Unless Apple would make an anonymizing VPN connection mandatory, I don't see any difference to the situation as is. As long as people can be pressured to turn off the VPN, nobody loses any customers. Additionally, I don't think paying customers are the target, since they usually provide identifying information anyway.
If Apple started routing all iPhone/Mac traffic through some anonymizing VPN by default, services that block it would absolutely lose lots of customers.
Yes, but Apple wouldn't do this, because Apple is also at risk of losing customers when people get blocked by network security at work. We could also fantasize about Apple fighting all the tracking everywhere, including their own services...
Quite frankly, it's a bit silly to paint Apple as some privacy fortress, who wouldn't have to comply with law enforcement/intelligence to unmask/tap traffic. I mean, for a lot of people VPN choice is done considering legal jurisdictions somewhere far away. Apple could/would never possibly offer this level of protection.
It sucks that we need rely on a big company to make a big, scaled-up change like that in order to move the needle. This looks like a pretty fatal flaw in the design of TCP/IP. IPs should be randomized periodically and they should all be equal. You shouldn't be able to tell someone's country from them, let alone their city, ISP, whether it's coming from a business or somewhere residential, whether they are a bot or a human. The Internet shouldn't have boundaries like this, and the fact that it still does shows there's still work to do.
This comment would be more useful if you have the name of the product or linked to it. I’m also not aware of this offering and wasn’t able to find information on it.
Private relay is an Apple VPN-like service that only covers iOS safari. That means the SoundCloud app or desktop usage will not receive any privacy benefits.
They’re not big enough and some sites will hard block it with other VPNs, like the government of Delaware. Bigger sites still soft block it like Instagram which will randomly ban accounts using it, or Google with captchas every couple of searches.
You can't just blanket block all VPN access, that's not how the internet works... they could pick some common/well-known providers of VPN services and block their IPs/ASN/etc., but you can't just flip a switch and make all forms of VPN/proxy stop working, as there's no way to tell with certainty that someone is using one.
There are plenty of VPN and proxy detection services, either as a service (API) or downloadable database, which are surprisingly comprehensive. Disclaimer: I’ve run one since 2017. Years on, our primary data source is literally holding dozens of subscriptions to every commercial provider we can find, and enumerating the exit node IP addresses they use.
There are also other methods, like using zmap/zgrab to probe for servers that respond to VPN software handshakes, which can in theory be run against the entire IP space. (this also highlights non-commercial VPNs which are not generally the target of our detection, so we use this sparingly)
It will never cover every VPN or proxy in existence, but it gets pretty close.
> Years on, our primary data source is literally holding dozens of subscriptions to every commercial provider we can find, and enumerating the exit node IP addresses they use.
Assuming your VPN identification service operates commercially, I trust that you are in full compliance with all contractual agreements and Terms of Service for the services you utilize. Many of these agreements specifically prohibit commercial use, which could encompass the harvesting of exit node IP addresses and the subsequent sale of such information.
Maybe the tables could be turned and we can build a service with dozens of subscriptions to every VPN detection service and report them for ToS violations ;)
Tangent: if you hold access to all VPN providers, have you thought about also releasing benchmarks for them? I would be interested in knowing which ones offer the best bandwidth / peering (ping).
Many websites including Soundcloud are still only accessible through IPv4, so this is moot, even if VPNs support IPv6 it's enough to block their V4 exit nodes for Soundcloud.
This will also cause problems with anyone that happens to (even accidentally/unknowingly) use apps that integrate services from companies such as BrightData/Luminati/HolaVPN/etc. where they sell idle time on your device/connection to their VPN/proxy customers.
The legitimate end-user will then no longer be able to use e.g. SoundCloud.
I’m with you on this one. Some of my projects are flooded with sus traffic from Brazil. I don’t believe there are a million eager Brazilian hackers targeting me in particular. It’s pretty clear from analysis that they’re all residential hosts running proxies, knowingly or otherwise.
The more concise word for this is “botnet”. Computers participating in one should be quarantined until they stop.
Often times random shovelware apps will have these proxy SDKs embedded in them, and the only mention of it being part of the software is buried in some long ToS that nobody reads.
GEOIP providers often sell a database of known VPN/Proxy endpoints. They take the approach of shoot first, ask questions later. Using one of these databases bans a lot of legitimate ip addresses that have seen been the source of known VPN or proxy traffic.
Its not perfect ofc, but its not meant to be. Its usually just used as a safety blanket for geoblocked intellectual property, like netflix.
You know perfectly well what blocking VPN access means in common verbiage. I don't understand the motivation of these "hey look my WireGuard connection to home isn't blocked, you guys don't know the true meaning of VPN" comments that inevitably pop up in these discussions. Like come on, this is a tech forum, you're not impressing anyone for knowing the technical definition of VPN and how to set up WireGuard.
To flip that though, what about just using those sketchy-ass malware-laden "residential IP" VPN providers and route your traffic through someone else's hacked up VPN running on a Fire TV stick they bought off JimBob for $200?
Yeah, it's an ignorant and arrogant take on the legal system.
In most places the law is exercised pragmatically, interpreted by presumed intention. That's why legal precedent is important. You likely won't convince any judge being anal about the wording (maybe if the law gets applied for the first time). You can derail anything semantically. Furthermore, despite apparent belief, laws are frequently formulated in such a way that a particular wider term is extended to help interpretation. Eg. "It is prohibited to use a VPN in a way capable and intended to obscure one's physical internet access point identification". (Not a lawyer, not a native speaker, don't get anal with this wording, either.) I very much doubt any legally binding document would even use the term 'VPN' primarily to describe the technical means for anonymization, but rather describe it functionally.
And this is rather an anemic take. The (proposed) UK VPN ban that was recently discussed here have a definition on what exactly is a "VPN" for the purposes of the ban (basically "VPNs generally advertised to normal consumers") but a lot simply shouted "ssh go brr" (and definitely did not read the proposed law). These "let's go techical" thinking never flies with the poeple who makes such legislation, and in (probably unpopular!) opinion we should talk to them in terms that they can understand. Yes, we don't want that law, but having a purist take would probably alienate regular people.
It doesn't really matter that a single person has found a loophole because many, many other people don't have such a luxury, and that's what the lawmakers are aiming for.
I have worked for fintech companies that mandate VPN use as a security measure.
It's going to be interesting when the majority of the UK accesses the internet via VPN because of the increasingly ridiculous hoops that the UK makes them go through, and the government tries to stop them while also allowing VPNs to be used by the tech sector.
I agree, these are two separate legal processes powered by the same technology. But the internet doesn't have any awareness of legality (thankfully) so we're stuck with only the technical meaning.
Besides the political implications, I think we should try to find an objective taxonomy, it's clear that privacy VPNs and network security VPNs are different products semantically, commercially and legally, even if the same core tech is used.
Possibly the configuration and network topology is different even, making it a technically different product, similar to how a DNS might be either an authorative server for a TLD, an ISP proxy for an end user, a consumer blacklist like pihole, or an industrial blacklist like spamhaus. It would be a non trivial mistake to conflate any pair of those and bring one up in an argument that refers to the other.
Tailscale is really not that hard to set up. There's an Apple TV app for it, even. And who doesn't have some friend in another state or country that would like an Apple TV?
Your friends don't find it uneasy that you can be tunneling illegal activities through their internet connection and have the FBI knocking at their door in a few months?
Exactly, I have friends from other countries. Friends I really like, I would not give a VPN access to my internet connection to most of them. They have to be the perfect intersection of technically competent (so that their computer doesn't get turned into a botnet) and fully trustworthy.
I do actually give VPN access to my mother that is not technically competent but I have full access to her computer and locked her down as much as possible
I live a thousand miles from another country. No I don't have friends in another country and I don't even know anyone with friends in another country except immigrants or spouses of immigrants.
How is it out of touch? GP comment makes it sound like the technical know to setup a VPN exit node is this crazily esoteric super weird nerdy thing that no one would expect anyone normal to even know about. Installing an Apple TV app onto an Apple TV and mailing it to a friend requires zero command line usage.
But no, Tailscale did not pay me for this comment. I do happen to know someone that works there though.
>I connect to my residential ISP in the USA via VPN all the time and have never had issues with being blocked for VPN use.
Bit of a non sequitur, you would have to outline your entire usage pattern to even submit that as N=1.
GEOIP providers dont sit on your home network. They do accept data from third parties, and are themselves (likely) subscribed to other IP addressing lists. Mostly they are a data aggregator, and its garbage in > garbage out.
If someone, say netflix, but other services participate, flag you as having an inconsistent location, they may forward those details on and you can get added to one of these lists. You might see ip bans at various content providers.
But the implementation is so slapshod that you can just as likely, poison a single ip in a CGNAT pool, and have it take over a month for anyone to act on it, where some other users on your same ISP might experience the issue.
These things can also be weighted by usage, larger amounts of traffic are more interesting because it can represent a pool of more users, or more IP infringement per user.
You can also get hit from poor IP reputation, hosting a webserver with a proxy or php reverse shell, or a hundred other things.
(Also, larger ISPs might deal with a GEOIP provider selling lists of VPN users that include their IP address space, legally, rather than just going through the process of getting the list updated normally. This means the GEOIP providers can get skittish around some ISPs and might just not include them in lists)
There is even a single company in the unique position to actually tell where exactly(-ish, considering CGNAT exists) where an IP address is located: Google. They do use the "enhanced location" data on Android devices to pinpoint where an IP is, so a single Android device can actually change fings for Google (and YouTube).
If using a VPN for access is forbidden by the ToS, you only need to detect a VPN connection once to prove violation.
The IPv4 address space to consider is limited and it is technically absolutely feasible to exhaustively scrape and block the majority of VPN endpoints. Realistically any VPN provider will have some rather small IPv4 subnets make do, shit's expensive. More so, for the trivial case, VPN anonymization works best, when many people share one IP endpoint, naturally the spread is limited. There are VPN providers, some may even be trustworthy, which have the mission of "flying under the radar" with residential IPs and all, but they are way, waaaay more expensive. For most people that's no option.
IPv6 is a different matter, but with the very increase in tracking and access control discussed here, that may be even more of a reason, IPv6 is not going to be a thing any time soon....
Thinking about it, maybe this AI monetization FOMO and monopoly protectionism, will incidentally lead to a technological split of the web. IPv4 will become the "corpo net" and IPv6 will be the "alt net". I think there may be a chance to make IPv6 the cool internet of the people, right now!
> you only need to detect a VPN connection once to prove violation
But an IP address is not a person (legally in the US at least), and many IPv4 addresses get re-used fairly often. My home 5G internet changes IP every single day, and it's a constant struggle because other users often get my IP blocked for things I didn't do. I cannot even visit etsy.com for example. Just for fun I even checked 4chan and the IP was banned for CP, months before I ever had this particular IP (because I'm paranoid and track all that stuff).
> But an IP address is not a person (legally in the US at least)
That's a completely different matter (and still probably reasonable suspicion for a search, anyway). If an account/service ID evidently uses a service through a VPN there is no uncertainty of ToS violation. Of course someone could have hacked your account and used a VPN, it doesn't ultimately prove you did it, but nevertheless the account can be flagged/blocked correctly for VPN usage.
> many IPv4 addresses get re-used fairly often
The VPN's servers won't be using changing, "random" IPs. That's something ISPs do when assigning residential IPs. VPNs with residential IPs are not common. (I am not sure those VPNs are even really legal offerings.)
If your ISP uses NAT for its subnet space, you could argue it's technically similar to a VPN. However, same as with VPN exit scraping/discovery, those IP spaces can be determined and processed accordingly. I am also sure those ISP subnets for residential IPs are actually publicly defined and known. Eg. the Vodafon IP may get temporarily flagged for acute suspicious behavior, but won't get your account flagged for VPN violation, or even blocked permanently, since it's known to be the subnet of a mobile ISP, which uses NAT.
Additionally, I presume e.g. SoundCloud prohibits anonymizing VPNs, not everything that's technically a VPN or similar.
As long there isn't a critical risk, these kind of business decisions won't aim for certainity.
They probably assume some amount of collateral damage, a small number of VPN users still flying under the radar, the bulk of VPN users being properly targeted, and the vast majority of users not noticing anything.
It is easier to block all non-residential addresses, than block VPNs. As an added "bonus" it also kills personal VPNs running on VPS. VPNs in residential space exist but are sold as "premium" product.
yes and those users that happen to have their bw sold as residential VPN will be caught in the crossfire... many times they are not even aware of it because it's something buried in a ToS they didn't read for some random app.
Someone googles "free VPN" so they can watch region locked videos and now their connection is a part of that network too. They may or may not realize that this is the arrangement.
same here. been a paying customer for 2 years, a soundcloud listener for 5+. this is where i switch back to downloading music off russian pirate websites.
Still seems to work via the desktop interface while accessing the old.reddit version, at least it worked a couple of days ago for me, I can't speak for the new web version nor for their phone app, cause I'm not using those.
Should be interesting to see how the internet blocks those of us who don't want to be fingerprinted, ID'd, or reveal our home IP addresses. YouTube already blocks embeds to login and prove I'm not a bot, funnily it doesn't work and embeds never play. Reddit will block me unless I'm signed in which I don't mind too much, but the daily beast and many others block me which is a shame because I'm a real human being using the internet as intended.
Instead of blocking or limiting features to whitelist users with approved behavioral patterns and limit / block those that don't -- such as loading a page and immediately commenting or doing things that normal humans don't do, they block IP addresses and ASNs.
I just close the browser tab and remind myself not to waste my time caring, there'll be other platforms.
My router is setup for WireGaurd and it'll never be disabled.
>block those that don't -- such as loading a page and immediately commenting or doing things that normal humans don't do, they block IP addresses and ASNs.
As someone who has both spent quite a bit of time writing scrapers and later lots of headache on blocking malicious bots from accessing websites, I can tell you this has become futile. Bot makers aren't stupid. If you put in a check for how fast actions are performed, they will put in a sleep timer in their script. If you start blocking residential IPs because many people use it, you are probably just blocking a school or dormitory, while the real bots will quickly move to another IP once they smell something is off. Today with modern multimodal LLMs, you can bypass almost every "human-check" imaginable. And if they can't pass something, most of your users sure as hell won't either. Not because it is too hard, but because it will take too long to solve. The sweet 3-15s actionable human intelligence threshold has been passed by now. The cats and dogs type captchas were already solved more than 12 years ago by simple CV machine learning. The tech has progressed an insane amount since then. In the end I always ended up basically doing what SoundCloud did here if my service was sensitive: Block entire countries, all tor exit nodes and all known VPN ASNs. That will get it down by like 90%. Bear in mind that anyone who wants to put in some effort will still easily bypass this, but at least the low-effort guys from third world countries will take a while before they catch on. So you can go back to doing some actual work in the meantime.
What do you think "evil" means? In the real world, there's no one holding up a platonic ideal of moral action and swearing to do the opposite, like some comic book antagonist. Real world evil is acting with complete amorality, because if you don't care about right or wrong in your pursuit of some goal, you inevitably will do some heinous shit.
That's not to say corporations don't come awfully close to the comic book concept of evil. By definition, a corporation's prime purpose is an uncaring commitment to making money, and if you've gone public, making all the money. That's awfully close to being the opposite of the "good" ideals of generosity and kindness.
In the nicest way possible: who cares? So "they" know my vile pornographic proclivities, my daily commute, and probably what color my poop was this morning. Then what? I get embarassed?
Snowden showed the NSA has taps upstream, so in my book: that's over. I'm fairly convinced if your company reaches a size where it could potentially be a national security threat, the government comes knocking (Facebook, Apple, Twitter, etc.), so that seems like it's over. You have the AI companies scraping god knows what. And, I imagine most countries have corollaries.
Really, all the bad actors I'd encounter in my daily travels would be ones who want to steal money from me. That's a simple ideology. I can handle that. My identity gets stolen, my bank account...there's multiple levels of billion dollar companies with vested interest in me not losing faith in "the system," so I'm not worried about it really.
If a company wants to associate my phone number to glean all my purchases forever in order to target tailored ads to me, fine. Again, it's in the spirit of taking my money, which is a simple ideology.
If the neighbors want to snoop on my traffic, hats off to them for having the capacity to live two lives: both theirs, and mine after they figure out my day-to-day dealings. Doubt they have time to do much about it. Hard enough to live one life in 24 hours.
If the government wants to try and keep tabs on everything to see who's making ICBMs and who isn't, or whatever else they want to do, that's their prerogative but it seems like a complex goal that doesn't affect me.
This only works so long as you're not interesting to anyone. You never know what past information associated with your identity will be weaponized against you. By the government, corporations, or individuals to justify harming you. Even if you're safe and secure in the belief that your neighbors will never turn on you, others are not so lucky.
Did you travel to get an abortion? Someone might be interested in charging you with a felony. Did you associate too closely with non-citizens? Maybe you're one too. Did you reserve a hotel room? Probably willing to pay more for flights there. Do you frequent hacker news? Might not be so in favor of the current political establishment.
You make a couple of good points. The necessity to commit a felony in the name of healthcare as traveling to get an abortion is shameful. I can't believe it's come to that. Have people been rounded up into camps and exterminated for innate human qualities and beliefs? Yes. And it's disgusting I have to type that as well.
But beyond that I disagree with your sentiment.
These things need to be stopped as they come. Withholding data and living a life of fearful "what ifs" cannot preemptively stop atrocity. Of course I'll never know what past information can be used against me in the future; weaponized in ways I cannot fathom. It's a possibility. Hindsight is 20/20, but "you can't predict the future," so how would I know? I have to live my life. I gotta do SOMETHING.
The crux of all of those "what ifs" is beholden to if the person correlating that data has social agency to act upon it. If that's the case, anyone could be my next predator. Anyone could be the next Hitler waiting to exterminate me based on my non-citizen camaraderie or political leanings.
Data is just a predictor, it is not the truth. If my life provided a data point for a yet-to-be-born hostile dictator to perjure me, I will deal with that when it comes, but I can't live my life out of fear.
Last night I was blocked from HBOMAX (or whatever brand they go by these days) for being on a VPN. That was the first time I've ever encountered something like that on HBOMAX. I wonder if there is some coordinating event here.
Having it spelled out as "Are you on a VPN?" on streaming services is pretty common these days. I guess with the popularity of consumer VPNs that term isn't just a technical one any more.
Legislation. If a country requires age verification, identity verification, moderation, etc, it's easy enough to either block that traffic or enforce the local laws. However users can easily circumvent this with a VPN. For some countries, this traffic is still in scope, and so the only real way to prevent it is to block or impose the restrictions on all VPN users.
Could also be spam/abuse prevention. Credential stuffing often goes through VPNs, signup over VPN is a strong signal for future abuse or issues in various ways.
well, what if an artist put something controversial in the lyrics, like, something that radicalizes a minor into developing something maligned like, agency, or self awareness
Yes mostly about this. I can't use SoundCloud (or Spotify) in Serato DJ Pro to connect and play songs, not available in my country. But Apple Music connected, so moving my archive there.
It doesn’t really matter if they’re using commercial VPNs or the same upstream providers as commercial VPNs. Blocking an ASN is a million times more effective than blocking single IPs (at the risk of blocking genuine customers). I’ve had customers reach out to me asking to be unbanned after I blocked a few ASNs that had hostile scrapers coming out of them. It’s a tough balance.
VPNs often use providers with excellent peering and networking - the same providers that scrapers would want to use.
AI scrappers made it so much worse. Now most things completely block VPN users who aren't logged in. Reddit and Youtube will refuse to load anything until you log in if you are on a VPN.
Across 3 VPN providers I use, none of them have issues accessing reddit anonymously. There are nodes/regions that are blocked, but finding a working server isn't hard.
I am so sick of these IP blocks. Same thing in Discord where a lot of servers deploy third-rate services like Double Counter that’s effectively a malware host. There’s nothing wrong with using VPN. I don’t want my IP exposed when my ISP doesn’t allow me to freely change it like they used to even a couple of years ago.
Even Russia and Iran has issues blocking VPN country wide…curious what SoundCloud is going to be able to do. I’m guessing it’s to block AI scrapers but ironically, they have way more resources than your customers. SoundCloud will end up pissing off their paying customers and AI bots will still be able to scrape.
I tried creating a SoundCloud account recently for uploading DJ sets to and it just outright wouldn't let me. Didn't matter whether I was or wasn't on a VPN, or whether I had clean cookies. Crappy bot detection. You can be sure I'm never paying for such a hostile service.
i’ve watched this VPN arms race get weird over the years... as a user i feel like the license wars always spill over onto my connection.
rights holders keep demanding geo fences and identity checks... service providers comply because they don't want to get sued.
BUT... the blunt tool is to block whole swaths of IPs... then we all scramble.
i think the conversation around Apple or any single company saving us is missing the point.
ALSO... even if a big platform rolled out an anonymizing proxy... regulators would still push for carve outs... copyright exemptions... law enforcement taps.
the root is the business model... ad targeting... licensing... fraud detection... all of which depend on tying a real person to a real IP.
HOWEVER... if enough of us treat VPN use as normal... the calculus changes.
blocking a few percent of weirdos is easy... blocking half your paying users is not.
i don't know the answer... but i suspect it's going to get more fragmented before it gets better.
Uhhh. Unless people are now using SC completely differently from how I was using it, the media people publish on SC is far too niche to be available via piracy.
I thought for a moment while reading these comments that somehow SC had completely changed in terms of content and type of user. People seem to think it's a Spotify-like or something. I consumed essentially audio shitposts and DJ mix sets on SC, stuff that you're not going to find published in a pirateable form...
I keep wishing “privacy” company, Apple, would release a VPN such that no business would be able to block it as they’d lose too many customers
Unless Apple would make an anonymizing VPN connection mandatory, I don't see any difference to the situation as is. As long as people can be pressured to turn off the VPN, nobody loses any customers. Additionally, I don't think paying customers are the target, since they usually provide identifying information anyway.
If Apple started routing all iPhone/Mac traffic through some anonymizing VPN by default, services that block it would absolutely lose lots of customers.
Yes, but Apple wouldn't do this, because Apple is also at risk of losing customers when people get blocked by network security at work. We could also fantasize about Apple fighting all the tracking everywhere, including their own services...
Quite frankly, it's a bit silly to paint Apple as some privacy fortress, who wouldn't have to comply with law enforcement/intelligence to unmask/tap traffic. I mean, for a lot of people VPN choice is done considering legal jurisdictions somewhere far away. Apple could/would never possibly offer this level of protection.
> when people get blocked by network security at work
There were also plenty of corp-ware in existence that had Flash as *absolutely mandatory*.
It's a matter of numbers.
If 20% of people are using VPNs, blocking them is going to be a double-digit hit.
It sucks that we need rely on a big company to make a big, scaled-up change like that in order to move the needle. This looks like a pretty fatal flaw in the design of TCP/IP. IPs should be randomized periodically and they should all be equal. You shouldn't be able to tell someone's country from them, let alone their city, ISP, whether it's coming from a business or somewhere residential, whether they are a bot or a human. The Internet shouldn't have boundaries like this, and the fact that it still does shows there's still work to do.
They… do?
This comment would be more useful if you have the name of the product or linked to it. I’m also not aware of this offering and wasn’t able to find information on it.
iCloud Private Relay
It's a very limited VPN as it only works for Safari/Mail and only anonymizes you to your region/country.
iCloud Private Relay (at least for Safari).
Private relay is an Apple VPN-like service that only covers iOS safari. That means the SoundCloud app or desktop usage will not receive any privacy benefits.
Just tested Soundcloud with a PWA using iOS Safari and Private Relay enabled. It works fine, albeit a few annoying popups asking to download the app.
Private Relay also works in macOS Safari.
They’re not big enough and some sites will hard block it with other VPNs, like the government of Delaware. Bigger sites still soft block it like Instagram which will randomly ban accounts using it, or Google with captchas every couple of searches.
You can't just blanket block all VPN access, that's not how the internet works... they could pick some common/well-known providers of VPN services and block their IPs/ASN/etc., but you can't just flip a switch and make all forms of VPN/proxy stop working, as there's no way to tell with certainty that someone is using one.
There are plenty of VPN and proxy detection services, either as a service (API) or downloadable database, which are surprisingly comprehensive. Disclaimer: I’ve run one since 2017. Years on, our primary data source is literally holding dozens of subscriptions to every commercial provider we can find, and enumerating the exit node IP addresses they use.
There are also other methods, like using zmap/zgrab to probe for servers that respond to VPN software handshakes, which can in theory be run against the entire IP space. (this also highlights non-commercial VPNs which are not generally the target of our detection, so we use this sparingly)
It will never cover every VPN or proxy in existence, but it gets pretty close.
> Years on, our primary data source is literally holding dozens of subscriptions to every commercial provider we can find, and enumerating the exit node IP addresses they use.
Assuming your VPN identification service operates commercially, I trust that you are in full compliance with all contractual agreements and Terms of Service for the services you utilize. Many of these agreements specifically prohibit commercial use, which could encompass the harvesting of exit node IP addresses and the subsequent sale of such information.
TOS are pretty meaningless in cases like this. It amounts to getting rejected as a customer and your account canceled.
Maybe the tables could be turned and we can build a service with dozens of subscriptions to every VPN detection service and report them for ToS violations ;)
> I trust that you are in full compliance with all contractual agreements and Terms of Service
Why? It's not like there's any real moral (or, likely, legal) reason to care beyond avoiding the service's ban hammer.
Tangent: if you hold access to all VPN providers, have you thought about also releasing benchmarks for them? I would be interested in knowing which ones offer the best bandwidth / peering (ping).
Interesting. I assumed all VPNs switched to IPv6 by now, making detection much harder.
IPv6 isn't magically unrouteable, it just routes much larger blocks of "end IP addresses."
You just track and block /24 or /16 as necessary.
Many websites including Soundcloud are still only accessible through IPv4, so this is moot, even if VPNs support IPv6 it's enough to block their V4 exit nodes for Soundcloud.
This will also cause problems with anyone that happens to (even accidentally/unknowingly) use apps that integrate services from companies such as BrightData/Luminati/HolaVPN/etc. where they sell idle time on your device/connection to their VPN/proxy customers.
The legitimate end-user will then no longer be able to use e.g. SoundCloud.
I fail to see the problem if people that allow their internet connection used by scammers/AI crawlers are banned from every service
I’m with you on this one. Some of my projects are flooded with sus traffic from Brazil. I don’t believe there are a million eager Brazilian hackers targeting me in particular. It’s pretty clear from analysis that they’re all residential hosts running proxies, knowingly or otherwise.
The more concise word for this is “botnet”. Computers participating in one should be quarantined until they stop.
You might want to learn how internets work today: https://en.wikipedia.org/wiki/Network_address_translation
> unknowingly
Often times random shovelware apps will have these proxy SDKs embedded in them, and the only mention of it being part of the software is buried in some long ToS that nobody reads.
> which are surprisingly comprehensive
How does the buyer even know what the precision and recall rates might be?
who's buying your service ?
GEOIP providers often sell a database of known VPN/Proxy endpoints. They take the approach of shoot first, ask questions later. Using one of these databases bans a lot of legitimate ip addresses that have seen been the source of known VPN or proxy traffic.
Its not perfect ofc, but its not meant to be. Its usually just used as a safety blanket for geoblocked intellectual property, like netflix.
I connect to my residential ISP in the USA via VPN all the time and have never had issues with being blocked for VPN use.
Maybe they mean commercial VPN providers that run on the cloud?
You know perfectly well what blocking VPN access means in common verbiage. I don't understand the motivation of these "hey look my WireGuard connection to home isn't blocked, you guys don't know the true meaning of VPN" comments that inevitably pop up in these discussions. Like come on, this is a tech forum, you're not impressing anyone for knowing the technical definition of VPN and how to set up WireGuard.
To flip that though, what about just using those sketchy-ass malware-laden "residential IP" VPN providers and route your traffic through someone else's hacked up VPN running on a Fire TV stick they bought off JimBob for $200?
The exhausting "well actually" masks a corrosive argument, that if you can't enforce the rules in a rigid and rigorous fashion, the rule is fiat.
It's not that he doesn't know the difference. He's making the argument that since there's no _technical_ difference there can be no legal difference.
Yeah, it's an ignorant and arrogant take on the legal system.
In most places the law is exercised pragmatically, interpreted by presumed intention. That's why legal precedent is important. You likely won't convince any judge being anal about the wording (maybe if the law gets applied for the first time). You can derail anything semantically. Furthermore, despite apparent belief, laws are frequently formulated in such a way that a particular wider term is extended to help interpretation. Eg. "It is prohibited to use a VPN in a way capable and intended to obscure one's physical internet access point identification". (Not a lawyer, not a native speaker, don't get anal with this wording, either.) I very much doubt any legally binding document would even use the term 'VPN' primarily to describe the technical means for anonymization, but rather describe it functionally.
If you block the commercial VPN services, you increase the burden of entry. You block the 99%. It's not a legal discission, it's a business decision.
And this is rather an anemic take. The (proposed) UK VPN ban that was recently discussed here have a definition on what exactly is a "VPN" for the purposes of the ban (basically "VPNs generally advertised to normal consumers") but a lot simply shouted "ssh go brr" (and definitely did not read the proposed law). These "let's go techical" thinking never flies with the poeple who makes such legislation, and in (probably unpopular!) opinion we should talk to them in terms that they can understand. Yes, we don't want that law, but having a purist take would probably alienate regular people.
It doesn't really matter that a single person has found a loophole because many, many other people don't have such a luxury, and that's what the lawmakers are aiming for.
I have worked for fintech companies that mandate VPN use as a security measure.
It's going to be interesting when the majority of the UK accesses the internet via VPN because of the increasingly ridiculous hoops that the UK makes them go through, and the government tries to stop them while also allowing VPNs to be used by the tech sector.
I agree, these are two separate legal processes powered by the same technology. But the internet doesn't have any awareness of legality (thankfully) so we're stuck with only the technical meaning.
They mandate you use Nordvpn? Or surf shark?
I doubt that.
Here's me making a similar argument a month or so ago
https://news.ycombinator.com/item?id=45926849
Besides the political implications, I think we should try to find an objective taxonomy, it's clear that privacy VPNs and network security VPNs are different products semantically, commercially and legally, even if the same core tech is used.
Possibly the configuration and network topology is different even, making it a technically different product, similar to how a DNS might be either an authorative server for a TLD, an ISP proxy for an end user, a consumer blacklist like pihole, or an industrial blacklist like spamhaus. It would be a non trivial mistake to conflate any pair of those and bring one up in an argument that refers to the other.
Tailscale is really not that hard to set up. There's an Apple TV app for it, even. And who doesn't have some friend in another state or country that would like an Apple TV?
Your friends don't find it uneasy that you can be tunneling illegal activities through their internet connection and have the FBI knocking at their door in a few months?
Exactly, I have friends from other countries. Friends I really like, I would not give a VPN access to my internet connection to most of them. They have to be the perfect intersection of technically competent (so that their computer doesn't get turned into a botnet) and fully trustworthy.
I do actually give VPN access to my mother that is not technically competent but I have full access to her computer and locked her down as much as possible
This word you used... friend... what does it mean to you?
Obviously not everyone have friends in all of the countries they want to tunnel to (or want to ask them). Otherwise these VPN services wouldn't exist.
I live a thousand miles from another country. No I don't have friends in another country and I don't even know anyone with friends in another country except immigrants or spouses of immigrants.
I am concerned that this comment reads like an advert, it's completely unnecessary and out of touch.
How is it out of touch? GP comment makes it sound like the technical know to setup a VPN exit node is this crazily esoteric super weird nerdy thing that no one would expect anyone normal to even know about. Installing an Apple TV app onto an Apple TV and mailing it to a friend requires zero command line usage.
But no, Tailscale did not pay me for this comment. I do happen to know someone that works there though.
>Maybe they mean commercial VPN providers that run on the cloud?
I just tried it with a well known commercial VPN and I had no problems accessing the site and its music content.
>I connect to my residential ISP in the USA via VPN all the time and have never had issues with being blocked for VPN use.
Bit of a non sequitur, you would have to outline your entire usage pattern to even submit that as N=1.
GEOIP providers dont sit on your home network. They do accept data from third parties, and are themselves (likely) subscribed to other IP addressing lists. Mostly they are a data aggregator, and its garbage in > garbage out.
If someone, say netflix, but other services participate, flag you as having an inconsistent location, they may forward those details on and you can get added to one of these lists. You might see ip bans at various content providers.
But the implementation is so slapshod that you can just as likely, poison a single ip in a CGNAT pool, and have it take over a month for anyone to act on it, where some other users on your same ISP might experience the issue.
These things can also be weighted by usage, larger amounts of traffic are more interesting because it can represent a pool of more users, or more IP infringement per user.
You can also get hit from poor IP reputation, hosting a webserver with a proxy or php reverse shell, or a hundred other things.
(Also, larger ISPs might deal with a GEOIP provider selling lists of VPN users that include their IP address space, legally, rather than just going through the process of getting the list updated normally. This means the GEOIP providers can get skittish around some ISPs and might just not include them in lists)
There is even a single company in the unique position to actually tell where exactly(-ish, considering CGNAT exists) where an IP address is located: Google. They do use the "enhanced location" data on Android devices to pinpoint where an IP is, so a single Android device can actually change fings for Google (and YouTube).
> You can also get hit from poor IP reputation, hosting a webserver with a proxy or php reverse shell, or a hundred other things.
or in my case, have a VM on same subnet as other poor actors and thus get bad rep from others.
https://ipinfo.io/what-is-my-ip
Here’s one database to check.
Yes, and email is decentralized in theory...
If using a VPN for access is forbidden by the ToS, you only need to detect a VPN connection once to prove violation.
The IPv4 address space to consider is limited and it is technically absolutely feasible to exhaustively scrape and block the majority of VPN endpoints. Realistically any VPN provider will have some rather small IPv4 subnets make do, shit's expensive. More so, for the trivial case, VPN anonymization works best, when many people share one IP endpoint, naturally the spread is limited. There are VPN providers, some may even be trustworthy, which have the mission of "flying under the radar" with residential IPs and all, but they are way, waaaay more expensive. For most people that's no option.
IPv6 is a different matter, but with the very increase in tracking and access control discussed here, that may be even more of a reason, IPv6 is not going to be a thing any time soon....
Thinking about it, maybe this AI monetization FOMO and monopoly protectionism, will incidentally lead to a technological split of the web. IPv4 will become the "corpo net" and IPv6 will be the "alt net". I think there may be a chance to make IPv6 the cool internet of the people, right now!
> you only need to detect a VPN connection once to prove violation
But an IP address is not a person (legally in the US at least), and many IPv4 addresses get re-used fairly often. My home 5G internet changes IP every single day, and it's a constant struggle because other users often get my IP blocked for things I didn't do. I cannot even visit etsy.com for example. Just for fun I even checked 4chan and the IP was banned for CP, months before I ever had this particular IP (because I'm paranoid and track all that stuff).
> But an IP address is not a person (legally in the US at least)
That's a completely different matter (and still probably reasonable suspicion for a search, anyway). If an account/service ID evidently uses a service through a VPN there is no uncertainty of ToS violation. Of course someone could have hacked your account and used a VPN, it doesn't ultimately prove you did it, but nevertheless the account can be flagged/blocked correctly for VPN usage.
> many IPv4 addresses get re-used fairly often
The VPN's servers won't be using changing, "random" IPs. That's something ISPs do when assigning residential IPs. VPNs with residential IPs are not common. (I am not sure those VPNs are even really legal offerings.)
If your ISP uses NAT for its subnet space, you could argue it's technically similar to a VPN. However, same as with VPN exit scraping/discovery, those IP spaces can be determined and processed accordingly. I am also sure those ISP subnets for residential IPs are actually publicly defined and known. Eg. the Vodafon IP may get temporarily flagged for acute suspicious behavior, but won't get your account flagged for VPN violation, or even blocked permanently, since it's known to be the subnet of a mobile ISP, which uses NAT.
Additionally, I presume e.g. SoundCloud prohibits anonymizing VPNs, not everything that's technically a VPN or similar.
As long there isn't a critical risk, these kind of business decisions won't aim for certainity.
They probably assume some amount of collateral damage, a small number of VPN users still flying under the radar, the bulk of VPN users being properly targeted, and the vast majority of users not noticing anything.
It is easier to block all non-residential addresses, than block VPNs. As an added "bonus" it also kills personal VPNs running on VPS. VPNs in residential space exist but are sold as "premium" product.
yes and those users that happen to have their bw sold as residential VPN will be caught in the crossfire... many times they are not even aware of it because it's something buried in a ToS they didn't read for some random app.
Hell, I remember malware (Trojans / RATs) from the 2000s that allowed you to use your victims IP as your personal proxy.
Nowadays it's called "residential IP proxy".
A lot of shady shit under that term. Used by all the harmful services - scammers, AI crawlers... :)
Now that you mention it, I never used those, but I always did wonder how they do those.
Someone googles "free VPN" so they can watch region locked videos and now their connection is a part of that network too. They may or may not realize that this is the arrangement.
Big part of the Internet blanket ban countries, why do you think VPNs are any different?
Countries can be isolated at the physical junctions (in the case of a country as restrictive as NK).
Banning by a hosted IP amongst billions of other IPs is different.
MTU detection is the easiest one. Sucks for people with ISPs that don't do 1500 bytes but those are rare.
> but those are rare.
yeah sure, if you ignore the existence of literally every mobile isp.
Isn‘t sub-1500 bytes the norm for residential internet access? (DOCSIS and DSL with PPPoE are the most common access protocols here in Germany)
looks at Japan, UK (OpenReach), and a lot of other places still using PPPoE (on fiber!) for complicated reasons
Some of those (including many providers on Openreach) will support mini-jumbo frames that allow an MTU of 1500 inside pppoe.
Hard disagree... there are still a vast many providers around the world doing < 1500, such as PPPoE DSL.
Ironically, I can't read the Reddit post with my VPN.
I'm pretty sure reddits reason for blocking VPN's is they want the AI scrapers to pay them for a data feed.
They also block data center IP's
> I'm pretty sure reddits reason for blocking VPN's is they want the AI scrapers to pay them for a data feed.
Signing up for Reddit through a VPN has been difficult to impossible for a long time.
The amount of abuse that comes through VPN-sourced IP addresses is much higher than normal. It's common to block it on any social media site.
Over five years of paid SoundCloud here, I thought something was wrong with my setup. If this continues I'll have to cancel, basically. What a pain.
same here. been a paying customer for 2 years, a soundcloud listener for 5+. this is where i switch back to downloading music off russian pirate websites.
> this is where i switch back to downloading music off russian pirate websites.
As a bonus you may even get discount codes for your VPN!
For real tho, fuck all those rent-seeking control freaks. Piracy was almost dead, we had a good deal. But no, it's never enough, so here we are.
Also, some piracy boards are actually pretty steady, nice and cool communities, and listing to local files feels way more intentional.
Ironic posting that on reddit who also blocks vpn access.
I'm in the UK, so I access Reddit through an Irish VPN all the time and have never had issues.
Are you logged in? The block is usually for logged out users.
Still seems to work via the desktop interface while accessing the old.reddit version, at least it worked a couple of days ago for me, I can't speak for the new web version nor for their phone app, cause I'm not using those.
For me also the normal web version (non-old) works, at least with Mullvad.
edit: Ah, it's based on login status
Should be interesting to see how the internet blocks those of us who don't want to be fingerprinted, ID'd, or reveal our home IP addresses. YouTube already blocks embeds to login and prove I'm not a bot, funnily it doesn't work and embeds never play. Reddit will block me unless I'm signed in which I don't mind too much, but the daily beast and many others block me which is a shame because I'm a real human being using the internet as intended.
Instead of blocking or limiting features to whitelist users with approved behavioral patterns and limit / block those that don't -- such as loading a page and immediately commenting or doing things that normal humans don't do, they block IP addresses and ASNs.
I just close the browser tab and remind myself not to waste my time caring, there'll be other platforms.
My router is setup for WireGaurd and it'll never be disabled.
Shame on SoundCloud
>block those that don't -- such as loading a page and immediately commenting or doing things that normal humans don't do, they block IP addresses and ASNs.
As someone who has both spent quite a bit of time writing scrapers and later lots of headache on blocking malicious bots from accessing websites, I can tell you this has become futile. Bot makers aren't stupid. If you put in a check for how fast actions are performed, they will put in a sleep timer in their script. If you start blocking residential IPs because many people use it, you are probably just blocking a school or dormitory, while the real bots will quickly move to another IP once they smell something is off. Today with modern multimodal LLMs, you can bypass almost every "human-check" imaginable. And if they can't pass something, most of your users sure as hell won't either. Not because it is too hard, but because it will take too long to solve. The sweet 3-15s actionable human intelligence threshold has been passed by now. The cats and dogs type captchas were already solved more than 12 years ago by simple CV machine learning. The tech has progressed an insane amount since then. In the end I always ended up basically doing what SoundCloud did here if my service was sensitive: Block entire countries, all tor exit nodes and all known VPN ASNs. That will get it down by like 90%. Bear in mind that anyone who wants to put in some effort will still easily bypass this, but at least the low-effort guys from third world countries will take a while before they catch on. So you can go back to doing some actual work in the meantime.
> which is a shame because I'm a real human being using the internet as intended.
This is the main issue here, the web has become actively hostile to normal people in the quest to monetize every second of online activity.
"Actively hostile" is another of the common myths. See also: "corporations are evil".
"Completely indifferent" and "Corporations are completely amoral" are more accurate.
It's the difference between someone trying to drown you, versus someone trying to fish while you drown just off the bank. Same end, of course.
What do you think "evil" means? In the real world, there's no one holding up a platonic ideal of moral action and swearing to do the opposite, like some comic book antagonist. Real world evil is acting with complete amorality, because if you don't care about right or wrong in your pursuit of some goal, you inevitably will do some heinous shit.
That's not to say corporations don't come awfully close to the comic book concept of evil. By definition, a corporation's prime purpose is an uncaring commitment to making money, and if you've gone public, making all the money. That's awfully close to being the opposite of the "good" ideals of generosity and kindness.
I don't think they're evil, but to say that consumers aren't the fish seems a stretch.
In the nicest way possible: who cares? So "they" know my vile pornographic proclivities, my daily commute, and probably what color my poop was this morning. Then what? I get embarassed?
Snowden showed the NSA has taps upstream, so in my book: that's over. I'm fairly convinced if your company reaches a size where it could potentially be a national security threat, the government comes knocking (Facebook, Apple, Twitter, etc.), so that seems like it's over. You have the AI companies scraping god knows what. And, I imagine most countries have corollaries.
Really, all the bad actors I'd encounter in my daily travels would be ones who want to steal money from me. That's a simple ideology. I can handle that. My identity gets stolen, my bank account...there's multiple levels of billion dollar companies with vested interest in me not losing faith in "the system," so I'm not worried about it really.
If a company wants to associate my phone number to glean all my purchases forever in order to target tailored ads to me, fine. Again, it's in the spirit of taking my money, which is a simple ideology.
If the neighbors want to snoop on my traffic, hats off to them for having the capacity to live two lives: both theirs, and mine after they figure out my day-to-day dealings. Doubt they have time to do much about it. Hard enough to live one life in 24 hours.
If the government wants to try and keep tabs on everything to see who's making ICBMs and who isn't, or whatever else they want to do, that's their prerogative but it seems like a complex goal that doesn't affect me.
This only works so long as you're not interesting to anyone. You never know what past information associated with your identity will be weaponized against you. By the government, corporations, or individuals to justify harming you. Even if you're safe and secure in the belief that your neighbors will never turn on you, others are not so lucky.
Did you travel to get an abortion? Someone might be interested in charging you with a felony. Did you associate too closely with non-citizens? Maybe you're one too. Did you reserve a hotel room? Probably willing to pay more for flights there. Do you frequent hacker news? Might not be so in favor of the current political establishment.
You make a couple of good points. The necessity to commit a felony in the name of healthcare as traveling to get an abortion is shameful. I can't believe it's come to that. Have people been rounded up into camps and exterminated for innate human qualities and beliefs? Yes. And it's disgusting I have to type that as well.
But beyond that I disagree with your sentiment.
These things need to be stopped as they come. Withholding data and living a life of fearful "what ifs" cannot preemptively stop atrocity. Of course I'll never know what past information can be used against me in the future; weaponized in ways I cannot fathom. It's a possibility. Hindsight is 20/20, but "you can't predict the future," so how would I know? I have to live my life. I gotta do SOMETHING.
The crux of all of those "what ifs" is beholden to if the person correlating that data has social agency to act upon it. If that's the case, anyone could be my next predator. Anyone could be the next Hitler waiting to exterminate me based on my non-citizen camaraderie or political leanings.
Data is just a predictor, it is not the truth. If my life provided a data point for a yet-to-be-born hostile dictator to perjure me, I will deal with that when it comes, but I can't live my life out of fear.
Last night I was blocked from HBOMAX (or whatever brand they go by these days) for being on a VPN. That was the first time I've ever encountered something like that on HBOMAX. I wonder if there is some coordinating event here.
Did the error condition actually call out "VPN use" ? Did the HBO UI actually call out, by that term, a VPN ?
... or were you simply using a VPN and that's the most likely culprit for a general failure of the service ?
Genuinely curious ...
Having it spelled out as "Are you on a VPN?" on streaming services is pretty common these days. I guess with the popularity of consumer VPNs that term isn't just a technical one any more.
Your mileage may vary. Logged in and listened to a couple of tracks DHCP VPN which exits in Denver using Surfshark at 64.44.x.x about 1600 miles away.
What's the motivation for blocking VPN read access for this and other services? Are AI scrapers using commercial VPNs to get around rate limiting?
Legislation. If a country requires age verification, identity verification, moderation, etc, it's easy enough to either block that traffic or enforce the local laws. However users can easily circumvent this with a VPN. For some countries, this traffic is still in scope, and so the only real way to prevent it is to block or impose the restrictions on all VPN users.
Could also be spam/abuse prevention. Credential stuffing often goes through VPNs, signup over VPN is a strong signal for future abuse or issues in various ways.
Yeah, but age verification for _music_?
Were you around in the 90s? Remember when Marilyn Manson was blamed for Columbine?
well, what if an artist put something controversial in the lyrics, like, something that radicalizes a minor into developing something maligned like, agency, or self awareness
Tipper Gore, is that you?
I suspect country level licensing, soundcloud I sometimes seen songs "not available in your country" or something along those lines
Yes mostly about this. I can't use SoundCloud (or Spotify) in Serato DJ Pro to connect and play songs, not available in my country. But Apple Music connected, so moving my archive there.
It doesn’t really matter if they’re using commercial VPNs or the same upstream providers as commercial VPNs. Blocking an ASN is a million times more effective than blocking single IPs (at the risk of blocking genuine customers). I’ve had customers reach out to me asking to be unbanned after I blocked a few ASNs that had hostile scrapers coming out of them. It’s a tough balance.
VPNs often use providers with excellent peering and networking - the same providers that scrapers would want to use.
AI scrappers made it so much worse. Now most things completely block VPN users who aren't logged in. Reddit and Youtube will refuse to load anything until you log in if you are on a VPN.
The irony is that I tried to access the link here but reddit blocks VPN access aggressively.
Across 3 VPN providers I use, none of them have issues accessing reddit anonymously. There are nodes/regions that are blocked, but finding a working server isn't hard.
Might be you're logged in? I often hit a block when using (proton) vpn if I'm logged out but not otherwise.
>accessing reddit anonymously
Care to name them? I use Mullvad, and I love them, but their exit nodes are routinely blocked by Reddit and streaming services.
Of the largest providers[1], PIA and nordvpn work fine for me.
[1] https://ipinfo.io/tools/vpn-providers-detected
Mostly VPNs that don't show their infrastructure publicly (or at least their IP pools) seem to be working across Reddit.
Well, goodbye SoundCloud (and all services doing the same thing).
I am so sick of these IP blocks. Same thing in Discord where a lot of servers deploy third-rate services like Double Counter that’s effectively a malware host. There’s nothing wrong with using VPN. I don’t want my IP exposed when my ISP doesn’t allow me to freely change it like they used to even a couple of years ago.
Even Russia and Iran has issues blocking VPN country wide…curious what SoundCloud is going to be able to do. I’m guessing it’s to block AI scrapers but ironically, they have way more resources than your customers. SoundCloud will end up pissing off their paying customers and AI bots will still be able to scrape.
I tried creating a SoundCloud account recently for uploading DJ sets to and it just outright wouldn't let me. Didn't matter whether I was or wasn't on a VPN, or whether I had clean cookies. Crappy bot detection. You can be sure I'm never paying for such a hostile service.
Uploadig dj sets with comercially released music to Soundcloud is not allowed.
Given that I have hundreds of SoundCloud DJ sets bookmarked that contain commercially released music that’s obviously not true.
They blocked *some* vpns. I was able to get it working just by switching location with my vpn provider.
i’ve watched this VPN arms race get weird over the years... as a user i feel like the license wars always spill over onto my connection.
rights holders keep demanding geo fences and identity checks... service providers comply because they don't want to get sued.
BUT... the blunt tool is to block whole swaths of IPs... then we all scramble.
i think the conversation around Apple or any single company saving us is missing the point.
ALSO... even if a big platform rolled out an anonymizing proxy... regulators would still push for carve outs... copyright exemptions... law enforcement taps.
the root is the business model... ad targeting... licensing... fraud detection... all of which depend on tying a real person to a real IP.
HOWEVER... if enough of us treat VPN use as normal... the calculus changes.
blocking a few percent of weirdos is easy... blocking half your paying users is not.
i don't know the answer... but i suspect it's going to get more fragmented before it gets better.
link for actual people https://www.reddit.com/r/SoundCloudMusic/comments/1pltd19/so...
Yarr… when this happens to ye, it’s time to sail the high seas!
Uhhh. Unless people are now using SC completely differently from how I was using it, the media people publish on SC is far too niche to be available via piracy.
Exactly, and you should go deeper and encourage absolutely everyone in your surrounding to drop the service.
They're doing everything they can to make piracy the best option.
I think it's the thought that counts. Presumably they will get better at blocking all VPNs.
And VPNs will get better at avoiding them. In the military world, this is called "C-squared" (counter-countermeasures).
Doesn't reddit block VPNs as well?
IME, only if you're not logged in.
Works for me most of the time. A couple of months ago, there was a period where a subset of the exit IPs were blocked for a short period each.
i tunnel my internet through linode with wireguard - reddit blocks me if i'm not signed in.
with soundcloud, i just got a generic 403 from cloudfront
combine that with country-level internet filter, the internet is getting harder and harder to use :(
Well, most sites are going to block VPS IP spaces (which are published online) as it's ~100% bot activity.
ah if they are using cloudfront, they must be using the AWS managed WAF rule, which is pretty bad.
I used that once and got in trouble with the client since the ruleset was over blocking.
Not the first,
Patreon also banned VPN
YouTube, Reddit - locked out, requiring to log into account, on pretense of security and care concerns, yeah to identify and track VPN users.
irony is this is posted on reddit, who also blocks VPN’s
Strange, it works here (Taipei based vpn and logged in)
Financial times does as well for me on certain browsers but not others. Pretty annoying.
stares in Lidarr
Doesn't really fulfill the same niche Soundcloud does. Most content on SC is non-commercial or just simply not available on any streaming service.
Lidarr relies on people ripping this music, and also adding the metadata to Musicbrainz, which just simply isn't going to happen for most SC uploads.
I thought for a moment while reading these comments that somehow SC had completely changed in terms of content and type of user. People seem to think it's a Spotify-like or something. I consumed essentially audio shitposts and DJ mix sets on SC, stuff that you're not going to find published in a pirateable form...