mysterium-vpn-desktop
mysterium-vpn-desktop copied to clipboard
mysteriumnetwork
[bug] Chinese VPNs reported as US VPNs
Describe the bug Chinese and other non-US based VPNs are being labled as US based VPNs.
To Reproduce Steps to reproduce the behavior:
- Login to 0x0a71ef8ddc85
- China
Expected behavior Chinese VPNs should be their own category.
Screenshots
Desktop (please complete the following information):
- OS: Windows 10 20H1
- App Version
Additional context Add any other context about the problem here.
I know the devs don't give fuck all about this project anymore because crypto crashed and they can't do their pump and dump scam anymore, but 0x0929c06e04e9 is being labeled as US, but it is a Serbian VPN.
We use ip2location.com, can you check on it?
It claims it's within the US, although I don't know why you needed me to do that if you already have access to both the VPN and the website. When visiting bing or any other site that determines your language from your IP, it shows it in Chinese. The site I used to verify this IP was Chinese is ipwhois.io.
I understand, but the country/location of the IP address is being determined by using ip2location.com, in short, we use them to show the country of the node/IP so they have to fix the IP information.
Please submit a correction request to https://ip2location.com/
Consumers shouldn't care how software is implemented under the hood, nor they will fix the software by themselves (that's why they're paying software provider in the first place). You'll lose customers if customers can't trust the service.
This is a critical and potentially very dangerous bug, because if a Chinese person connects to Chinese node (and thinks it's a US node), then he can potentially be jailed or worse.
If Mysterium uses solely https://ip2location.com/ to determine IP location which apparently provides incorrect information occasionally, then it should double/triple check with other alternative services to make sure this information is accurate. Also, this should be done on the server side and not by provider node itself, as it can tell whatever it wants.
I'm still confused because a Chinese user or node runner can't use/run Mysterium as some API is blocked by them, @gir489returns can you please send me a node identity that shows as the US but a Chinese node?
I agree with portalsdevs regarding using multiple GeoIP services to provide more accurate information.
Should be this one: 0x0a71ef8ddc856272ef89da02280bddfa5fa0cd86
At Portals we have some users in China, some regions work fine, some don't.
While I understand and agree data integrity is important for VPNs to work properly. I would just like to point out that many different sources say it is in the US.
I am referring to 198.211.60.69 as the original poster mentioned.
Places reporting USA
- https://www.iplocation.net/ip-lookup -> United States, California. They quote that IP2Location, ipinfo.io, DB-IP, IPregistry.co, IPGeolocation.io, IPapi.co, & ipdata.co all report this same info (though sometimes different city details).
- https://iplocation.com/ -> United States
- https://whatismyipaddress.com/ip/198.211.60.69 -> United States, California, Datacenter service
- https://iplocation.io/ip/198.211.60.69 -> United States (lists various other IP tools)
- https://ipaddressworld.com/ -> United States
Places reporting China
- https://nordvpn.com/ip-lookup/ -> China, Guangdong, Guangzhou
While these are just the sources I was easily able to find, clearly most of them consider this IP in the USA. It is entirely possible they are all wrong and that this IP is in China, nordvpn for one is a datasource I trust, but that doesn't change the fact that it's virtually impossible for Mysterium to definitely KNOW where any of these IPs are, they must rely on third parties and the majority of them (that I have seen) say it is in USA.
Conclusion: I am all in favor of Mysterium using multiple sources for IP, particularly ones that pull from different data sources, but at the end of the day sometimes a decision will have to be made and in this case, USA appears to be correct. I recommend closing this bug and opening a feature request to implement that.
@hkup859 I believe it's because they are using the ICANN lookup for the IP.
https://lookup.icann.org/en/lookup
Registrant: Handle: MULTA Name: MULTACOM CORPORATION Whois Server: whois.arin.net Kind: org Mailing Address: 16654 Soledad Canyon Rd #150, Canyon Country, CA, 91387, United States
And that is what these (bad) services are relying upon to ident the IP.
However, when I would use peering services, they would peer me to Chinese servers(Games like Apex Legends and League of Legends). This leads me to believe that traversing the connection from the node would show that it's a Chinese IP. However, 0x0a71ef8ddc85 is no longer available to prove that.
@gir489returns That makes sense, and your probably right. From my perspective though, using a service like ip2location.com is still a good way to get a baseline location in most cases. There will always be outliers with any system. I still recommend creating a feature request that includes these details (implement peering and additional backups/extra checks) rather than a bug. Perhaps it's not important what it's labeled as, but I feel like a bug isn't quite right to describe this. The service works as designed, it could just use a better design/feature.
Just my 2 cents though
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Is this issue still relevant?
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}