This investigation into nordvpn's "32+ million residential proxies" is interesting
2) I signed up NordVPN, connected to it, and checked the client ip header when making requests to http://disneyplus.com like in the link. Every request returns a different IP, so I wrote a little script to just make this request over and over and log it.
Here's a de-duped text file of about ~2 hours of continuously asking akamai what my IP is when making the disneyplus request:
That repo also has a very simple bash script that just runs over and over logging to a file so you can replicate it yourself.
Alright, NordVPN basically admitted they're using residential IPs, but are claiming it's not secret, it's not malware, and they'll explain it to you if you sign an NDA.
@nyquildotorg wow didn't know they sold these 😱
yip, that's one way to do it while *twiddling moustache* and *stroking a white cat*
@nyquildotorg Blech. This whole NordVPN debacle makes want to shower.
Nice investigation and write-up!
@bgardner I didn't write the original medium piece, but in the process of debunking it discovered it's totally true
@nyquildotorg Sure, that was clear; maybe I should have said "peer review" as opposed to "investigation", but still - solid work.
"specific application for their devices"
The fact that they won't name it is worrying me.
@jospanner I mean, the obvious connection to make (but without real data to back it up) is their Oxylabs / Tesoro stuff, which absolutely has found its way secretly into applications, which makes it "malware."
If they put it into an application and tell people it's there, then it's no longer malware, even though it is doing exactly the same thing.
@nyquildotorg This does feel like the sort of thing that is easy to defuse if there really isn't something funny going on. The vagueness isn't inspiring a lot of confidence.
OCR Output (chars: 849)
Here’s how it goes:
1. We purchase services that provide pools of
2. There are two types of pools. The first one
consists of IPs purchased from ISPs directly.
The second one consists of the IPs of
people who have voluntarily downloaded
specific applications on their devices. The
sole purpose of these applications is to
reward the end user for voluntarily sharing
part of their bandwidth with various
services. Each individual who has the app
downloaded is fully aware of this purpose
and receives a reward for the traffic sent
and received through their device.
3. These IPs are only used initially when
forming a connection. Regular browsing
data and user IPs are never sent this way.
4. The owner of the IP address can’t see any
individual identifiable personal data
because no such data is ever sent.
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!