Using The Cloud To Access Location Restricted Services

Many cool services such as Pandora, Spotify, BBC iPlayer and Netflix are restricted to users in the US or UK.

There are a number of ways to get around this problem, the most reliable of which is probably to pay for a US/UK based proxy or VPN server. There is at least one free (for a while) way to access such services, which I will describe here.

The method I’m going to describe involves setting up a machine in the cloud, installing a proxy server on the machine and setting up your local machine to use the proxy.

AWS Instance Setup

Sign up for an Amazon Web Services account (you will need a valid credit card and telephone number). Read about the conditions of the free usage tier.

Once you’ve signed up and verified your identity (telephone number), log into the AWS console. At this point you’ll have to choose whether you want a US or an EU based instance. Select your desired location from the Region drop down menu in the top left corner.

Select the Instances page from the menu on the left and hit the Launch Instance button. I’ll describe how to set up an Ubuntu instance, since this is what I did. Select the Community AMIs tab. You’ll need to search for the appropriate AMI as defined on this page (i.e. ami-379ea943 for EU or ami-1aad5273 for US-East). Make sure whatever AMI you choose is eligible for the free usage tier. Click the Select button next to the AMI. Make sure that the Instance Type is Micro and click Continue. Click Continue again, then give your instance a name and Continue.

Create a new Key Pair and make sure to download it (let’s call it key_pair.pem), then Create a new Security Group and make sure that you specify a port (lets call it the http_port) for the proxy server to listen on. You could use a port commonly used for something else to avoid any suspicion if someone scans your instance. They aren’t likely to suspect that you have a proxy running on port 8080 for example. You’re also going to need to open port 22 for ssh access. To open these ports, simply enter the port number in the Port range text box and click Add Rule.

Finally, review your configuration and click Launch. After a few seconds your instance will be up and running. Select your instance and take note of the public_dns in the Description pane below. You’ll use this URL to connect to your instance.

Squid Configuration

Connect to your instance from the command line as follows.

ssh -i /path/to/key_pair.pem ubuntu@public_dns

You may need to set the permissions on your key file (i.e. chmod 600 key_pair.pem).

By default, the normal Ubuntu software repositories aren’t enabled, so you’ll have to edit /etc/apt/sources.list and uncomment all the repositories and then do a sudo apt-get update.

We’ll use Squid as our proxy server. Install it as follows.

sudo apt-get install squid

As mentioned here, well need to configure the port on which squid listens. We do all the squid configuration in the config file located at /etc/squid/squid.conf.

Change the listening port by setting the http_port directive in the config file (the default is 3128) to the http_port security rule you created during your instance configuration.

Squid Access Control

It’s unlikely that you want your instance to be a public proxy for all client hosts and destination servers, so you’ll want to implement some kind of access control. This can be done in many ways, but basically you can limit access by src IP, destination domain (dstdomain) or by requiring username/password authentication (e.g. by using ncsa_auth as described here).

If you’re using an application like Boxee or XBMC, which don’t support proxy authentication, then you’ll probably want to limit access by src or dstdomain.

As an example, if you want all of your friends to be able to use your proxy, but only for, say, Spotify and Pandora, then you can add the following at the bottom of the ACL section of the config file. acl RADIO dstdomain and then add http_access allow RADIO to the top of the http_access section of the config file.

By default, Squid forwards our client IPs to the destination hosts, so we’ll need to disable this to mask our location. We do this (as described here) by setting the forwarded_for directive to off in the config file.

Lastly, remember to restart Squid as follows to ensure your new configuration becomes active.

sudo /etc/init.d/squid restart

You should now have a proxy server, based in the US or EU, listening on a port of your choosing with some measure of access control implemented.

Client Configuration

All that is left to do is to tell your client application (I’ll use Firefox as an example) to connect through the proxy server.

By default, Firefox has the ability to connect through a proxy, but the control isn’t very fine grained. You can either connect to all sites through the proxy, or not use the proxy at all.

In order to have more control over which sites actually connect via the proxy server, I recommend installing the FoxyProxy Standard addon for Firefox.

Once you’ve installed the addon and restarted Firefox, go to Tools » FoxyProxy Standard » Options and select Add New Proxy. Give the proxy server a name and enter the public_dns and http_port. Then go to the URL Patterns tab and Add New Pattern. Give it a name (e.g. Spotify) and specify the pattern (e.g. **).

Make sure that Use proxies based on their pre-defined patterns and priorities is chosen for the Select mode drop down on the main FoxyProxy options pane.

Now you should be able to sign up on Pandora or request an invite on Spotify (assuming you have configured Squid to allow access and have specified the proxy and URL patterns in FoxyProxy).

Service Notes

If you’re connecting through a US based proxy, you can sign up for Pandora and listen as long as you always connect via the proxy. With Spotify (which has recently been launched in the US), you can’t directly sign up for an account. You can, however, find some invitation codes here and then use them here to sign up. Once you sign up for Spotify and download the client, you can listen without connecting through the proxy!

Netflix seems to employ some kind of proxy detection software, so I haven’t been able to get that working yet. I haven’t tried BBC iPlayer.


While this method is free for a while (a year, or until you use up your free bandwidth), it’s definitely not a permanent solution.

Further Work

There are a few things I need to try to get Netflix to work, namely, I need to see what headers Squid is sending and disable the ones which could potentially reveal the fact that it’s a proxy. Also, I still need to try out iPlayer.

Disabling ⌘Q Application Quit

On a number of occasions I’ve accidentally hit ⌘Q instead of ⌘⇥ and closed the current application.

Do disable this “feature” we go to System Preferences » Keyboard, choose Application Shortcuts in the left pane. Now, double click on the current keyboard shortcut for Show Help Menu and press ⌘Q to remap it.

Now, whenever you press ⌘Q by accident you’ll just open the help menu instead of closing the application.

Also, this is quite a useful reference for the special Mac keyboard symbols.

Rendering Mathematics in LaTeX in HTML

EDIT: This is going to work until I fix up a DNS issue. Current I recommend using MathJax now in any case.

If you plan to blog about anything scientific, especially in the mathematical sciences, there’s a good chance you’re going to need to render some equations. Since \LaTeX is the de facto standard for typesetting mathematics, that’s what you’re going to want to use.

this is just test a test of inline.

If you’re using Drupal, then a module like DruTeX is the perfect solution. That is, if you’re hosting the implementation yourself or have the rights to install on the box running Drupal. If, however, this isn’t the case, then you might want to consider mimeTeX. mimeTeX is a minimal rendering engine which takes mathematics expressions as input and generates gifs as ouput. Since mimeTeX is accessible via CGI, gifs can be generated on the fly each time your page is accessed.

Everything you need to know to get mimeTeX up and running is available in the mimeTeX manual. Essentially, all you have to do is download the source and compile as follows.

cc -DAA mimetex.c gifsave.c -lm -o mimetex.cgi

There are also some precompiled binaries available here (sadly not for 64bit Linux though).

Once you’ve got a binary, you just need to dump it in the cgi-bin directory and then you can easily generate mathematics by invoking the mimeTeX build. For example, entering the following into your browser address bar should generate .^x=\lim_{n\to\infty}\left(1+\frac xn\right)^n

Here are a few more examples.

Drupal 7 Syntax Highlighting

It seems like the GeSHi Filter is the most popular Drupal 7.x module for syntax highlighting. To get it up and running, first install the dependent Libraries API (2.x-dev) and download the required GeSHi PHP Library (1.0.x), then install the GeSHi Filter module. As per the GeSHi Filter README, extract the GeSHi Library to /sites/all/modules/geshifilter and then enable the module via the Drupal admin interface. If the library isn't detected, try clearing the cache.

Once the GeSHi module is running, you have to enable the filter on your preferred text format (e.g. Filtered HTML). You do this on the Admin >> Configuration >> Text Formats page. I also had to put GeSHi at the bottom of the processing order to get it to work. If you’re using a WYSIWYG editor (like CKEditor) for creating content, make sure it’s not escaping special characters like ‘>’.

Once you get the module fully functional, you should be able to highlight a wide variety of languages, as illustrated in the following examples.

Java class example.

 * Dummy Java class to illustrate GeSHi 
 * @author Pascal Brandt
public class Dummy {
    // Constants

    public static final DUMMY_STRING = "Dummy";

    // Members

    protected int dummyInt;
    protected List<Integer> dummyList;

    // Contructor

    public Dummy(int dInt, List<Integer> dList) {
        dummyInt = dInt;
        dummyList = dList;

PHP example from MediaWiki’s LocalSettings.php config file.

$wgUploadPath       = "$wgScriptPath/uploads";      ## Wiki 1.5 defaults to /images, but allows more than just images

$wgUploadDirectory  = "$IP/uploads";                ## Wiki 1.5 defaults to /images, but allows more than just images

## To enable image uploads, make sure the above '$wgUploadPath' directory is writable by Apache User or group.

## ''(i.e.  chmod og+w uploads images)''  then the following should be true:

$wgEnableUploads       = true;
$wgUseImageResize      = true;
$wgUseImageMagick      = true;
$wgImageMagickConvertCommand = "/usr/bin/convert";
## If you want to use image uploads under safe mode, create the directories images/archive, images/thumb and

## images/temp, and make them all writable. Then uncomment this, if it's not already uncommented:

$wgHashedUploadDirectory = false;

Python list comprehension example.

new_range = [i * i for i in range(5) if i % 2 == 0]

MySQL create table example.

CREATE TABLE client_firms (
    id   INT,
    name VARCHAR(35)
    PARTITION r0 VALUES IN (1, 5, 9, 13, 17, 21),
    PARTITION r1 VALUES IN (2, 6, 10, 14, 18, 22),
    PARTITION r2 VALUES IN (3, 7, 11, 15, 19, 23),
    PARTITION r3 VALUES IN (4, 8, 12, 16, 20, 24)

In theory, inline code snippets like

$var = 35

should also work.

EDIT: Since I migrated to Jekyll, the above code is actually highlighted using Pygments.

OS X Lion

Looking forward to testing out OS X Lion.

Lion Download