DaveH
Striker
What I want to know is can they ban VPNs? VPNs have legitimate uses too. Would a VPN ban be possible?
Possible, but difficult. Commercially it would be stupid.
The majority of uses for VPN is for people accessing work, or for a smaller number of more techy people, connecting into home while out/away. If Sky blocked VPN completely then I would not be able to work from home. Given that I do emergency IT cover I could only do this by sitting on site, rather than doing gardening and checking in once per hour. It would have such an impact on my life that I would drop Sky in seconds. Even if that involved paying up a contract for x months it would be worth it. I am certainly not unique in this as home working is becoming so much more common now, they have to allow it otherwise their broadband business is finished.
From the technical point of view, VPN is not one thing like web/http is for example. There are many different ways to encrypt and tunnel your traffic, but normally the average user does not know, they just use a wizard to configure it. There are certain protocols such as p2pp, ipsec and l2pp. These could be blocked, though IPSec has other uses than just VPN so that would be difficult. Another protocol which is becoming very common is SSL, where it uses the same port and protocol as a https server (look at the top of your screen, you are using https now). That is a lot harder to detect and block without blocking access to any secure website. My work is in the process of deploying a SSL VPN right now, just because of the ease of service and the fact that it is more likely to be permitted through hotel/pub/train firewalls.
I have just done a packet capture of the packets and you can tell it is not web requests by doing deep packet inspection. To do that on the fly for a big ISP requires some very big expensive hardware. They would have to process every packet going through one of their main connection points, which is millions of packets per seconds.
The other method is SSH. Normally SSH is a unix thing that allows someone to get a remote command prompt on a unix or linux server. However you can tunnel other traffic over this connection. SSH has so many uses in the world, from remote workers to people running websites. They can not detect if web tunneling is running over that.
There is also another option for people, proxies. There are all sorts of way to proxy traffic if you have a server not controlled by those ISPs anywhere. To set up something bespoke you could even have a webscript. There is stuff out there, but I reckon I could write a cgi script in 1-2 hours that would forward all requests to starstreams, meaning I would just have to visit a particular page on my remote website to see starstreams appear. I rate my self as a reasonably good network engineer who has never written anything like that. If I could do it in 2 hours, how long is it going to take people running these sites who is commercially motivated?
It is an arms race where there is only going to be one loser - Sky.
I would love to pay £3-4 per game for a quality stream of every Sunderland game and I don't think I'm alone in that. You can get loads of TV content free with Kodi and although I installed it one day for a look, I tend to just watch Netflix. Never a problem with it, never had to scrape around looking for a decent quality stream without foreign subtitles etc, it just works with a nice interface that I can chromecast from my phone. That is worth paying less than £10 per month. I'm lazy and to me the convenience is worth more than the cost. I will not subscribe to Sky sports to pay lots for a service that does not show what I want to watch. Waking up to this is the only way Sky will ever win.