pantz.org banner
Using a VPN could make you think websites are broken
Posted on 09-27-2020 03:34:12 UTC | Updated on 09-27-2020 03:41:32 UTC
Section: /software/vpn/ | Permanent Link

Have you ever visited or tried to log into a website, and been greeted by odd error messages like "Access Denied" or "Oops something went wrong". Your thinking "What the heck? I'm just trying to use your site as it was intended". Then you figure the site must be having some type of technical issue, and either move on, or try back later. Well, even if you try back later for days you still get the same errors. Then you turn off your VPN, magically the site works perfectly fine. This is your first introduction into the world of banned service providers AKA black/block lists

Preface

I will preface this by saying that the examples below were tested on one of the the largest VPN providers out there. You might or might not have issues using your VPN provider, but weird errors are something to keep in mind when sites just seem to break, and you can't figure out why. It might look to you like the site is broken, but this is just the site designers way of protecting themselves from abuse.

Website security

When you see all of these errors, odd messages, or connection issues, much of it is done on purpose. Websites will setup security services or appliances to block connections from networks that give them issues or cause trouble. VPN providers or large hosting services like Amazon usually end up on these lists. VPN's and hosting providers are services people can hide behind to abuse websites. This abusive behaivor is something the websites don't want to deal with. They will throw up a message or error to let you know that there was an issue. They will never tell you what that issue was, nor will they likely ever tell you that you have been blocked. If they did this then an attacker might change tactics or providers to see if they can get through another way. That is the worst part of this process. The site won't tell you it's messing with you, it will just make it look like it has broken itself in a gentle and annoying way. From the websites point of view, it's just protecting itself.

Examples of how sites protect themselves

Sites perform all kinds of antics when encountering IP's they don't trust. For example ...

Examples of protection from real websites

Note: All sites below work perfectly fine with VPN off. These errors only happen with VPN on.

Conclusion

Hopefully you don't encounter these issues with your VPN provider. But if one day you start seeing odd problems with a website, and you just can't figure out what's going on, always try to turn your VPN off if you have one. If your seeing one of the type of issues above, and you are not using a VPN, then you might just be on a block of IP address's from a provider that is causing grief for certain websites. If that happens, this is where a VPN might be able to help you. If you can find a VPN that has not been marked as troublesome by the same website your having issue with, then you can use it to access the site. Go figure.

Reddit!

Related stories

Playing video from an Android app from a Chromebook network share
Posted on 07-28-2020 00:25:10 UTC | Updated on 07-28-2020 00:31:18 UTC
Section: /hardware/chromebook/ | Permanent Link

I wanted to play some video files from a Linux machine I have on the network, and wanted the ease of just opening Chrome OS's file manager, mounting a network file system, and playing the video file of my choosing with any of the installed apps from preferably from Android, but possibly from the Linux VM as well. You can do this easily with files mounted from a USB thumb drive or local storage.

First try

Try to use the Chrome OS file manager, and install a service (3 dot menu -> add new service) for sftp or smb. Mount a network share, then try to play a video file. You will not be able to select any video player installed via a Linux container (Crostini) or Android app. Just the internal player is available, and will happily play any file it supports. The internal video player is garbage for features and codecs supported.

Second try

Let's get sneaky. Let's mount an sshfs mount in a Linux container, mounted to my home dir (available via "My Files -> "Linux Files"), that is auto shared to Chrome OS files app. Then it will think these files are local, and allow applications to access them when right clicking on video files via the share in the files app. Now when we right click on the newly mounted files, and use "open with" we see all installed video apps available. Selecting the Android app mxplayer results in the file not being allowed to be read, and gives a error of "can't play this link". Android VLC just opens and closes quickly when trying to play the file. If I right click "open with", then select a Linux container video app I installed (mpv, fantastic Linux video player), the video starts playing. The internal Chrome OS video player can access and play the file as well. While this is nice and I love mpv, running that out of the Linux container, really heats up the system likely because there is no special acceleration at all. Playing things with mxplayer from Android seems to perform better.

What is going on?

After thinking about this, what I think is going on is the Chrome OS security model at work. The Linux container can not access any files in Chrome OS. Yes, you can right click and select "Share with Linux" on regular directories, but that only shares files into the Linux container. I need to share files directly out of the Linux container. The Android apps can not directly access the files shared from the Linux container. Chrome OS is sitting in the middle of both of these contained areas, and it has very few decent apps that do anything useful natively. It relies on Android containers (ARC++) or Linux containers (via crosvm) to provide apps that are useful. Which means you get stuck in either one of their containers to do your work, or you end up copying files back and forth between containers. So how do we make this work?

Using a Linux VM

If you installed the Chrome OS Linux VM via the "Linux (beta)" in the settings are then you have access to a fairly full featured Linux OS (Debian). You can use the Linux tools of your choice, like sshfs (fuse) or samba, to access files over a network. Put that mount in your home dir and access it via the "My Files -> Linux Files" in the file browser. Then install a Linux video player like vlc or mpv, and select one of those from the 'open with' menu and the file will happily play. This is due to both the mount and the video player app being in the same container. You could also just play the file via the command line in the container via the mount you just made. Using the file manager is just a GUI way of doing it. This does not solve my original problem of wanting to use and Android app to play the video.

Using an Android App for the mount

If you don't want to get into using an Linux VM on Chrome OS, then you can play videos using a Android app that can mount smb, ssh, nfs or whatever. I choose to use FX File Explorer Pro. It supports sftp, smb, webdav, and ftp. You can make a mount from within this program, and after mounting find your video file and choose "open with" and choose your favorite Android video player you have installed. I like MxPlayer Pro or VLC. This works without issue as we are staying in the Android container with the apps we use to play our video.

Conclusion

I really wanted the convenience of using the native Chrome OS file manager to navigate using Android apps or Linux apps on a network file share. I guess the security model won't allow it for now. I did happen upon something promising via a chrome flag called "arc-file-picker-experiment" which might allow Android access to network shares. I turned it on, and it broke access the the Linux containers "Linux Files" area in the file manager. It also did not give me access to any Android apps via the "open with" menu on the sftp file service share.

Reddit!

Related stories

Finding Google photos original files and SimpleSSHD
Posted on 10-13-2019 04:37:25 UTC | Updated on 07-03-2020 16:55:21 UTC
Section: /software/android/ | Permanent Link

I fired up SSHDroid using Android 10 for the first time, and quickly noticed a warning that the app was not made for Android 10, and might not work correctly. I was happy to see that it did work as the daemon fired right up and I ssh'ed in without issue. I tried getting to my pictures area on my phone so I could back up some of the original raw files. I was greeted with an "Access Denied" to /storage/emulated/0/DCIM/Camera area. Unfortunately SSHDroid is not allowed access to the /storage area anymore in Android 10. Now to find a way to get to my raw picture files.

Finding Google original quality photos

My pictures are uploaded to Google in "Original Quality" not Google's "High Quality" mode. Basically original quality is the exact picture the camera took. High quality is a more compressed version of the same picture which takes up less space. Looking at the info area of a photo in the Google Photos app you can see the original quality picture size. If you go to Google photos on the web and you look at the same info on the same file, you see that the file size is smaller. Which made me wonder how would I get my original quality photo back if Google is showing me the high quality version of my photo. After trying a few things, I found out that if you select the photos in Google photos in the web, and then select "Download", you get a zip file of the original quality photos. It seems that on the web they show you the high quality version of the file, but when you download it you get the quality that it was originally uploaded in. This allows me to get the original files if I want now. Wheew!

SimpleSSHD

It seems that SimpleSSHD is not being updated any time soon, and for that matter does not even show up in the Google Play store anymore, I wanted to see if any other sshd programs for Android allowed access to the photos area of the phone. The one that seems to allow this that I found is SimpleSSHD. Upon first startup it asks for access to media which includes photos and videos. I proceed to start up the sshd server and ssh in. I was able to access the /storage/emulated/0/DCIM/ area with my photos. SimpleSSHD works great. I don't see any way to give the dev some money by buying the app, or in app purchases, so I guess I'll just say thanks for making a great sshd app that works on Android 10.

UPDATE: Since using SimpleSSHD last seems a few things have changed. There is no root login anymore with a default password. Dynamic root passwords are generated and displayed on the SimpleSSHD screen every time you connect. So I ssh'ed in the first time from a machine, and made a new file in the home dir you land in called "authorized_keys". There is no vi or vim or nano so I just put in my ssh public key using echo like "echo 'YOURKEYHERE' > authorized_keys". I did find out unfortunately that it does not support elliptic-curve signatures keys (ED25519). So I had to break out a old rsa key to get it working. This is not the developers fault. Dropbear does not support these types of keys yet.

Reddit!

Related stories


RSS Feed RSS feed logo

About


3com

3ware

alsa

alsactl

alsamixer

amd

android

apache

areca

arm

ati

auditd

awk

badblocks

bash

bind

bios

bonnie

cable

carp

cat5

cdrom

cellphone

centos

chart

chrome

chromebook

cifs

cisco

cloudera

comcast

commands

comodo

compiz-fusion

corsair

cpufreq

cpufrequtils

cpuspeed

cron

crontab

crossover

cu

cups

cvs

database

dbus

dd

dd_rescue

ddclient

debian

decimal

dhclient

dhcp

diagnostic

diskexplorer

disks

dkim

dns

dos

dovecot

drac

dsniff

dvdauthor

e-mail

echo

editor

emerald

ethernet

expect

ext3

ext4

fat32

fedora

fetchmail

fiber

filesystems

firefox

firewall

flac

flexlm

floppy

flowtools

fonts

format

freebsd

ftp

gdm

gmail

gnome

google

greasemonkey

greylisting

growisofs

grub

hacking

hadoop

harddrive

hba

hex

hfsc

html

html5

http

https

hulu

idl

ie

ilo

intel

ios

iperf

ipmi

iptables

ipv6

irix

javascript

kde

kernel

kickstart

kmail

kprinter

krecord

kubuntu

kvm

lame

ldap

linux

logfile

lp

lpq

lpr

maradns

matlab

memory

mencoder

mhdd

mkinitrd

mkisofs

moinmoin

motherboard

mouse

movemail

mplayer

multitail

mutt

myodbc

mysql

mythtv

nagios

nameserver

netflix

netflow

nginx

nic

ntfs

ntp

nvidia

odbc

openbsd

openntpd

openoffice

openssh

openssl

openvpn

opteron

parted

partimage

patch

perl

pf

pfflowd

pfsync

photorec

php

pop3

pop3s

ports

postfix

power

procmail

proftpd

proxy

pulseaudio

putty

pxe

python

qemu

r-studio

raid

recovery

redhat

router

rpc

rsync

ruby

saltstack

samba

schedule

screen

scsi

seagate

seatools

sed

sendmail

sgi

shell

siw

smtp

snort

solaris

soundcard

sox

spam

spamd

spf

sql

sqlite

squid

srs

ssh

ssh.com

ssl

su

subnet

subversion

sudo

sun

supermicro

switches

symbols

syslinux

syslog

systemrescuecd

t1

tcpip

tcpwrappers

telnet

terminal

testdisk

tftp

thttpd

thunderbird

timezone

ting

tls

tools

tr

trac

tuning

tunnel

ubuntu

unbound

vi

vpn

wget

wiki

windows

windowsxp

wireless

wpa_supplicant

x

xauth

xfree86

xfs

xinearama

xmms

youtube

zdump

zeromq

zic

zlib