VPN location-spoofing by mapping network delays

[Stevieoo 3]

Did you know that?

 

 

Please read: https://thestack.com/cloud/2016/02/16/vpn-network-time-delay-abdelrahman-abdou-cpv/

 

CPV_TDSC.pdf

[go558a83nk 371]

That brings to mind something another VPN provider addressed

 

https://zorrovpn.com/news

 

on 09/04/2015 Zorro staff wrote "TTL (time to live) of IP packets is normalized to prevent VPN usage detection by TTL values analysis."

 

I'd imagine this is talking about the same thing?

[Stevieoo 3]

It would definitely be interesting to hear what the staff says about..

[OpenSourcerer 1467]

I'd imagine this is talking about the same thing?

 

No, they're not, because the Client Presence Verification is about something else:

 

In CPV, when a client asserts its presence in a geographic location, delays are measured between the client and three verifiers encompassing the asserted location. These delays are then processed to provide  assurance that the client is truly present (geographically) inside the triangle determined by the three verifiers.

 

It's more like an attempt to find out whether you lie about your device's location. TTL values are something different.

[go558a83nk 371]

 

I'd imagine this is talking about the same thing?

 

No, they're not, because the Client Presence Verification is about something else:

 

>In CPV, when a client asserts its presence in a geographic location, delays are measured between the client and three verifiers encompassing the asserted location. These delays are then processed to provide  assurance that the client is truly present (geographically) inside the triangle determined by the three verifiers.

 

It's more like an attempt to find out whether you lie about your device's location. TTL values are something different.

 

 

when you talk about lying about location are you saying that the owner of the VPN server tries to get the location databases to report the wrong location?

[OpenSourcerer 1467]

No, the server doesn't report anything. GeoIP databases are those reporting IP location. CPV just performs some latency tests to a connecting computer to verify if it is where the server is according to GeoIP.

 

the owner of the VPN server tries to get the location databases to report the wrong location?

 

No, CPV is independent from anything of this kind. The one-way delay checks are performed on the application layer, therefore, CPV could be implemented into a website and the VPN server would just forward everything as expected.

 

Just so you know, it's not something to find out your real location. This technique is just used to verify the correctness of your alleged location.

 

experimental results show that CPV can provide assurance granularity down to a triangle whose area is as small as a circle of radius ∼400km.

 

The triangles are fairly big, so I think when I connect to the geographically nearest server, chances are high that I'm still in the triangle, causing a false negative. 400 km in all directions from my location cover Frankfurt, Berlin, the Netherlands and maybe Munich and parts of France and Switzerland.

Edited ... by giganerd