s difficult to find the servers, proxies and VPN servers are very expensive things to run.

You can try it out by using the Identity Cloaker trial account – 10 days of CTV, Iplayer, Hulu or whatever you need to check it works for a few dollars – for the price of a coffee and sandwich you’ll be impressed I’m sure!


Just to Share

You know sometimes you just wanna share a song…….

It’s worth a listen….


A Bad IP Address

Hackers using IP Address

Of course, if I said someone lived in a ‘bad neighborhood’ or was rejected for a loan due to a bad credit score then you’d all know what I mean.  But in this ever increasing online world there’s another aspect to your existence that can have an affect on your life – and that is your IP address.

Your IP address is of course your unique identifier assigned to your computer when it’s online.  It’s full name is internet protocol address and you can read the technical background on the wonder of IP and it’s role in TCP/IP here.  But suffice it to say, that without this address it is impossible to communicate online, it allows you to visit websites, download films and DVDs and send emails and just about every thing else available on the web.

In fact your IP address will already partly affect some areas of your online experience.  Have you ever been blocked from a site or video? Perhaps tried to watch something on YouTube  and been told it’s not available in your country?  Well that’s all down to the location of your IP address – mainly what country it originates from.

Your IP Address

 So if you do a quick search online, many sites will tell you that to find your IP address – just select command prompt type in the command ipconfig /all as I’ve done in the screen shot above.  From this screen you might suppose that my IP address is as circled.  This is actually a private IP address and is only valid in my internal network – it’s not my real internet facing address.   Within my house like millions of other people I have multiple devices like laptops, phones and PCs all connected through my internet connection, these internal addresses allow them to communicate through my single real IP address.

To find your real IP address, you need to look at the configuration screen of your modem or router, the device that actually connects through to your internet provider.

Here’s mine –

Real IP Address

Well a bit of mine, obscured for privacy reasons !  This address is allocated by my ISP to my connection and all my devices will appear to the internet to be from this single IP address. So my son, downloading games to his Xbox will appear at the same address as my wife and I surfing from the same location – we all originate from the same single address.

About Bad IP Addresses

So although at any point in time, your connection will be the only one online using this particular IP address – it doesn’t mean you always have.  If you can see from the screen shot – the address has been assigned dynamically from my ISP – who basically have a big pool of addresses which they allocate individually to their customers.  All the addresses will be assigned from this database which are registered to specific providers and countries.  This is how geo-targeting works – everyone knows which country an IP address is assigned to.  Which is why you’ll need a US IP address for Hulu and a UK address for BBC Iplayer, anyone can look up which country and IP address is located in very easily.


Sometimes an IP address can be used to send out millions of spam messages, attack websites or download and share pirated software and films.   Most hackers and spammers will normally try and use someone else’s address to hide their location – obtained via viruses and malware without the owners knowledge.

This is the sort of behavior that can find any IP address blacklisted – on some of the thousands of lists of ‘bad IP addresses’.  Many of these lists have been developed to combat Spam and so mail servers across the world can block any mail received from them.  Unfortunately IP addresses are routinely shared and reallocated to you can easily end up with one these being issued to your connection.

Common scenarios of being allocated a ‘bad IP address’:

Problems Buying Things Online 

Ever tried to buy something online and found your payment couldn’t be processed?  You might get some generic error message from the retailer saying it couldn’t accept payment or something similar.  This may be that your IP address has found itself onto a blacklist somewhere.  Frequently IP addresses are blocked if they’ve been used by online criminals perhaps with stolen credit card details or similar.  Some of the spam lists are also used by big payment processors – some companies block addresses from whole countries, certainly a problem if you’re accessing the internet from somewhere like Nigeria.

Difficulty with Sending Email

If your address (or worst your mail server address) has been put on an internet blacklist you may find problems with emails.  Maybe emails bouncing back undelivered often with obscure sounding error messages.  Many of the big webmail providers like Hotmail and Yahoo will routinely block emails from IP addresses on the blacklists.

Accessing Websites and Forums

Internet blacklists are often used by many sites to try and prevent spammers and hackers accessing the sites. Many websites will automatically block access from IP addresses which try and login to secure servers for example. Here’s the message I get whenever someone tries to hack into one of my websites.

IP: (CN/China/-)
Failures: 5 (sshd)
Interval: 300 seconds
Blocked:  Permanent Block

Log entries:

Sep 13 04:51:36 xenon sshd[23175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=  user=root
Sep 13 04:51:38 xenon sshd[23175]: Failed password for root from port 6291 ssh2
Sep 13 04:51:41 xenon sshd[23179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=  user=root
Sep 13 04:51:43 xenon sshd[23179]: Failed password for root from port 4974 ssh2
Sep 13 04:51:46 xenon sshd[23185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=  user=root

You can see that after three failed logins, the system will now block any attempted access from that specific IP address. It wouldn’t matter if that IP address was assigned to a different person or location, until that restriction is removed you wouldn’t be able to view my website using that address.

There are further questions 0f course – how do I find out if my address is blacklisted? How can I change my IP address?  Which I will try and address in my next post –


The Risks of Social Media for Activists

There’s no question that social networking websites have demonstrated a main tool for activists who want to expose oppression of the authorities. But this independence comes at a cost, a tremendous danger to these posting, filming or actually showing in such signs.

Even though the advantages of showing this ferocious behavior of their state police is apparent, many individuals don’t think about the dangers involved with both recording and publishing up this kind of proof. There’s a prevalent and fairly naive notion that authoritarian governments and their protection providers take small notice of the dangers set by social media websites like Facebook, Twitter and Myspace – nothing could possibly be farther from the reality.

The thought that persons from places like Iran, Kazakhstan or Syria may function freely on the web without limitations or hazards is just not the case. This type of Online Utopia just doesn’t exist and anybody who posts clues and video reports puts themselves in a tremendous danger. Monitoring individuals from their electronic activities is readily completed with the best assets – and attempting to stay private online is a lot harder than most picture.  Of course getting that information online is extremely valuable to any activists – seeing crimes airing on the BBC Iplayer will reach millions of people (this is useful).

Conceal Your Tracks Online

The truth is that these web sites are seriously supervised also it is very hard to protect your tracks in it. Infiltration of an on-line team or getting the contact list of a recognized capitalist from a social media site gives hundreds to security forces of suspects to follow.

The real pictures or movies also put the individuals portrayed at great danger. Picture you took a movie at an occasion or demonstration to demonstrate the assault of some authorities or security causes. Such events would be brought by it of course to globe observe but on most of the demonstrators engaging information could be also provided by it.

You will find several really sophisticated face recognition systems available to plans who need to identify demonstrators. Plus extremely common for regulators setting up internet sites with pictures reproduced from these photos and movies to be able to recognize activists.

One program that has been developed to be able to try to help offset this danger is called Obscuracam created by a threesome of companies – SEE, The Protector Undertaking, as well as the Worldwide Club Association. Currently on Android it’s a free program which permits customers to censor their pictures and movies before importing.

It allows consumers to unknown the identities of topics easily and quickly from their telephone with no importance of photograph editing software which just may not be accessible while you can observe. It is also utilized to unknown any additional visible details that might be best hidden.

You will find additional characteristics permitting the consumer to establish safe places to eliminate metadata in the picture to add the pictures and.

You may get ObscuraCam from the Android marketplace or from the Protector Project Link above. Ideally it’ll make the courageous activists who endure these repressive, violent plans a small safer.

You should bear in mind though that nearly every government (oppressive or maybe not) has substantial resources tracking these social media web sites. Be cautious what you post up on the web wherever you live.

Update: Found this post which may be useful for people in Iran, Syria etc, where Facebook is blocked.  It uses the demo mode of a security program called Identity Cloaker – but both Twitter and Facebook are enabled.  Completely free in this mode and worth checking out to update on the two social media sites – it’s called Facebook blocked and check this video out.


How to Watch BBC Iplayer in the US on a Wii

There’s lots of little fancy media streaming devices out now, but for many people looking for something quick and simple to watch online stations like the BBC Iplayer on their TV screen – then a good option is the Nintendo Wii.  Many people already have these and they stream media as well as most commercial devices.

Watch BBC Iplayer
But of course just like your computer most of these online channels are restricted to the country they are broadcast from – so you need to be in the USA for Hulu, the United Kingdom for BBC Iplayer and so on.

It’s of course easy to bypass these blocks using a security program like Identity Cloaker on a PC, you just click on the country you want to be in, but can you use the same functionality on other devices such as the Nintendo Wii?

Well the simple answer is yes ! In fact you can switch the location of your Wii to any country where they have a server based – e.g. France, United Kingdom, USA, Canada or Australia for example – so use a US proxy site or a UK one depending on your needs.  This also works for some of the other commercial VPN/proxy services,  just ask their support desks for help.

So here’s how it works for watching BBC Iplayer on a Nintendo Wii in the USA by using Identity Cloaker.

Obviously you’ll need to connect your Wii to the internet first, which is fairly straight forward. If you’re actually in the UK then all you need to do is go to the shopping channel from the main screen and download the BBC Iplayer channel and that’s it.

For Anyone Outside the United Kingdom – it’s slightly more complicated as you won’t be able to see that channel available.   First of all change your country settings –

Wii Options> Wii Settings> Country> Change to UK

This  is what controls what’s in the shopping channel – when set to the UK you’ll be able to download BBC Iplayer, you can change it back after if needed.

However this won’t fool the BBC Iplayer website if you’re not in the UK, because it will check your IP address when you try and watch anything.  To do this you have to hide your real address and connect using a server based in the United Kingdom.


I will do this using my Identity Cloaker account as follows –

  • Go to the Wii System Settings Page and select the Internet connection tab.
  • Select  the connection you are using and scroll down to proxy server settings.
  • Enable the Proxy Server and select advanced settings
  • Pick one of the IP address of an Identity Cloaker UK server and use Port 4040
  • Input Your Identity Cloaker –  Username and Password
  • Save Settings and then Watch the BBC

You can get the IP address and your username/password from the Identity Cloaker support team or it’s listed in the members area.  If you’re using a different service just contact their support for the same information – as long as they accept authentication in this manner then they all should work.



USA Privacy – Utah NSA Data Center

At the moment the press is full of the stories of cyber spying, surveillance and the NSA whistleblower – William Binney.  Fair play to the man, it takes courage to stand up against the NSA but he’s definitely not the first.  This particular organisation have been spying on our internet traffic for years and the huge spying complex being completed in Utah is merely the centralization of a spying network which has been up and running for many years.  I am of course referring to the infamous Room 641A in San Francisco which was brought to the public attention by another brave whistle blower – Mark Klein.

Mark Klein was a contractor like William Binney working in AT&Ts switching center – a major part of the US internet backbone, when he became aware of a particular room in this building run by the NSA.   Room 641A had been set up as a network tap, with effectively all the internet traffic that passed through this center being copied and routed into this room.

Inside the high security of this room sat a device called the Narus STA 6400 – a device capable of intercepting and analysing huge amounts of network traffic.  No prizes for guessing what was going on here then! Mark Klein, gathered some proof together and exposed the room and it’s function to the world, leading to a court case brought by the EFF.

William Binney has brought the story up to date, and demonstrates that the NSA have never really stopped gathering this data. Here’s the story from Democracy Now – (edited ‘cos they deserve a link!)

The reality is that this new facility is no real secret, nor the methods being utilized by the world’s security organisations.  There were lots of ‘Room 641As’ all across the US and indeed the world, capturing, logging and storing details of all the network traffic on the planet.  It was always going to happen anyway, at least while we used an open, distributed and shared network like the internet to communicate.

The Mark Klein episode was nearly a decade ago now, and obviously just rooms are not quite enough nowadays.  There’s lots of talk about legality, permission and here in the UK the Foreign Minister insisting that legal due process is always followed.  The reality is that it’s much, much  easier for a security organisation to capture all traffic – emails, web browsing, phone calls, search enquiries  and everything else than it is to selectively capture the communications of individual suspects.  Far simpler to dump the whole lot into huge databases and then data mine, or search for the information you require.   If they could somehow just harvest ‘terrorist related data’ then I’m sure nobody would mind very much but they can’t.  The data is ours –

this data is your web history, your emails, your search history – what you do online – at anytime from anywhere.

Had a few drinks? Watched Zero Dark 30? Then proceeded to flounder around the web using lots of ‘terrorist keywords’ . Well it doesn’t matter if you’re a kitchen fitter from Manchester – you’ll raise a few flags on a database somewhere…..and it could very well be via PRISM and the NSA, who might mention it to GCHQ!

Anyone who would believe that all this data would sit untouched, unmonitored and unanalysed until it’s needed is I’m afraid sadly deluded.  Effectively we’re all turned into suspects – the PRISM project and the huge UTAH surveillance center changes nothing except perhaps the efficiency and scope.

So that’s it, all semblances of privacy whilst using any form of electronic communication gone.  Millions of people’s privacy waved aside on the chance of catching the odd terrorist now and again.  Of course there is another issue there, there are ways of keeping your privacy even now such as using a VPN.  The methods of using security products, VPNs, false IP addresses and encryption can ensure that your data is not accessible by  these broad sweeping exercises.  Of course this is what the terrorists will do, at least the ones with a half a brain cell between them.

Which leads to the conclusion that the NSA will most only be snooping on the innocent….


How to Watch RTE USA, UK When Not in Ireland

Another post for those missing their favorite TV channels just because they are outside their home country. This ones about accessing RTE from the US, or in fact anywhere that’s outside the Irish Republic.   RTE player is a great little site linked to the Irish National broadcaster – RTE (Raidió Teilifís Éireann). people-ireland

As usual though if you’re not actually in Ireland when connecting to the website then it won’t work for you, although you can access some of the radio content and sometimes the Irish news.  I always think this is a bit strange as the people who will want to watch things like RTE and the GAA over the internet will mostly be Irish people living in places like the UK and USA!

So How Do I Watch RTE in the US/UK?

It’s not actually that hard to do, when you connect to RTE player the site determines your location. It does this by checking the location of your IP address – if it’s an Irish IP then fine but anywhere else and you get redirected to the international version of RTE player which blocks most of the decent shows and all the sport like GAA.

So all you need to do is change your IP address to an Irish one. It’s actually not that easy to change your real IP address as it’s controlled by your ISP and is linked to the country you connect from. Fortunately there is another way, and that is connecting via a VPN or proxy server, when you do this the web site see’s the servers address and not your real one. So if the VPN server is in Ireland, you will also appear to be in Ireland and all Irish only resources like RTE Player will work just fine.

There are quite a few companies who offer these services, but only a handful worth considering especially if you need an Irish IP address. Here’s the one I use a security program called Identity Cloaker. I like it because it’s well priced and has lots of fast servers in different countries which is useful for accessing sites like BBC Iplayer, Hulu etc which also block access from outside countries.

It’s a little program which sits in the taskbar and you simply select the country you need to connect to –


So for RTE we’d obviously select one of the Irish servers and then press connect.  You then open your browser as normal, and when you visit the RTE player site, you’ll get the Irish version of the site rather than the International one simply based on your IP address.

RTE Player with Irish IP

Using the Irish server you can watch anything on the site as RTE considers your location to be Ireland.

It’s extremely easy to use and the servers are very fast which is essential if you’re going to be streaming video across them.   You can also access some fantastic sites in other countries simply by selecting the matching country – try Hulu by using a USA proxy, BBC Iplayer in the UK or there’s some great online TV stations in Canada and France for example.   They’re all included in the subscription which only costs a few dollars – here’s the program in action.

If you want to access RTE in the US then give them a go, you can get a 10 day trial here, which only costs a few bucks.


Looking for a High Anonymous Proxy – Some Thoughts

If you’re looking for a super secure, highly anonymous proxy then it can be rather confusing.  After all what does constitute such a server, there are no real definitions only opinions.

The first thing to be aware of is that if someone just adds the word secure or highly secure to their description it means nothing.  There are literally thousands of one page proxy servers running as default installations on some free web hosting space which describe themselves as secure – they are not.   To keep a proxy secure needs time, technical skill and a very real commitment to keeping the infrastructure secure.

For instance, there are loads of people running proxies who never even consider the question of which user context the proxy should be running in.  It’s actually very important but surprisingly a huge number of people run their proxy services as root.

This is a very bad idea, not only does this potentially give an attacker a very real chance of obtaining complete control not only to the proxy but the server it runs on.  The slightest bug or vulnerability in the service can be exploited – there goes the server, the data, user accounts and logs.

A Step Towards a Properly Secure Proxy

Someone more security aware might run the proxy service in the context of the ‘nobody’ user.   The advantage of this account is that it has no real administrative rights or privileges and there the integrity of the server is maintained even if the account is compromised.  It does have some rights though and can access public directories and any other directories or services running in the ‘nobody’ user context.

But the real secure way is to create a dedicated user account specifically to run the proxy server in.  It would have no other function and importantly no other rights or permissions applied.   This protects the server, the logs and any users data that may be on the machine.  It’s a simple point but a fundamental step in running a truly secure proxy server and giving you a secure IP address to use – 99% of the proxies you find online won’t be set up like this.

The unfortunate thing is that people tend to imagine that a proxy server that obscures your IP address adds a level of security and anonymity automatically.  This is simply not the case and a badly configured proxy is far worse than using no proxy at all.   Remember that when you use a proxy server all your data is diverted through that server and everything is probably logged too. It’s a huge risk using a badly configured server, whether it’s meant to be a simple porn proxy or highly secure VPN!

The security of the proxy server is really dependent on the technical expertise of the people who set it up and run it.  You’ll never get a secure proxy server for nothing simply because professionals don’t work for free. Kids running proxies on free web space who have no concept of security – do however.

Updated Content and Tags – May 10th, 2013


Get every new post delivered to your Inbox

Join other followers