There are lots of ways to obfuscate traffic using VPN. With obfs4 proxies and tor, you can appear to access a website from shadow IP addresses that cannot be resolved definitively to a country.
This. You can change where the traffic is from, but you can't make 40% of it disappear. Either that traffic never existed and that 60% accounts for the 100%, or they purposely left out 40% of the traffic because it is in fact from somewhere they're trying to hide from the public. No doubt Alexa is in on it too, money goes a long way when it comes to changing numbers around.
You're both overlooking a crucial factor: Alexa doesn't have precise measurements. It uses statistical averages based on a smaller sample size gleaned from some people's browsers and uses its algorithm to correct/estimate actual traffic.
The data is collected from a subset of internet users using one of 25,000 browser extensions for either Google Chrome, Firefox and/or Internet Explorer. An algorithm then ‘corrects’ for various potential biases and attempts to compensate for visitors who may not be in Alexa’s measurement panel (a factor it hasn’t always tried to accommodate for) and normalizes the data based on the geographical location of visitors.
I have no idea what you mean by "shadow" IP addresses.
Maybe he means a spoofed IP. I haven't played around with TCP/IP in 20 years but back in the day, you could spoof IPs if you have root access on a name server.
I've noticed a large uptick in "tech pedes" saying shit that makes us pedes who actually work in tech quite confused (aka they're blatantly full of shit). Unfortunately, it looks like it makes sense to people who have other areas of expertise.
Also yeah, there's no such thing as a "shadow IP" except in some possibly obscure and limited usage (not a general "hide my IP" kind of way).
Here's a pro tip guys: you can google any actual tech term and get a bazillion results. Try "tail call optimization". Notice how there are literally thousands of results for that concept? Now try "recursive descent parser". Equally obscure, right? But sure enough, you will receive thousands and thousands of results because this is actually a thing. Now try "shadow ip". You may get a result that appears relevant on first glance, but you will quickly start seeing completely irrelevant results, unlike the actual tech terms above. This is how you know that this is not a real term. Real terms absolutely flood the results with relevant results that all say basically the same thing.
NOTE: as I'm sure some of you are thinking, Google is not always reliable for everything, esp. anything political/cultural. But for tech stuff, they are on point. Same general rule goes for Wikipedia.
If you own the website and the network the user is connecting through, it is relatively easy to use heuristics of the traffic to correlate users on a site to the person connecting to the VPN. This is already available in firewalls which can detect applications/viruses using encrypted traffic.
A less covert, but far more effective way is to just start sending packets of specific sizes/timing in bursts and see where they show up in traffic from the VPN provider to suspect users in China.
Without access to both the site and the user's network, you can eventually locate people by monitoring latency and loss on the links you suspect the user is connecting through. I do this to identify people in video games to root out spies in my group and all I need is root access to our group's and user-level access to the enemy group's voice servers.
There are lots of ways to obfuscate traffic using VPN. With obfs4 proxies and tor, you can appear to access a website from shadow IP addresses that cannot be resolved definitively to a country.
When bill gates and steve jobs argue
Bill Gates would transcribe the conversation publish and copyright it.
Maybe someone should rob them ;)
I see your hating on jobs. Its like hating bezos.
Duh they didn’t write all the code, but they are industry leaders all the same.
The average IT Tech knows more about the internet (TCP/IP) than Bill Gates or Steve Jobs.
Okay stephen hawkings.
This. You can change where the traffic is from, but you can't make 40% of it disappear. Either that traffic never existed and that 60% accounts for the 100%, or they purposely left out 40% of the traffic because it is in fact from somewhere they're trying to hide from the public. No doubt Alexa is in on it too, money goes a long way when it comes to changing numbers around.
You're both overlooking a crucial factor: Alexa doesn't have precise measurements. It uses statistical averages based on a smaller sample size gleaned from some people's browsers and uses its algorithm to correct/estimate actual traffic.
https://winningwp.com/alexa-traffic-rank/
Maybe he means a spoofed IP. I haven't played around with TCP/IP in 20 years but back in the day, you could spoof IPs if you have root access on a name server.
I've noticed a large uptick in "tech pedes" saying shit that makes us pedes who actually work in tech quite confused (aka they're blatantly full of shit). Unfortunately, it looks like it makes sense to people who have other areas of expertise.
Also yeah, there's no such thing as a "shadow IP" except in some possibly obscure and limited usage (not a general "hide my IP" kind of way).
Here's a pro tip guys: you can google any actual tech term and get a bazillion results. Try "tail call optimization". Notice how there are literally thousands of results for that concept? Now try "recursive descent parser". Equally obscure, right? But sure enough, you will receive thousands and thousands of results because this is actually a thing. Now try "shadow ip". You may get a result that appears relevant on first glance, but you will quickly start seeing completely irrelevant results, unlike the actual tech terms above. This is how you know that this is not a real term. Real terms absolutely flood the results with relevant results that all say basically the same thing.
NOTE: as I'm sure some of you are thinking, Google is not always reliable for everything, esp. anything political/cultural. But for tech stuff, they are on point. Same general rule goes for Wikipedia.
Most people have never heard of Reddit, either. ¯\(ツ)/¯
are you suggesting the Alexa rankings of some sites might be... padded? :D
If you own the website and the network the user is connecting through, it is relatively easy to use heuristics of the traffic to correlate users on a site to the person connecting to the VPN. This is already available in firewalls which can detect applications/viruses using encrypted traffic.
A less covert, but far more effective way is to just start sending packets of specific sizes/timing in bursts and see where they show up in traffic from the VPN provider to suspect users in China.
Without access to both the site and the user's network, you can eventually locate people by monitoring latency and loss on the links you suspect the user is connecting through. I do this to identify people in video games to root out spies in my group and all I need is root access to our group's and user-level access to the enemy group's voice servers.
EVE player?
HAHA yea that does sound like EvE
maybe