[bsharitt]

Disney+ had inexplicably blocked my IP address for "being a VPN" for close to year, despite me never running a VPN from my home network. Though the block didn't stop me from watching their content, it just stopped me from paying for, which I was more than willing to do and spent far to long dealing with their support to try to make it happen.

If the same thing happens with Netflix, it also won't keep me from watching Netflix content, I'll just stop paying for it. Other than the aforementioned Disney+ content, I rarely pirate anything these days and I'd rather not if I can help it.

[stefan_]

Maybe you just didn't realize? A lot of Chrome extensions are now backdoored with Infatica spyware that literally turns your browser into a proxy for.. whoever:

https://infatica.io/

It's beyond me how Google doesn't scan for this and bring the hammer down. Too busy refining modal popups from iframes I guess.

[userbinator]

On the other hand, if everyone looks like they're running a VPN, then maybe the companies will be forced not to discriminate. (Although I suppose the same disclaimers about running a Tor exit node apply.)

[jandrese]

Spoiler alert: they will still discriminate.

It's not like Netflix enjoys making it a PITA to use their service, but the people who on the content care a great deal about it. They leverage these disparities to maximize their cash flow.

[cxcorp]

Same as Bright Data (https://brightdata.com/), formerly Luminati Networks, who apparently use or used HolaVPN customers [1] as exit nodes for their proxy networks and data collection infrastructure. Their current website sheds some light into how they get their residential and mobile IPs [2] (emphasis mine):

> Bright Data attains its peers (Residential and Mobile IPs) through the Bright SDK, which is integrated into applications as another form of app monetization.

> App users are presented with the option to opt-in to the Bright Data Network and become a peer (share their device idle resources) in exchange for an ad-free or free application. All peers sharing resources with the Bright Data residential network have personally opted-in and may opt-out at any time.

It would be nice to know which applications have their SDK integrated, so I could avoid them.

[1]: https://www.trendmicro.com/vinfo/hk-en/security/news/cybercr...

[2]: https://brightdata.com/ethical

[TedDoesntTalk]

Some NordVPN clients turn your device into a proxy server which the other side of the NordVPN business (OxyLabs) sells to other customers.

[quenix]

Is this true? I use NordVPN clients on my Mac and iOS device. Could you point to a source for this?

[Cycl0ps]

Well that's concerning. What's the actual use case for this? It's certainly not priced to compete with traditional VPNs. Half tempted to install this on a machine as a honeypot and see what traffic comes through.

[Jxl180]

Retail bots and sneaker bots. Botters buy proxy IPs in bulk. When botters buy limited edition Nikes using bots, each “task” uses a different proxy, so they can increase their chances by appearing to Nike to be different customers. 500 tasks on a single shoe with 500 proxies and virtual credit cards looks like 500 different people when it’s really just one.

There are two different kinds of proxies (basically — there are more nuances I don’t want to get into): Datacenter (DC) and Residential (Resis). DC proxy servers are blazing fast but easy for a retailer to determine the traffic is coming from a datacenter like AWS so there is a high risk of getting the IP banned. Resis are slower but they are residential IPs so slower but less likely to get banned because they look like traffic from average consumers.

If the average buyer of proxies is buying 100+ IPs per month and IPs get banned constantly, proxy providers need a massive pool of millions of IPs running on residential addresses. That’s where these “free” VPN come into play. The consumer gets no-cost VPN, but their PC becomes an exit node for these residential IP proxy providers who charge people for the proxy access. There are tons of proxy providers but I think most are just reseller accounts of a few massive firms that run the show.

I am only speaking on the topic from a purely technical perspective. I do not want to discuss or spark debate around the ethics or people’s displeasure with the existence of botting and/or scalpers — you asked for a use case, and I’m only answering the question with a multi-billion dollar use case.

[brundolf]

> If the same thing happens with Netflix, it also won't keep me from watching Netflix content, I'll just stop paying for it

The Disney+ one sounded like a (hilarious) bug in their logic. Not sure why that would translate to Netflix

Edit: I may have misunderstood. I thought Disney+ was blocking the user from paying for Disney+ but not from streaming Disney+. I missed the implication that they started pirating the content.

[dmurray]

I don't think it's a hilarious bug in their logic, just collateral damage in the war between VPN providers and Disney/Netflix/etc. The VPN providers try to get IP ranges that look like residential IPs. Ideally they rent them from the same ISPs who really do provide residential service. By the nature of the traffic, Disney can't tell for sure that it's coming from a VPN - just something like "a suspiciously large number of users connected from this range, especially users who currently seem to be travelling internationally".

Perhaps the user had a dynamic IP address and kept getting one in the same range that was also used for VPNs. Perhaps he had a static one but Disney banned ranges by the /28 instead of individual addresses.

[3np]

Not only that, some VPN providers run through actual residential IPs acquired through browser extensions, apps, and smart devices.

[TedDoesntTalk]

Some official NordVPN clients turn your device into a proxy server which the other side of the NordVPN business (OxyLabs) sells to other customers.

[alacritas0]

Do you have a source to support that claim?

[3np]

I don't have time to dig up anything authoritative right now, but I assumed this was common knowledge and uncontroversial. It is precisely this kind of practices (reusing/selling/buying user and customer IPs - there are companies that specialize as brokers) that allows them their low prices while generally not getting blocked by services like Netflix, and I suspect it's also what's behind the move from NF.

[DrBenCarson]

For anyone else who also read it as a big: the Disney+ user above torrented (most likely) the Disney content while not being a customer (a decision that was taken out of his hands).

I agree--they're not denying me their content, they're denying my payment. If this is really where they want to go, they know how it ends (read: someone disrupts their model and they get left in the dust).

[majormajor]

There are companies who sell lists of suspected VPN IPs. If Disney+ and Netflix used the same list, you could get blocked from both.