Bypassing Google Play region blocks via VPN or Proxy

Beware, this is going to be a technical post, containing a lot of speculation.

So, wouldn’t you want to use Raccoon to download region locked Android apps? Good news is, it works, bad news is it’s fickle. You need a proxy in the desired country. Good news is, open proxy lists are a dime a dozen, bad news is, the proxies themselves are typically overrun and short lived. So, how about buying a private proxy then? That’s what I tried with rather surprising results (and curious insights).

The proxy service I chose (and which shall remain unnamed) offers Japan, so I configured to Raccoon to use a (supposedly) Tokyo based IP and tried downloading a Japan only game, just to find myself still geo blocked. Bummer! Did I get scammed? Kinda! I was able to use that proxy to download one of my own apps which is not available in Germany (I deliberately geo fenced it myself for testing purposes). So, either the proxy provider lied about the IP being located in Tokyo or Google thinks that Tokyo is neither in Japan or Germany?

The internet is governed by IANA, an organization that assigns IP address ranges. The problem is, we pretty much ran out of IPv4 addresses a while ago and wherever there’s scarcity, black markets evolve. In theory, when you go out of business, you should return your IP address ranges to IANA. In the real world, going out of business usually means getting liquidated and your IP address ranges becoming part of your bankruptcy assets. If you are a vulture, IP addresses are one of the best things you can invest in. They never go bad, don’t require any maintenance and there’s always someone you can rent them to. Perfect passive income.

What does IP address trading have to do with my proxy problem? Well, naturally I first checked the proxy IP, I was given, against the popular GEO IP databases, just to find that some listed it as being located in Charlotte(USA), others in Tokyo(Japan). Ah, so it must have changed owners recently and some databases aren’t up to date, yet? Google using an old GEO IP database? Not quite! The reality is a bit more complex. As it turns out, the address of my proxy server belongs to an investment firm (since around mid 2018). They rented a whole block the block to an US based ISP. That ISP then split the block and rented a subnet to my proxy server provider, which actually installed the physical machine in a Tokyo based data center, but logically routes all their traffic through an US based ISP. Smart ey? That proxy provider effectively proxied their proxies. Sweet irony!

Now, the interesting question is, why does it take Google so long to catch up with updating their GEO IP database? The answer is: I don’t think, they are using a GEO IP database to begin with. Think about it. Mapping an IPv4 address (4 bytes) to an ISO country code (2 bytes) in a 2^32 address space requires a hashtable of 6*2^32 bytes (roughly 24 GB). That’s already way to big for realtime lookups. Worse yet, the dataset is in constant flux and Google promised their buddies in Hollywood to honor DVD region codes when selling movies. Hollywood has pesky lawyers and it would be rather unfortunate for Google if a movie suddenly became available in a country just because an IP address block changed hands, wouldn’t it?

I’m pretty pretty convinced, that Google’s region restriction sits on the AS (autonomous system) level. They probably just look at the CIDR prefix and map that to a country. Which in my case means, they see the network number of the border gateway router of that American ISP.

What’s the take away from all of this? I guess, that you can build a business on people not understanding internet routing… even you don’t understand it yourself.

Posted in Rants, Tinkering