On Sun, 05 Jun 2016 19:35:27 -0400, Mark Andrews <marka@isc.org> wrote:
It is a attack on HE. HE also provides stable user -> address mappings so you can do fine grained geo location based on HE IPv6 addresses.
They may be "fine grained", but they are still lies. One's tunnel can be terminated from *anywhere*, at *anytime*. HE doesn't publish the IPv4 address of the tunnel endpoint, nor do they update any public facing registry w.r.t. the "address" of that IPv4 address. (which is 99% voodoo as well.)
Also despite what the content cartel say using a VPN to bypass georestrictions to get movies is not illegal, nor is it "piracy". Individuals are allowed to import content from other countries. It is commercial importing that is banned.
While the end user may not be violating any law (other than their "contract" with Netflix), Netflix certainly is. They signed a contract that says they cannot send X to Romania / X is only allowed in the USA. In the end, they are allowing content to go where they agreed to not send it. They are legally required to do something about that. (or at least, *look* like they are.) Netflix (and their licensees) know people are using HE tunnels to get around region restrictions. Their hands are tied; they have to show they're doing something to limit this. All you can tell about a HE tunnel is the tunnel broker server that's hosting it. (it's in the hostname -- eg. ash1) Beyond that, you have absolutely no idea where in the universe the other end actually is. Plus, it can move in an instant... one DDNS update, and it's somewhere else. --Ricky