I’m not a security expert, so I’d be interested to hear your views on this article.
https://medium.com/@derek./how-is-nordvpn-unblocking-disney-6c51045dbc30
I have been saying for years that traffic control should be carried out at the application level when it comes to network traffic and not only centrally at the WAN interface.
Every user should be aware of what his machine is doing all the time. What applications are running, how many resources they consume and what network traffic they generate. But people will live comfortably and not worry about it …
Is it technically possible for an application to become a proxy on the user’s machine? Theoretically yes. If the user is completely unaware and does not monitor what his system is doing. In addition, if such a proxy tries to hide and not generate too much traffic and use of resources … If, however, would use as much as possible at such a large scale rather long ago someone would recognize it and it would become a loud fact.
However, as to this text and NordVPN, the author guesses a lot …
Techniques for recognizing and blocking VPN servers are a few. Just like the workaround for typical blacklists by vpn providers.
The concept of “Residential IPs” is a bit funny in the general sense. An IP address is simply an IP address and what final service is pinned to it has no official definition. You can create IP range lists based on belonging to specific ASNs that are considered typical data centers or similar. But this does not give a complete picture of the situation. Personally, I use an ISP that offers many services for clients. Business internet access up to 10G. Colocation in DC, dedicated servers. And all this based on one IP range belonging to one ASN.
As for D+, it’s not true that only NordVPN works. I have confirmed the information that expressvpn and their server in the US have no problem accessing D+.
In general, it’s a bit theoretical half-truths, a bit of guessing and speculation, but above all, probably looking for sensation. Although nothing can be ruled out.
If you are concerned that you may be part of a proxy botnet … when you have not installed anything weird or are not infected, it will not affect you. Magic power will not suddenly make your computer suddenly become a proxy just because you have firefox running.
On the other hand, if NordVPN theoretically simply purchased the Internet access services intended for the end customer and used them for their purposes, there is nothing wrong with that.
Whether Jon Snow or NordVPN will pay for internet access service from some ISP does not matter as long as nobody tries to use your system for this.
I do not see any evidence for these theses which the author puts forward. I only see speculations and questions that would be good to know the answers. Is it possible “yes” but at the same time it is possible that they just buy the final mile and use it for this purpose.
As a final mile we call internet access service which is addressed to individual (home) clients or extremely small businesses. And if NordVPN would use such a distributed infrastructure, it does not mean from the technical side physical connection to their core. The construction of such a network is more similar to P2P traffic(for example, they can use argo routing and daughter companies and acquire network access at various locations. You can also create such a network if you want). And it consists in transporting only a small amount of data and the main data stream is transmitted traditionally. But how it really is in this case I do not know.