Restore Privacy recently published it.[0] It focuses on identifying undisclosed use of virtual locations (technically, PoPs) by some popular VPN services. It's basically more of what I did in an IVPN guide, a couple years ago.[1] Which in turn was triggered by a post on Restore Privacy.[2] I submitted it yesterday to Hacker News, and got many good comments and suggestions. And some criticism.[3] So it's worth reading too. 0) https://restoreprivacy.com/virtual-server-locations/ 1) https://www.ivpn.net/privacy-guides/how-to-verify-physical-locations-of-internet-servers 2) https://restoreprivacy.com/vpn-server-locations/ 3) https://news.ycombinator.com/item?id=21928934
yeah, it's a known fact that the most of the big names in the industry use vps's instead of bare-metal. thousands of servers in hundreds of locations, yeah, right. thanks for the thread. 3rd link's a good read.
This is different, though. This is one server in some data center, with IP addresses delegated from multiple sources, and then all announced through the data center's ISP. So the server has an IP address that was originally part of a block assigned to (say) North Korea. But then it's announced from a Dutch ISP. So no matter how you look up information about the IP, it says North Korea. But the ping testing shows that it's in Nuland. And the traffic never goes anywhere near North Korea.
Not exactly. I mean, these are all real valid IPv4 addresses. But they're being misused for deception. However, IPv4 exhaustion is arguably part of it. Because it's created a huge business of trading in IPv4 addresses. Which are worth ~real money now. Maybe $20-$50 each. So crooked administrators in many small countries are selling IPv4 blocks now.
Thanks. At least now I know why my google search switches to Romanian while I'm using Ivacy VPN and Houston, TX server.
Well, if you head to AirVPN forums there are many discussions about this behavior of their competitors. (One of the selling point of Air is that they just rent bare metal servers).
They promise to only use bare metal. One downside is that they replace them as newer/faster hardware comes online, so they swap them out. For those using the eddie client its seamless, but for those creating your own credentials you have to occasionally re-generate new certificates. There is full IPV6 support but I currently have it disabled in my tunnels. I guess its about time to start my "book learning" on IPV6.