AFAICT, if a Netflix account owner sets up a VPN for their household, then anyone sharing the account who routes their Netflix traffic through that VPN would appear to be accessing Netflix from that household’s WAN IP address.
Is anyone doing this? Is it really that simple or are there more challenges?
EDIT: We get it, you like torrenting. Let’s keep comments on topic folks.
Netflix’s restrictions are not based on IP address. That would be an incredibly unreliable way of determining a location
They’re looking at the network you’re connected to. Exactly what they’re looking for is not public
How can I spoof EVERYTHING to be identical in all locations using my openwrt routers ? Do they look at my GPS data, or the name and addresses of other wifi and bluetooth devices ? Do they check my traceroute between my device and their servers ?
You don’t have to spoof everything. If you setup a wireguard server on your router then, then VPN into that then you’ll be on the actual network and Netflix cannot tell the difference.
Netflix has come out and said they don’t use GPS. I cannot authoritatively say they don’t traceroute or use other signals, but the wireguard tunnel works so you can only assume they do not.
I was wondering because if they use wifi & bluetooth discovery, then a VPN isn’t going to help,. one phone will see a certain bunch of your neighbour’s SSIDs while another phone will see other. Also A-GPS is not technically GPS, it is cell tower triangulation, the name of your cell towers and in what quadrant they’re seeing your phone (that’s how they caught Mitnick).
Also the wireguard VPN acts as a L3 separation, so you still see on your L2 segment, different MACs and different addresses in the broadcast traffic.
I imagine that Netflix would use an heuristics based machine learning system, so while not one particular aspect would out you as part of a different household, an inventory of signals might make them suspect you “enough” that they start harassing you with 2 factor authentications invalidating your session cookies. Not exactly expulsing you from the service but just annoying enough that most will prefer to cough up a few more bucks for a separate account. And of course, as their needs to supplemental revenue increases, they’ll be able to tweedle your knobs until they get just the perfect amount of annoyance to convert “freeloaders” into paying customers rather than defectors or pirates.