Hacker News new | past | comments | ask | show | jobs | submit login
How does BBC iPlayer know I'm not in UK despite logging into UK server via VPN?
11 points by godelmachine on April 10, 2021 | hide | past | favorite | 28 comments
Hi all,

I use NordVPN on my iOS 14 and I want to watch some entertaining series aired on the BBC.

Earlier I used Sweden server on NordVPN but then I changed to UK since BBC shows are only available to people geographically situated in the UK. Even though browser and websites detect change in location and start throwing tons of CAPTCHA, I circumvent this (or I'd like to think I do) by deleting all cookies and caches from all browsers I have installed, beginning with Safari.

However, the problem here is this → the BBC iPlayer website somehow figures out that I am still logged in from a non-UK country and doesn't let me watch videos, despite clearing all my caches and cookies, after I have recently changed my NordVPN to login from UK. The workaround I have found for now is stay logged in from UK NordVPN server for around 2-3 days and then access BBC iPlayer content (streaming videos/ series), then it works. Patience is not one of my virtues and waiting for a 2-3 days is a lousy workaround.

Is there a quicker workaround for this? I know deleting just cache and cookies ain't gonna work so easily.

Should I go for a network reset? That will have the added complexity of re-entering my WiFi password which I wanna avoid.

My thinking here is that the web server Session Affinity (Sticky bit) is cookie based, as opposed to IP based and hence this keeps on happening.

Would someone please help me out here?

Thanks

PS → the BBC iPlayer website does ask its users to turn off VPN, if they are using any.




I suppose they detecting that you're using a VPN and equate that fact with you being a non-UK user.

The same databases that allow you to resolve geoip location typically also would get you ASN for free and then you can try to filter out obvious non-residential IP blocks. Just looking for M247 alone (major bulletproof hoster frequently used by VPN companies) would probably detect at least half of all commercial VPN IPs including most of Nordvpn's.


Ta, and that sounds like a plausible explanation.

I read up on ASN (Autonomous systems numbering) and M247 as well.

Is there a way I can camouflage my IP headers so that BBC won't detect M247? Would using different protocols which NordVPN offers do any different - SOCKS, P2P?

Thanks for your suggestion again.


You can't spoof IP and yet hope to receive a reply back at your (or your VPN server's) current IP. That's just not how networking works. You need to brush up on TCP/IP fundamentals. Even spoofing for unidirectional communication is often blocked today by ISPs due to its widespread abuse (syn flood, ddos, etc)

Try a different VPN and pay close attention to server IPs and their whois. There are some real shady ones whose "server" pool is essentially malwared unsuspecting internet users, that should get you a residential-looking IP rather than datacenter.


>Is there a way I can camouflage my IP headers

You can't write the wrong address on a letter and expect it to arrive at its intended destination. You're already doing the most you can, routing wise, but a direct line still has to be made back to you... be it behind a proxy or not.


I’ve started just throwing up a docker container in AWS London region with WireGuard for VPN and Unbound for DNS. It costs next to nothing, manages to sustain superb upload and download speeds to my home in the US and works great with the U.K. tv streaming services.

For what it’s worth, the exact same container setup running on Digital Ocean did not work - I think whatever IP block I had been given must be black listed. My elastic IP on AWS has been fine though.

Here’s a Docker Compose example you can deploy to a VPS: > https://github.com/IAmStoxe/wirehole


Most streaming services block access from "non-residential" IP address blocks, which includes those of most VPN services and cloud providers.


It could be using system timezone and locale for it.

Try changing system timezone and language settings and restart machine.


Ok, will try this as well. Clunky but worth a try.

Ta.


Make sure your DNS requests are going through your VPN. Test your VPN connection for WebRTC leaks.


Thanks for talking interest but how do I check both points which you have kindly brought forth?

1. Making all my DNS requests are going through my VPN? (My VPN is on, 24*7)

2. Testing my VPN connection for WebRTC leaks? (I use NordVPN)


https://ipleak.net/


Hey thanks for this info.

I am in a UK address and getting many details out of which I am posting just these, posting others might be extraneous -

Your IP addresses - WebRTC detection

DNS Address - 1 server, 1 errors.

If you are now connected to a VPN and between the detected DNS you see your ISP DNS, then your system is leaking DNS requests.

Ergo, I believe I can safely rule out WebRTC Leaks.

Also, the page gives some details on how to switch off WebRTC for every browser. I don’t need to switch off my WebRTC, right? It’s necessary. NordVPN should be taking care of WebRTC leaks, unless I am mistaken.


encrypt dns


Or you randomly get moved to a NordVPN IP that BBC does not recognize as belonging to a VPN after a few days. Would be my theory.


Well, the BBC iPlayer does ask visitors to turn off their VPN, so your theory does hold water.


There are services that provide insight of a given IP address (https://ipinfo.io/) and probably is used to check client on the go. Many other providers (Netflix, qobuz, tidal,...) have similar tech to fence off VPN users.


The app itself checks your local IP through iOS/Android and tells BBC about it


I don’t use iOS app to watch any series like on BBC iPlayer like “Line of Duty”

I use the browser. Today I watched using Chrome on my iOS.


Whatever it is, it is passing through the underlying system and getting your ‘real’ IP


Ok ta


You'll want to turn of Webrtc and check again.

There are many ways out there to check if you're in the country you say you are but this is one of the "easy" ones.


There are lots of ways.

What is your system time? If it's not British time you're somewhere else.

What is your actual IP? Where is that IP based?

    dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | sed 's/"//g'
What is the return-time between a ping (or similar) from the BBC to you and back? If it's over a certain number of microseconds, you're 'no longer in Kansas, Toto'.


>>What is your system time? If it's not British time you're somewhere else

I am not based in UK. Do you think I should be changing my iPhone timeline to UK? It will be a clunky workaround but doable.

>>What is your actual IP? Where is that IP based?

Would you please tell me how do I use the above command to run in my iPhone to find my actual IP? Please note that I keep my VPN on 24 * 7 so that my real IP is never sent out on the web.

>>What is the return-time between a ping (or similar) from the BBC to you and back?

It should be around 18-20msec when I last did a speedtest with the VPN on. How can I check my ping time to the BBC iPlayer site? Is there a website which will help me do this?


> What is the return-time between a ping (or similar) from the BBC to you and back? If it's over a certain number of microseconds, you're 'no longer in Kansas, Toto'.

High latency can be legitimately expected over mobile or satellite connections, it's not a strong signal of a non-local user by itself. UK has real shitty broadband in most places in comparison to 4G/5G, I'd expect a pretty large share of mobile users there.

You could also be using an app like youtube-dl or streamlink to record the stream from a nearby VPS with low latency.


Keep in mind that webRTc performs ICE. Client sends IPv6 (preferred) or IPv4 address to a server. Assuming they use a TURN server, if the IP that reaches the TURN server is not they NordVPN IP, you are detected as a non-UK citizen.

Make sure the VPN is the default gateway.


They tag your browser ID. If you reset all cookies and browser data after being on VPN and before you visit it will work.


Hey thanks for taking interest.

I never switch off my VPN. Are you suggesting -

1. I switch off my VPN.

2. Then turn on my VPN.

3. Then delete my cache and cookies

4. Then visit BBC iPlayer?

I think I have been doing this since a long time but hasn’t really worked. I need to wait for a few days on UK server VPN before BBC iPlayer thinks I am a legit visitor. I tried converting this in my above post as well, through I am afraid I don’t portray a clear picture.


Just 3 and 4 should work!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: