Archive for April, 2010

Choosing Web Proxy Server or VPN for Streaming UK TV from abroad

April 30, 2010 2 comments

Well, I’m planning to go to the US at some point, and I want to be able to watch a bit of live UK TV while I’m there. For this, I usually use TV Catchup (and used to use Zattoo, and also iPlayer).

Of course, the BBC will block non-licence fee payers, such as foreign viewers, from watching much of the BBC – and other channels may do the same under their licensing conditions. So the question is how to fool those services into thinking that I’m in  the UK, when I’m not.

Well – the obvious answer is a Web Proxy. Since they identify your country by the public IP address of your laptop or computer while abroad, the trick is to channel your web browsing via a proxy which is in the UK, and so they will think you’re in the UK yourself. You can use public service proxies – which are usually either terribly slow, or charge a per-use or monthly fee. Since I’m only going to do this occasionally, not watch Eastenders every week, that’s not for me. The other option is to leave my computer on at home, and run a proxy service on that over my own UK home broadband. Since I have a computer on anyway, then that IS for me, and that’s how I’ll do it. I’ll connect my US-based laptop to my UK-based home network, and then from there out to the BBC, TVcatchup, etc websites.

So – I have set up a good free proxy – ccproxy – which seems to do the trick. It’s free for 3 or fewer simultaneous users (just me!), and is feature-rich – so I can do things such as change the listening HTTP ports to an obscure port (eg. 34893), which most hackers with network scanners will not test.   If you left it on the defaults, such as 80, 8080, 808, 443, etc., they most certainly would find it, and then it’s just a question of password-guessing or using any known vulnerabilities for the software to hack in – and then you could be in trouble.

HOWEVER – I have found a second option. Since I’ve modified my router to use the feature-rich DD-WRT firmware, this includes a VPN server inside the router itself. This would be another way of getting a ‘virtual presence’ in my home network, from where I can connect out to UK sites as a seemingly UK user.

So – which to use? Well… I’ve been trying them out, and there are pros and cons to each:

CCProxy has some Pros in….

  • allowing me to use obscure ports for improved security (not that obscurity by itself is enough for security, but it helps!)
  • allowing me to use username/password security for access to the proxy – which Firefox and iPhone Safari both support
  • letting me log and monitor access on the proxy, which I can log to disc on the server, and analyse later

It also has some cons:

  • My home server must be on constantly to serve it. If the PC is switched off, or crashes, and I can’t remotely start it, then that’s that
  • For Firefox/IE, you have to reconfigure your connection settings to use the proxy specifically – which means going into Options/Preferences, and changing them, each time you switch
  • For iPhone, it requires the Proxy to be configured manually for that specific WiFi connection – again, re-typing everything each time you want to use it
  • If using hotel/corporate WiFi, or if they also have a proxy themselves, then they may block the nonstandard port which you set for your own proxy for obscurity

Meanwhile, the VPN has some Pros:

  • It is in the router, rather than any PC – so only the router needs to be on – it doesn’t matter if the PC is unavailable
  • It’s PPTP, which is very easy to set up on both Windows and iPhone. On both, you simply turn the VPN on, or turn it off – you can store credentials in there too
  • It automatically uses the home router for DNS services, DHCP IP assignment, etc. etc., which are set up locally – so no need to change any proxy settings elsewhere
  • It works through both WiFi and Cellular (2G/3G), although I wouldn’t stream TV at roaming data rates!
  • It’s more likely to be supported by hotel/corp networks that may block nonstandard ports, like the one I deliberately set for the proxy
  • It adds another layer of security on web-browsing for my device, when in use over public WiFi networks

And some cons:

  • It will only run on a standard, well-known port – and I suspect many hackers will discover it, and try to exploit it through password guessing or any open vulnerabilities on this well-known platform
  • PPTP is considered relatively insecure. The alternative VPNs they propose, again, need a PC to be switched on. But, for my home network, with a strong password, it’s likely secure enough to prevent script kiddies and worms – rather than the resources of a major government, which I suspect is the level of attack that this author may be considering.
  • If the router IS compromised, then the hacker basically has the keys to my home network. Malware, here we come.

Anyway… VPN it is! I’ll see how it works over the coming weeks.

Categories: Computing

VStuff – stuffs up your bandwidth

April 9, 2010 Leave a comment

Recently I’ve often been finding my internet connection really, really slow. Looking at my bandwidth usage, I saw that the upstream was flat out – 512kbps plus – and so any web browsing, email, etc. was slow. However, if I tried a speed tester, or watched video, this was usually fine – as my downstream, and internet connection, was OK.

I killed all programs on my computer that were associated with the internet: Orb, Vstuff, Dropbox… they all went. Still, the stream of data going out of my system continued. I feared a trojan, something stealing my data…

Finally, I got round to installing Wireshark on my desktop. Fired it up, and I was watching every single packet that was going into and out of my desktop connection. And almost all were over SSL to a 70. address. Ouch!

So – I did an nslookup on that 70. address, and it came up with a server at Steek. Now, Steek are a French company (bought by F-Secure last year) that do online backup – and who Virgin Media use for their VStuff service. So – evidently, it was Steek who was burning up my upstream sending all my data to their servers. Despite it saying my account was 90% full, and having done this for weeks. What were they sending??

It’s more worrying that it took my skills as an IT Networking guy to discover what was going on. Most users would just notice the slow internet, and wonder why. The VStuff app has little to say what it’s doing. And – note – I had killed the app, and the tray icon, and yet somewhere in the bowls of the system, a hidden service kept sending the data.

I’ve since removed the app, and I hope it’s worked. If I see that upstream surge again, I’ll be even more worried!

Life Balance – when the trial expires

April 9, 2010 1 comment

Well, I’ve come to that decision point. My 30-day trial has expired. Should I buy Life Balance?

Just a reminder: I’m a long-standing MyLifeOrganized user, but having given up the mobile client when I moved from Windows Mobile to the iPhone, I gave up waiting for an iPhone client, gave up trying various workarounds, and decided to try Life Balance instead as the closest thing to MLO.

So… now the trial has expired, has it stopped working? Well… not quite, not yet. What it’s doing now, is not showing any task prioritisation – so I have my outline, calendar, etc. as normal, but it won’t show me prioritised tasks. I assume that perhaps the functionality will further degrade or stop working altogether as the time wears on.

Although – I can still use it, because I paid the few dollars for the iPhone client. So I can sync LB with the iPhone copy, and the fully paid-up iPhone client CAN show task prioritisation. So I’m ticking along with this for the moment, while I decide what I’m going to do.

The thing is, $70-80 is a lot for a piece of software I’m not sure about. It’s definitely not as instantaneous as MLO; even simple things like being able to flick through and expand/contract/insert using the keyboard rather than hunting around with the mouse pointer… it’s kinda there in LB, but it’s not as quick and intuitive as with MLO. The lack of alarms is my biggest gripe, along with prioritisation being less flexible than MLO.

And – since syncing the laptop and phone requires one of a number of multi-step processes due to my laptop’s corporate firewall software – such as syncing LB laptop with my desktop via DropBox, and then remoting in to my desktop, firing up LB there, and then syncing from my iPhone from there…. then it means I’m less likely to actually sync, and so the data on one or the other is out of date: and I subsequently don’t bother checking it. Again, it defeats the point of GTD software. So I’m reluctant to spend $$$ on it.

So… I remain undecided. Let’s hope iPhone OS 4.0 gives Andrey some more options and renewed drive in developing MLO iPhone.

Categories: Uncategorized