Reports of multiple Syrian ISPs applying server side VPNs - Sensationalist Headlines

So, as usual, I am the only source you have. Many posts and images have surfaced in the recent times on social media (mainly Facebook) confirming multiple ISPs jumping on the Fuck the US train and applying VPN on their side for all of their clients. In the recent years, VPN services became an essential part of every Syrian's life, with many services and websites closing their doors to Syrians responding to the US/EU restrictions on Syria, that affected the country in every aspect, resulting in free VPN apps being shared more than nudes on every smartphone. it's unclear whether this move was applied for certain connections or all connections, as some people reported some services that they normally couldn't access working without using any external apps while still having a Syrian IP, while others reported having an Egyptian IP or a European IP. I can't show evidence of this as it's basically just screenshots of something working. Mentioned services include: Google play, itunes/app store, software updates (all vendors), battle.net, bethesda and many others. I only reported this after noticing Google play auto updating an app, which is usually impossible without a VPN. Could this be why facepunch sometimes detects my location as Romania/Russia, can any mod confirm this if you have an IP log?(you should), but even with that I always had a Syrian IP. Now excuse me I'm going to cancel my Syrian Telecom subscription then paying Sawa a visit. Been like 4 years since I last wrote an article, how am I doing?

Considering the situation we've agreed (in mod chat) that this thread can stay open, but please Nebrassy get some sources if you can find any, I can agree based off your IP history that your location is bouncing all over the place as of lately but it isn't much to go off. I also wouldn't put it past the ISPs actually doing this anyway, feel free to keep the discussion going now.

What are vpns

[QUOTE=cNova;52087710]What are vpns[/QUOTE] Virtual Private Network they basically allow you to send and receive data on public networks as if it was a private one

[QUOTE=cNova;52087710]What are vpns[/QUOTE] Somebody correct me if I'm wrong: A VPN (Virtual Private Network) is an anonymization service. You connect to the internet through a private a network, meaning that the person on the other side of the connection cannot see your IP address or other digital information, but instead sees the info of the VPN, effectively masking your identity. In order to pierce the veil of the private network and discover who accessed what, prying eyes would have to be able to compromise the man in the middle, the private network. So, a court would have to subpoena the access records -- and any good VPN immediately deletes all access records as a matter of policy any way. Basically, a VPN makes it very difficult to link access to a website back to any one individual by routing traffic through a secure middleman. I think. I don't know whether I've got that exactly right, but it sounds about right to me.

[QUOTE=Big Dumb American;52087791]Somebody correct me if I'm wrong: A VPN (Virtual Private Network) is an anonymization service. You connect to the internet through a private a network, meaning that the person on the other side of the connection cannot see your IP address or other digital information, but instead sees the info of the VPN, effectively masking your identity. In order to pierce the veil of the private network and discover who accessed what, prying eyes would have to be able to compromise the man in the middle, the private network. So, a court would have to subpoena the access records -- and any good VPN immediately deletes all access records as a matter of policy any way. Basically, a VPN makes it very difficult to link access to a website back to any one individual by routing traffic through a secure middleman. I think. I don't know whether I've got that exactly right, but it sounds about right to me.[/QUOTE] From what I understand this case is the Syrian ISP's using VPN's on their side to change the GEOIP of their users so they can access content that has blacklisted Syria.

Nebrassy, I don't know enough about the political intricacies of the situation in Syria to have a well informed opinion on this, but you seem to have strong feelings about it. Why is the usage of VPNs such a significant development, in your eyes? You seem to feel this is a bad thing, unless I'm misunderstanding, but aren't VPN's a good thing in your case? [editline]10th April 2017[/editline] [QUOTE=Levelog;52087811]From what I understand this case is the Syrian ISP's using VPN's on their side to change the GEOIP of their users so they can access content that has blacklisted Syria.[/QUOTE] This is a bit outside of my technical experience, but that sounds like a good thing for Syrians, no?

What would be the difference between using the VPN and TOR?

It's also worth noting that if you're not careful, it's entirely possible that those VPNs could be inserting malicious code into your browser. [media]https://www.youtube.com/watch?v=0QT4YJn7oVI[/media]

I really tried to find sources about this, but it's just not possible, all I found was many people posting about, some tech pages (Syrian) reported it, but it's not worth mentioning as it's just people saying stuff like I did, and ISPs did not mention anything about it for obvious reasons. [QUOTE=Big Dumb American;52087821]Nebrassy, I don't know enough about the political intricacies of the situation in Syria to have a well informed opinion on this, but you seem to have strong feelings about it. Why is the usage of VPNs such a significant development, in your eyes? You seem to feel this is a bad thing, unless I'm misunderstanding, but aren't VPN's a good thing in your case? [editline]10th April 2017[/editline] This is a bit outside of my technical experience, but that sounds like a good thing for Syrians, no?[/QUOTE] it's not a bad thing at all, And yes it is a great development, the whole online situation only gets worse in Syria's case, many services would terminate your account the second they know you're in Syria, and a ton of websites are blocked without their owners knowing, simply their host decided to block Syria alltogether from everything they host (ie. Anything hosted by google, like humble bundle) what's really good, is that VPN on their side wouldn't affect ping or download speed. the thing I mentioned at the end, Syrian telecom (known as tarassul) is the official ISP that belongs to the ministry of telecommunication, which is currently my ISP, Sawa is one of the ISPs reported to use VPN

What makes you assume that it's a VPN and not a regular proxy redirect? [QUOTE=Zero-Point;52087913]It's also worth noting that if you're not careful, it's entirely possible that those VPNs could be inserting malicious code into your browser. [media]https://www.youtube.com/watch?v=0QT4YJn7oVI[/media][/QUOTE] The ISPs could do that anyway if they wanted to

[QUOTE=phygon;52088360]What makes you assume that it's a VPN and not a regular proxy redirect? [/QUOTE] it could very well be just that, what matters here mostly is hiding the geoip, but I'd assume they would probably want to encrypt that, sending all http connections of your country unencrypted to someone is probably not a good idea, unless they're only doing it for certain server, definitely possible if that's the case.

[QUOTE=Big Dumb American;52087791]Somebody correct me if I'm wrong: A VPN (Virtual Private Network) is an anonymization service. You connect to the internet through a private a network, meaning that the person on the other side of the connection cannot see your IP address or other digital information, but instead sees the info of the VPN, effectively masking your identity. In order to pierce the veil of the private network and discover who accessed what, prying eyes would have to be able to compromise the man in the middle, the private network. So, a court would have to subpoena the access records -- and any good VPN immediately deletes all access records as a matter of policy any way. Basically, a VPN makes it very difficult to link access to a website back to any one individual by routing traffic through a secure middleman. I think. I don't know whether I've got that exactly right, but it sounds about right to me.[/QUOTE] You are more or less correct in how it's useful in this case, but it should be added that this is just a specific use case and hasn't been at all foreseen with the original VPN conception. VPN as a concept and implementation comes back from the innocent era of internet, before rampant hacking or any sort of blockades or mass surveillance. In it's essential form, VPN basically means bridging a LAN (Local Access Network) over a distant, potentially public routing space (the internet for instance, but not necessarily just that). LANs have many features special to them; the routing is much simpler, there's certain degree of implicit trust among the devices within a LAN. Remember the pre-internet PC games that only allowed multiplayer over a LAN? You can use a VPN to set up a virtual LAN, and the game has no way knowing you are playing with your pal from Brazil, and it honestly doesn't care - for it, it might as well be on a LAN; the details of the networking at play aren't exposed to it whatsoever. Services like Hamachi are pretty much VPNs specialised for this purpose. If you encrypt your VPN data on it's way over the public space, it's usually moderately safe and secure, too, and you can for instance rely on using otherwise insecure protocols on it, or forego further authorization. The client access obfuscation which is discussed in the OP just sets up a trivial, 2 point VPN between the client device and server in a more convenient location, which is able to avoid limitations and surveillance.

[QUOTE=phygon;52088360][...] The ISPs could do that anyway if they wanted to[/QUOTE] To some extent. Sites that use TLS properly (e.g. Facepunch) are secured against that unless the malicious party can forge a certificate (which is somewhat difficult even for state actors if your browser is good).

[QUOTE=Tamschi;52089099]To some extent. Sites that use TLS properly (e.g. Facepunch) are secured against that unless the malicious party can forge a certificate (which is somewhat difficult even for state actors if your browser is good).[/QUOTE] It's trivial for state actors since they can forcibly get a certificate from a signing authority in their country. There's a surprising amount of authorities that can sign certificates, and they're quite distributed when it comes to where they are located.

[QUOTE=nikomo;52090810]It's trivial for state actors since they can forcibly get a certificate from a signing authority in their country. There's a surprising amount of authorities that can sign certificates, and they're quite distributed when it comes to where they are located.[/QUOTE] Right, but that still requires the browser to actually trust that CA. (I wonder if the EFF's SSL Observatory supports certificate confirmation queries.)