The app is launched by this hilarious script: But not every app honors the internet options, so other connections still expose your actual IP. If you just want to proxy your browser, something like TorGateway is more than enough. But that’s what you need to close every possible leak on Windows.
#HOW TO USE TUNNELBEAR WITH NETFLIX FULL#
All other TunnelBear code as .NET assemblies (with full debug info).ManagedWifi (NativeWifi), a simple wrapper around the wlanapi Windows API.This is the app that uses aforementioned Batch scripts. IntelliBear, a DNS proxy, which is not written in C#.A copy of the Hyper-V Network VSP Bind management tool.Various (very brittle) Batch scripts to manage route-ing, monitoring and DNS (-cache).A copy of obfs4’s proxy engine (a Tor component).Language assemblies (for some odd reason my copy contains the French resource, despite the actual app being English).Certificates (issued by Google, root and key).Assets (such as audio files and pictures used in the UI).The TunnelBear base installation copies some 165 files onto your PC. First of all it uses FOSS components, and it’s written in C#, which, if you’re not familiar with reverse engineering, is the same thing as having a neatly formatted and optimized copy of the full source code - minus the comments. Saying “TunnelBear is not open-source” isn’t quite true.
TunnelBear targets the broader, “average Joe” audience, so my analysis is focused on the Windows client.
#HOW TO USE TUNNELBEAR WITH NETFLIX SOFTWARE#
Yet there might be certain parts of this software that may surprise you. TunnelBear has yet to have a major fracas, and (spoilers), I didn’t find any in my analysis. So it’s important to know what makes it tick, and what it knows and shares about you. That said, the client is after all a proprietary piece of software that runs on your PC, managing the most private part of your communication: your internet connection. But attacking TB’s service is not the point of this post. So the client is not all that critical, and doesn’t provide much attack surface. The account management happens on their servers, using unique user tokens. TunnelBear is cheap and non-intrusive, but not open-source. The same reason I’m in love with Neat microphones.
Plus I have an irrational affection for brands that combine awesome products with a cute front-end. It’s easy to use and the heavily targeted, yet non-obnoxious marketing doesn’t hurt either. TunnelBear is quickly becoming one of the most popular options for “normal” people to use VPNs.