[jdhawk]

I'm sure all of these boxes come pre-configured with a VPN Service, but all the standard protocols can still be detected with Deep Packet Inspection, something I've seen AT&T do (and block) pretty effectively. I guess there area always the StealthVPN/Chameleon providers out there that try and mask the signature of "what" is going over the VPN - but enough of that and I'm sure they'll nix those connections as well.

[SadWebDeveloper]

DPI is a sham, most of those specialized HW (sold by pseudo IT security gurus) just assume that any VPN connection "is bad" and procced to block them, there is no way to detect a pattern on a (decently-configured) VPN, there is a reason China (the biggest investor on that this type of tech) is mandating Apple and Google to delete all the VPN apps on their stores.