Artificial regions, real risks

In my last encounter with what I call “artificial regions” that I talked about, I was complaining about the problems with ping-ponging between US and Italy, and then moving to Dublin. Those first-world problems are now mostly (but not fully) solved and not really common, so I wouldn’t call them “real” for most people.

What I have ignored in that series of posts was, though, the region-locking applied by Big Content providers, particularly in regards to movies, TV series, and so on. This was because it’s a problem that is way too obvious already, and there isn’t much that one can add to it at this point, it has been written about, illustrated and argued for years by now.

The reason why I’m going back to this now, though, is that there has recently been news of yet another scam, at the damage of the final consumers, connected to a common way to work around artificial region limitations. But first, let me point out the obvious first step: in this post I’m not talking about the out-and-out piracy option of downloading content straight from The Pirate Bay or anything along those lines. I’m instead going to focus on those people who either pay for a service, or wants to pay for content, but are blocked by the artificial region set up for content.

I’ll use as my first example Comixology of which I’m a customer, because I like comics but I travel too much to bring them with me physically, and more importantly would just increase the amount of things I’d have to move with me if I decide to change place. Unlike many other content providers, Comixology uses multiple regional segregation approaches: your payment card billing address tells you which website you can use, which actually only changes how much you’re paying; the IP you’re coming from tells you which content you can buy. Luckily, they still let you access paid content even if your IP no longer match the one you can buy it from.

This is not really well documented, by the way. Some time ago they posted on their G+ page that they opened a deal with a manga distributor so that more content was available; I took the chance to buy a bunch of Bleach issues (but not all of them) as I have not finished watching the anime due to other issues in the past, and I wanted to catch up on my terms. But a few weeks later when I wanted to buy more because I finished the stash… I couldn’t. I thought they broke off the deal, since there was no reference to it on the website or app, so I gave up… until they posted a sale, and I saw that they did list Bleach, but the link brought me to a “Page not Found” entry.

Turns out that they admitted on Twitter that due to the way the rights for the content go, they are not allowed to sell manga outside of the States, and even though they do validate my billing address (I use my American debit card there) they seem to ignore it and only care on where they think they are physically located at the moment. Which is kinda strange, given that it means you can buy manga from them if you’ve got an European account and just so happens to travel to the United States.

Admittedly, this is by far not something that only happens with this website. In particular, Google Play Movies used to behave this way, where you could buy content while abroad, but you would be stopped from downloading it (but if you had it downloaded, you could still play.) This was unlike Apple, that always tied its availability and behaviour on the country your iTunes account was tied to, verified by billing address of the connected payment card — or alternatively faked and paid with country-specific iTunes gift cards.

One “easy” way to work around this is to use VPN services to work around IP-based geographical restrictions. The original idea of a VPN is to connect multiple LANs, or a remote client to a LAN, in a secure way. While there is some truth about the security of this, lots of it is actually vapourware, due to so many technical hurdles of actually securing a LAN, that the current trend is to not rely on VPNs at all. But then again, VPNs allow you to change where your Internet egress is, which is handy.

A trustworthy VPN is actually a very useful tool, especially if what you’re afraid of is sniffers of your traffic on public WiFi and similar, because now you’re actually only talking with a single (or limited set of) points-of-presence (POP) with an encrypted protocol. The keyword here is trustworthy, as now instead of worrying of what people in your proximity could do with your non-encrypted traffic, you have to worry what the people who manage the VPN, or in proximity to the VPN provider, would do with that information.

Even more important, since VPNs are generally authenticated, an attacker that can control or infiltrate your VPN provider can easily tie together all your traffic, no matter where you’re connecting from. This is possibly the sole thing for which Tor is a better option, as there isn’t a single one manager for the VPN — although recent discussions may show that even Tor is not as safe from following a single user as some people kept promising or boasting.

These VPN services end up being advertised as either privacy tools, for the reasons just noted, or as tools against censorship. In the latter case the usual scare is the Great Firewall of China, without considering that there are very few websites that suffer what I’d define “censorship” on a country level — The Pirate Bay does not count, as much as I think it’s silly and counterproductive to ban access to it, censorship is a word I’d reserve for much more venomous behaviour. Region-locking, on the other hand, as I’ve shown is pretty heavy, but just saying out loud that you work around region-locking is not really good for business, as it may well be against all terms of service that people say they accepted.

Here comes the bombshell for most people: yes, VPN services are (for the most part) not managed by angels who want all information in the world to be free. Such “heroes” are mostly created by popular culture and are much rarer than you would think. Painting them as such would be like painting MegaUpload and Kim Dotcom as generous saviours of humanity — which admittedly I’ve seen too many people, especially in the Free Software and privacy-conscious movements, doing.

VPN services are, for many people, quite profitable. Datacenter bandwidth is getting cheaper and cheaper, while end-user speeds are either capped, or easily capped by the VPN itself. If you make people pay for the service, it’s not going to take that many users to pay for the bandwidth, and then start making profits. And many people are happy to pay for the service, either because it’s still cheaper than accepting the geographical restrictions or because they go for the privacy candy.

On the other hand there are free VPN services out there, so what about them? I’ve been surprised before by self-defined privacy advocates suggesting to the masses to use free VPN services, while at the same time avoiding Dropbox, Microsoft and other offerings with the catchphrase «If you’re not paying for it, you’re the product.» Turns out for free VPN providers, you most definitely are a product.

To use the neologism I so much hate, it’s always interesting to figure out how these providers monetize you, and that’s not always easy because it may as well be completely passive: they could be siphoning data the same way I described in my previous post, and then use that to target you for more or less legal or ethical interests. Or they could be injecting referral codes when you browse websites with affiliate programs such as Amazon (similarly to how some Chrome extensions used to work, with the difference of being done at the router level) — this is, by the way, one extremely good reason to use HTTPS everywhere, as you can’t do that kind of manipulation on protected pages without fiddling with the certificate.

Or, as it became apparent recently, they may be playing with your egress so that sure, you are now going to the Internet through some random US person’s address, but at the same time, your address is being used for… something else. Which may be streaming a different version of Netflix – e.g.: the Big Bang Theory is available on French Netflix, but not in the US one – or they may be selling stolen credit card data, or browse for child porn, or whatever else they care to do.

What’s the bottom line here? Well, it seems obvious that the current regime of rights that imposes region-locking of content is not only unlikely to be helping the content producers (rather than distributors) much – The Pirate Bay content never was region-locked – but it’s also causing harm to people who would otherwise be happy to pay to be able to access it!

I’m not advocating for removing copyright, or that content should be free to all – I may prefer such a situation, but I don’t think it’s realistic – but I would pretty much like for these people to wake up and realize that if I’m ready to give them money, it would be a good thing for them to accept it without putting me at risk more than if I were not to give them money and just pirate the content.

And now go, and uninstall Hola, for universe’s sake!

New ancient content

This is a very brief post, which is just going to tell you that all the old content which was originally written on the b2evolution install at Planet Gentoo, and which was then imported into the WordPress install at Gentoo Blogs, have been imported into this site instead.

This basically means that Google will start indexing the old posts as well, which will then appear on the custom search’s results, which is why I went through the trouble. In particular yesterday’s post was actually linked to a very old problem which I enocuntered almost exactly seven years ago (time flies!) but finding it was a bit of a mess.

So I saved a backup of the WordPress data, and wrote a script to create articles in Typo starting from it. The result is that now there are 324 extra posts in this blog — unfortunately some of them are noise. Some of it because the original images they linked to are gone, others because at some point b2evolution went crazy and started dropping anything where UTF-8 was involved, as can be shown by the original and the truncated version from the Wayback Machine. I’ll probably import the two articles I found being truncated.

After the import completed, I also deleted the WordPress site on Gentoo’s infra. The reason is simple: I don’t want to have two copies around, with all the broken links it has (nobody set up a remapping of the old planet links to blogs links), the truncated content and so on. There are a number of things that need to cleared up with the content, and links that went from this blog to the old one need to be fixed as well, but that’ll happen over time, I don’t want to sweat it now.

I’m happy that my content is back with me.

The real hustler: DLC

Today I’m not going to write my usual rant or generic post about arguments tied to Free Software but rather a commentary about modern content, in this particular case, games. If you don’t care, or if you feel like I’m a cancer to the Free Software movement because I do play proprietary games, then you’re free to not read this post at all. Thanks.

There is one thing I love about the “cheap” (less than €10) games that are available on “PlayStation Network” (Sony’s digital content delivery platform — or to use less buzzwords, their online store): they often are multiplayer, either via network or locally. This is something I find quite important because of two tied reasons: most of the games you buy on BluRay for PlayStation 3 are single-player, or only allow network multiplayer, but at the same time I often have friends home to play with. Of course there are notable exceptions like Street Fighter IV and Naruto (to name two I have) but even these only stop at two-players modes, while games like Worms and Bomberman Ultra (both available on PSN for less than €10) can be played with three and more people.

Following this idea, yesterday I bought Hustler Kings, a pool game for the PS3, something that, with a friend of mine, we were waiting for a long time. I like pool, both the real thing and the videogames, so I felt like it was a nice €8 to spend on that (it’s still less than a single session at a pool place around here). The game itself is pretty cool, both for what concerns the pure graphic aspect (very shiny), and the local gameplay, the AI is not too stupid and not too perfect in the non-Hard modes — something that cannot be said of Bomberman Ultra.

While the game provides different modes of play, beside the usual 8-ball pool game (9-ball , English black-ball , and cut-throat ) it still lacks snooker which I got addicted with FooBillard. And for those wondering, I couldn’t get FooBillard to work any good in the last years, both with and without compiz. Given that it seems to be dead upstream that really makes me sad.

What I haven’t had the guts of trying yet is the online play. While, obviously, all games provide a “online game experience may vary”, this game does not really have much of a network-bound problem as it’s mainly turn based, so I guess the gameplay itself wouldn’t change much. But rather than the usual methods of network play, the developers of Hustler Kings tried to go one step further – thus the name – and I quite like the idea: you play for (fictitious) money with other players, investing from the balance you can earn in local play as well. Might not sound that much new but they also seem to have added two extra quirks that I hadn’t found on other games before.

The first quirk takes form of a special “trophy” for the PlayStation 3: you can only earn it by beating another player that has it, with the developers of the game being the only people starting with the trophy on them. This makes the whole competition interesting for the “completitionists” out there.

The second quirk actually made me a bit angry for the moment, but then I thought it was actually a very interesting way of playing it out: special chalk to make complex shots easier is available on the store… not with the virtual money, but with actual money: €0.25 a piece (at least for two out of three versions, the last is a combination of the other two so I guess it’d be priced slightly higher). While they might sound pretty useless for playing locally, or for those who play over the network with friends, they are most likely the required edge that allows entering the online hall of fame.

Now it’s interesting to see the way different developers (and thus different games) consider the so-called DLC (Downloadable Content): some make it the very basis of the game (LittleBig Planet, the various Rock Band and company), others provide expansions (Fallout 3 , Brütal Legend ). I don’t think I have seen anything as interesting as the Hustler Kings method up to now though. The price of the single DLC (the chalk) is very small (even though the PlayStation Store will impose a €5 minimum fund), and it’s neither strictly needed to play nor essential to face other players that have it. And it’s not a one-time expense (like music tracks or costumes).