Insights For Success

Strategy, Innovation, Leadership and Security

Was Google, Apple, Facebook & Microsoft traffic redirected to Russia?

GeneralEdward KiledjianComment

TL;DR: Internet traffic to and from major tech companies (Apple, Facebook, Google, Microsoft, Twitch, NTT Communications and Riot Games) were redirected through a Russian provider Wednesday. This appears to have been a deliberate hijack and not an error. 


BGP is a routing and reachability protocol used on internet backbones around the world. It is what allows carriers to find routing information between each other (in simple terms).

2 BGP monitoring services have reported short changes to the routing of key internet giants, and they do not believe this was a mistake. 

BGPMon recorded two three-minute hijacks affecting roughly 80 address blocks.

One of the interesting things about this incident is the prefixes that were affected are all network prefixes for well known and high traffic internet organizations. The other odd thing is that the Origin AS 39523 (DV-LINK-AS) hasn’t been seen announcing any prefixes for many years (with one exception below), so why does it all of sudden appear and announce prefixes for networks such as Google?
— BGPMon

Qrator Labs recorded a two-hour hijack affecting 40 to 80 address blocks.

Qrator dashboard for the offending AS

Qrator dashboard for the offending AS

As mentioned in the BGPMon release, AS39523 is a Russian organization that has been inactive for years. The last time we saw them, they were involved in another BGP "incident" that involved Google.

Luckily most of the traffic that passes through these providers is encrypted at a level that is believed to be currently unbreakable. The concern is that a state-sponsored attacker could have new decryption algorithms that are not yet publicly known and it does means the traffic "could" have been decrypted (however unlikely it remains a possibility). 

How do I test the speed of my VPN service

GeneralEdward KiledjianComment

How can you test the speed (performance) of my VPN service provider? I receive this question regularly, and I thought it was about time I wrote an article about it. 

When evaluating internet speed, there are dozens or hundreds of different parameters that can influence your final score. In the world of VPN, these may include:

  • The distance between you and the VPN server - even though most of your traffic is flowing at the speed of light, users have become accustomed to super speedy internet and even the slightest delay is noticed. If I am sitting in Toronto but using a VPN in Switzerland (where privacy laws a much stronger), I should expect a more noticeable slowdown in my internet speed.
  • VPN server capacity - Most internet service providers "over-sell" their service to offer lower prices. If too many of their customers try to log into the same servers at the same time, they will experience noticeable performance reductions (slowdowns) and maybe even dropped connections (which could lead to your private information leaking). I only use VPN providers that show the loads on their servers.
server selection and load information from ProtonVPN

server selection and load information from ProtonVPN

  • Your Internet Service Provider speed (ISP) - Obviously your VPN performance can never exceed the "last mile" performance of your Internet Service Provider. Remember that the speeds plastered on their marketing material are usually indicative speeds and many services see severe performance degradation during peak usage hours (when everyone is trying to stream Netflix or Youtube content). Additionally some regional Internet Service Providers throttle (aka slow down) VPN connections on their home use plans to encourage corporate customers to buy corporate (more expensive) plans. The only time a VPN connection may be faster than your native ISP performance is for controversial protocols like BitTorrent. Some ISPs throttle the performance of BitTorrent and so hiding it inside a VPN may deliver better performance.

  • Device capacity - An often overlooked performance limiter is the ability of your local VPN termination device to compute the required encryption/decryption quickly (most often a PC, laptop, smartphone or tablet). The faster your internet speed, the more processing power your end device will need to "keep up". 

How do I test VPN speed?

The only way to test VPN speed is to use one of the (well designed) speed testing sites. 



SpeedOfMe is a nice light HTML5 speed test service that works on every device (Windows, MAc, iPhone, iPad, Android, Chromebook, etc).



What makes TestMy.Net interesting is that use multiple download servers and combine the information to provide one real world statistic. They use IP geolocation to find servers in your terminated area.

TestTest by Ookla


No speed test article would be complete without mentioning Ookla. They are the 800lb gorilla. Just make sure the test server is in your termination city otherwise you will get a false score.

How do I test my VPN to determine if it is leaking?

GeneralEdward KiledjianComment

When something leaks, it's usually bad news. A leaking pipe in the kitchen or a leaking radiator. The same principle applies to your VPN. When a poorly designed VPN fails and leaks your data, that's the start of a bad day.

Unfortunately, there is no visible indication that your VPN is leaking.    Obviously, well-designed VPN services do not leak, my favourites being: 

When looking for VPN leaks, we typically evaluate these angles:

  • DNS leaks
  • IP address leaks (IPv4 & IPv6)
  • WebRTC leaks

Below are basic instructions on how to quickly identify VPN leaking. If you are more paranoid or highly technical and demand to use your magical IT skills, you can also inspect the packets using tcpdump or WinDump while running the below tests. 


It's time to start testing

What am I looking for?

Obviously, you connect to your VPN service first, then visit all of these sites. The hope is that none of the information shown should actually be associated with your "real" computer (IP address, DNS server and WebRTC). 

The most significant failure I see with most VPNs is DNS and WebRTC leakage.

If your VPN service provider offers multiple servers, then you should run the tests with the various servers.

If your VPN service provider offers multiple protocols, then you should run the test with each of the protocols.

I have found some VPN providers where it did not leak on one server but leaked on another. Where it did not leak via one protocol but leaked with another. Testing the various combinations is time-consuming but critically important. 


The above test shows that the VPN is protecting my IP and DNS information but in this case was leaking my private 10.x test lab internal IP address (which is obviously bad). When I switched to a new server from the same provider, the leak stopped.

Mobile phone VPN leaks


An August 2016 research paper highlighted the issue of IP leakage on Android smartphones. They discovered that 84% of Android VPN apps leaked the user's "real" IP address.

What is WebRTC and why does it leak?

WebRTC is an API standard that allows voice and video chat without needing to install any plug-ins. It is a cross-platform web browser standard. 

The "trick" to leaking your WebRTC information is to use basic Javascript to send a UDP packet to a Session Traversal Utilities for NAT (STUN) server. That server sends back a packet containing the IP address where the request originated. 

If vulnerable, you will see your internal IP Address in the WebRTC response. 

What is DNS and why does it leak?

The domain name system (DNS) is a special global directory that converts URLs into numeric addresses that the internet can route. If you enter into your browser from New York, your DNS server will return the numeric routable IP address for my website 

DNS services are typically provided by your internet service provider or company. Anytime you try to access a webpage; you ask that DNS server for the numeric routable IP address of the site and thus your provide (or school or company) have a running list of every website you tried to access. When using a good VPN service, all DNS requests should be routed to their anonymous DNS service thus protecting your browsing information. When your browser sends the request to your ISP DNS anyway, that is called a DNS leak because your privacy is "broken".

Do you need a dual-SIM smartphone?

GeneralEdward KiledjianComment

Do I need a dual-sim phone? The answer is probably not. Most people sign a carrier contract and live with that service for two years. 

There is a small niche group that could benefit from a dual-SIM phone, and this is an article for them. Who are these mythical "special" people:

  • users with a personal and professional mobile phone line that want to carry one phone
  • users that travel often and want to use a low-cost SIM in their destination
  • users that live in regions were carriers aren't national providers, and "good" coverage requires service from 2 providers (much of Asia)
  • users that can find low cost unlimited data-only SIM and want another SIM for voice calls and text messaging, 

Not all dual SIM phones are created equal. 

Categories of dual sim phones

Passive dual-sim phones

Passive dual-SIM phones can only use one of the SIM cards at a time which means the user can switch between SIMs using software or a physical switch. 

Standy dual sim phones

Standby dual sim phones (often with the MediaTek chipset) use both SIMs using time multiplexing. Anytime you start using one of the sims (to make a call, send a message or use data), the other SIM is ignored. If someone calls the second sim when the first one is "active", the caller would receive a busy signal.

Active dial sim phones

Active dual-sim phones are capable of using both sims simultaneously and typically have to IMEIs since the phones come equipped with two radios. 

and we continue...

Because things weren't complicated enough, there is also the concept of unequal connectors. Some phones will be passive or active dual sim but may only be able to support full speed 4G on the primary SIM while slowing down to 3G/2G for the second sim.

Some buys mistakenly assume you can leverage both SIMs simultaneously for doubly fast data connectivity. This simply isn't the case. Dual sim capable phones do not perform network bonding to allow dual network stream aggregation. 

When I upgraded my daily drive smartphone, I switched from an iPhone 6s Plus to a Note 8 dual sim. When not travelling, the second slot hosts my SD card, but when I travel, I will load my KnowRoaming SIM. 

I know several account executives that use dual sim phones (one with their personal sim and the other with their work one). This means they can carry one device yet send/receive messages from either. Even in Canada, I know people that use dual sim phones with low-cost fringe providers. They use these providers when in their home zone for cheap service but switch to a pay as you go national carrier when outside of their "home" coverage area.

My Note 8 SIM Manager

  • I can choose if both SIMs are active.
  • I can choose which service to use with which SIM by default (calls, texts, mobile data).
  • I can even ask the phone to confirm which SIM card to use before each call.

Another important consideration

With carriers that support VoLTE (Voice over LTE) or VoWIFI (Voice over WIFI), this functionality is typically only supported on the primary SIM slot. Don't expect both to support VoLTE and VoWIFI. 

Where do I buy a dual sim phone?

Most North American phone models do not come in dual sim versions. The most common way to buy a dual sim phone is either from an importer or you have to import one from a region that sells these devices.

My 128GB dual sim Note 8 was imported from Hong Kong by a Montreal based smartphone importer called PDA Plaza (this is not an ad and is not a sponsored post). I was able to buy my dual sim phone cheaper than what I would have paid locally from Samsung, Bestbuy or my carrier.

There are many options to choose from including Samsung, LG, Asus, OnePlus, etc. Just make sure you check the specifications and ensure the device supports the dual sim model you are looking for.


Asus Zenphone 5

Screenshot 2017-12-09 at 2.47.49 PM.png

OnePlus 5T

Screenshot 2017-12-09 at 2.49.30 PM.png

Huawei Mate 10 Pro

Screenshot 2017-12-09 at 2.51.41 PM.png

Xiamo Red Mi dual sim

Screenshot 2017-12-09 at 2.53.39 PM.png

Amazon Music Unlimited expands to 28 more countries. So what?

GeneralEdward KiledjianComment

Amazon Music Unlimited is (in my opinion) just another streaming music service, but since it's Amazon, it's worth mentioning. 

It is expanding to 28 additional countries, so the world a little more inclusive today. Similar to another (nameless) streaming service, Amazon Music Unlimited stresses the fact that its playlists are "human curated". 

The requisite PR created launch statement can be found here

Customers can choose from content hand-curated by Amazon Music experts, build their own playlists, or find new favorites through Amazon’s personalized recommendations either on the Amazon Music app or Web Player.

The new countries being shown some love by Amazon are:

  • Belgium
  • Iceland
  • Bolivia
  • Latvia
  • Bulgaria
  • Liechtenstein
  • Chile
  • Lithuania
  • Colombia
  • Luxembourg
  • Costa Rica
  • Malta
  • Cyprus
  • Netherlands
  • Czech Republic
  • Panama
  • Ecuador
  • Peru
  • El Salvador
  • Poland
  • Estonia
  • Portugal
  • Finland
  • Slovakia
  • Greece
  • Sweden
  • Hungary
  • Uruguay

I live in Canada, and the Echo product line just launched here. Chances are the country you are in (if not the US) either doesn't have or just received the Amazon Echo line of products. For those of us not yet invested in the Amazon voice assistant product line, there is little to get excited here. 

Not very exciting for most of you but news worthy since its Amazon.