jigger Posted July 1, 2011 Posted July 1, 2011 Hi, Whilst attempting to create several new Gmail addresses for my friend Bob, a page pops up after about the third registration saying it has detected suspicious activity and requires extra verification (via phone or text). I removed all cookies and changed my IP address via VPN between each registration, even used a different machine at one stage. But the page still popped up. Different IP addresses, no cookies, private browsing, different user agent, even different computers. So how do they do it? Excellent site by the way, keep it up. jigger. Quote
Infiltrator Posted July 1, 2011 Posted July 1, 2011 When you mean different IP address, do you mean different private IP or public IP? By the way, the same has happened to me before, so you will need to either use a proxy to change your IP address or do the extra verification via the phone. Quote
jigger Posted July 1, 2011 Author Posted July 1, 2011 When you mean different IP address, do you mean different private IP or public IP? By the way, the same has happened to me before, so you will need to either use a proxy to change your IP address or do the extra verification via the phone. No, I used different public IP addresses by closing and opening my VPN to obtain them. I even verified that the addresses where different (ie: 172.73.216.24, 172.73.43.218 etc.) Closed and re-opened browser between attempts and made sure of no cookies. Puzzles me how they do it? jigger. Quote
digip Posted July 1, 2011 Posted July 1, 2011 Hi, Whilst attempting to create several new Gmail addresses for my friend Bob, a page pops up after about the third registration saying it has detected suspicious activity and requires extra verification (via phone or text). I removed all cookies and changed my IP address via VPN between each registration, even used a different machine at one stage. But the page still popped up. Different IP addresses, no cookies, private browsing, different user agent, even different computers. So how do they do it? Excellent site by the way, keep it up. jigger. When you got the message, did all the switching, then tried again, did you use any of the previously tried names that were rejected from the "suspicious" activity? If so, they may have flagged the address you tried to create, then when trying again, locked it form a usable account. Also, when you say changed IP address, what IP changed. Your local one, or the one your ISP assigns to you. Cookies are one method of tracking. IP tracking another, but they go by the external IP, not your local lan IP, so if you tried changing IP by just using a different computer on the lan, well, that doesn't change anything on the outside. Also, flash cookies add themselves if set and retrieved, with no way to tell through the browser and browsers cache, since they are not stored in the temporary internet files, so if google deploys flash cookies, you won't know unless you disable or uninstall flash all together. The other thought is unique computer name, since there are methods of retrieving this as well from remote sources, but this shouldn't be an issue when using a different computer all together. I would say, power off your modem then the router, wait 15 minutes, power them back on, and the modem should get a new IP lease. You can also force a new IP by unpluggine the modem, then in the routers config, do MAC cloning, but manually enter an address for the router. something unique, but with the same first three hex values, so it uses the same OEM model ID. Then plug in the modem, and when it sees the new MAC address on the router, it will try to grab a lease. Since this MAC is different than the previous, it can't assign it the same IP address, and will force a new DHCP request from the ISP. Quote
jigger Posted July 1, 2011 Author Posted July 1, 2011 When you got the message, did all the switching, then tried again, did you use any of the previously tried names that were rejected from the "suspicious" activity? If so, they may have flagged the address you tried to create, then when trying again, locked it form a usable account. Also, when you say changed IP address, what IP changed. Your local one, or the one your ISP assigns to you. Cookies are one method of tracking. IP tracking another, but they go by the external IP, not your local lan IP, so if you tried changing IP by just using a different computer on the lan, well, that doesn't change anything on the outside. Also, flash cookies add themselves if set and retrieved, with no way to tell through the browser and browsers cache, since they are not stored in the temporary internet files, so if google deploys flash cookies, you won't know unless you disable or uninstall flash all together. The other thought is unique computer name, since there are methods of retrieving this as well from remote sources, but this shouldn't be an issue when using a different computer all together. I would say, power off your modem then the router, wait 15 minutes, power them back on, and the modem should get a new IP lease. You can also force a new IP by unpluggine the modem, then in the routers config, do MAC cloning, but manually enter an address for the router. something unique, but with the same first three hex values, so it uses the same OEM model ID. Then plug in the modem, and when it sees the new MAC address on the router, it will try to grab a lease. Since this MAC is different than the previous, it can't assign it the same IP address, and will force a new DHCP request from the ISP. Hi, I understand that my IP assigns me an address, but I connect to the internet via "vpntunnel.se" a subscription VPN service in Sweden. It assigns me one of it's addresses. Surly then this is the public address that everyone sees, and it is this address that I change by connecting and disconnecting from my VPN service. Yes, you where also right, I did use the same name as prior to the warning, so it my well have been flagged by Google. But on the last occasion I did use a different name and received the same warning. I hadn't thought about flash cookies, thanks for that I will have to do some more learning. I did use different computers and hence names, but they are all connected to the same internal domain. Disconnecting from my IP and back again to get new original IP address is a smart idea, will try that. My macs are cloned. Geo.enable turned off in my browser. Though Google did get my external router via street cars or whatever. They may use that information? My net sits behind several routers but I am now beginning to realize that it only the most external that matters, and thats the one I tend to leave alone (will have to change my habits). Thanks everyone for all your help. I have a lot to tryout and learn. Kind regards, jigger. Quote
jigger Posted July 1, 2011 Author Posted July 1, 2011 No, I used different public IP addresses by closing and opening my VPN to obtain them. I even verified that the addresses where different (ie: 172.73.216.24, 172.73.43.218 etc.) Closed and re-opened browser between attempts and made sure of no cookies. Puzzles me how they do it? jigger. made a mistake here addresses where 178.73.xx.xx, 178.73.xx.xx. I realise 172.xx.xx.xx is private. DOOH. Quote
Infiltrator Posted July 2, 2011 Posted July 2, 2011 (edited) Hi, I understand that my IP assigns me an address, but I connect to the internet via "vpntunnel.se" a subscription VPN service in Sweden. It assigns me one of it's addresses. Surly then this is the public address that everyone sees, and it is this address that I change by connecting and disconnecting from my VPN service. Yes, you where also right, I did use the same name as prior to the warning, so it my well have been flagged by Google. But on the last occasion I did use a different name and received the same warning. I hadn't thought about flash cookies, thanks for that I will have to do some more learning. I did use different computers and hence names, but they are all connected to the same internal domain. Disconnecting from my IP and back again to get new original IP address is a smart idea, will try that. My macs are cloned. Geo.enable turned off in my browser. Though Google did get my external router via street cars or whatever. They may use that information? My net sits behind several routers but I am now beginning to realize that it only the most external that matters, and thats the one I tend to leave alone (will have to change my habits). Thanks everyone for all your help. I have a lot to tryout and learn. Kind regards, jigger. Interesting, do you know if your "vpntunnel.se" has a dynamic or static ip address? If it has a static ip address, than it won't do much good for you. One way to find out if the ip address of your "vpntunnel.se" changes, is by pointing your browser to this address http://ipchicken.com/. If it shows a different IP address everytime you visit this site "http://ipchicken.com/" then its dynamic, if not static. And that's why Google is asking you to verify your identity. Edited July 2, 2011 by Infiltrator Quote
jigger Posted July 2, 2011 Author Posted July 2, 2011 Interesting, do you know if your "vpntunnel.se" has a dynamic or static ip address? If it has a static ip address, than it won't do much good for you. One way to find out if the ip address of your "vpntunnel.se" changes, is by pointing your browser to this address http://ipchicken.com/. If it shows a different IP address everytime you visit this site "http://ipchicken.com/" then its dynamic, if not static. And that's why Google is asking you to verify your identity. Hi, It's definately dynamic. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.