Judge: IP Address Can't Even Identify a State

[exfileme]

Not only can an IP address NOT identify an individual, it can't even properly identify an American state.

Judge: IP Address Can't Even Identify a State : Read more

 

[eddieroolz]

Step by step, the American courts are waking up. It's not too late.

 

[ap3x]

Ip adresses cannot identify a person by itself but it most certainly can identify a state. This is an issue of having a professional describe how. I deal with this all the time. Geolocation information combined with route tracing does it very easily and that is at it's most basic.

 

[killerclick]

[citation][nom]eddieroolz[/nom]Step by step, the American courts are waking up. It's not too late.[/citation]

Courts are simply ruling on technical issues. I'm worried that RIAA and MPAA may circumvent these issues by lobbying for a law that places full responsibility on the owner of an internet connection, or even worse to require everybody using the Internet to be personally identified (through smart cards, biometrics, etc). With the walled garden model being pushed by Apple and lately Microsoft, I can just see every Internet connected device being tied to a specific individual.

 

[shawn808]

Hey ap3x...

Tell that to my VPN.

 

[yumri]

i think this ruling was kinda right kinda wrong as they could alway take it to the fedural court as the IP address idenefiys it is in the USA just not where in the USA though the IP database to find the address which the IP was asigned to at a date and time and if they dig enough probably which computer was using the protocol at the time alleged for it to have happened they will just have to upload the routing table from the router and look then as the router ussualy assigns the same IP to the same computer unless the computer does a ipconfig /relase then ipconfig /renew thing to get a new ip address thus if you can do that within 24 hours of when it happens you can find out which computer it is and then ask who uses that computer the most to get who the pirate is but if it takes more then 24 hours to get the premission to upload the routing table it probably took to much time to get the internal ip address thus not possiable to find the person who is the pirate since lots of ppl use the same connection now adays

 

[blazorthon]

[citation][nom]yumri[/nom]i think this ruling was kinda right kinda wrong as they could alway take it to the fedural court as the IP address idenefiys it is in the USA just not where in the USA though the IP database to find the address which the IP was asigned to at a date and time and if they dig enough probably which computer was using the protocol at the time alleged for it to have happened they will just have to upload the routing table from the router and look then as the router ussualy assigns the same IP to the same computer unless the computer does a ipconfig /relase then ipconfig /renew thing to get a new ip address thus if you can do that within 24 hours of when it happens you can find out which computer it is and then ask who uses that computer the most to get who the pirate is but if it takes more then 24 hours to get the premission to upload the routing table it probably took to much time to get the internal ip address thus not possiable to find the person who is the pirate since lots of ppl use the same connection now adays[/citation]

VPN and proxys can be used outside of a country, to make it look like you are in a different country. That's only basic ways to do that, too. There are more advanced things that can be done. An IP address can't really accurately identify much of anything, at this point, that can be used to sue individual citizens.

 

[Guest]

Florida...why is my name Florida? That's the name of a state!

 

[bison88]

[citation][nom]ap3x[/nom]Ip adresses cannot identify a person by itself but it most certainly can identify a state. This is an issue of having a professional describe how. I deal with this all the time. Geolocation information combined with route tracing does it very easily and that is at it's most basic.[/citation]


You're completely missing the point. As the article and Judge mentioned, of course it technically "could" identify a state or even city/region, but the margin for error is high for that being false or inaccurate. If you understand how IP addressing works then you know that it's dependent on how the company buy/renting IP's from an RIR allocates IP's throughout there systems. If they have enough IP's and the Network Admins took the time, they can regionally assign them based off a pre-set subnet to make troubleshooting and assignment easier.

With IP addresses finally getting used up the ranges can be all over the place especially for users who have dynamic IP's. There is more too it than that, but in general geolocation IP tools work only as well as the network addressing the IP addresses wants to make it work. It isn't something magically permanent and identifable like a house address, a zip code at the very best. IPv6 that may change, but as it stands now the judge made the right decision for all intents and purposes.

 

[f-14]

IP address can not identify a person any more than a license plate can identify the driver.
a) company vehicle
b) stolen vehicle
c) family or friends driving the vehicle
d) mechanic road testing a vehicle
e) photo shopped plate (yes people do it with money as well as drivers license's and proxy IP or VPN)
that is enough cause for reasonable doubt as all 5 of those reasons can also be done with IP

 

[inerax]

[citation][nom]f-14[/nom]IP address can not identify a person any more than a license plate can identify the driver.a) company vehicleb) stolen vehiclec) family or friends driving the vehicled) mechanic road testing a vehiclee) photo shopped plate (yes people do it with money as well as drivers license's and proxy IP or VPN)that is enough cause for reasonable doubt as all 5 of those reasons can also be done with IP[/citation]

My mechanic takes my IP out for a test drive all the time

But very good points all around.

 

[Devoteicon]

[citation][nom]eddieroolz[/nom]Step by step, the American courts are waking up. It's not too late.[/citation]

It's already too late for the people that have had their names dragged through the mud based on an IP alone. I feel bad for them... But you are right, we're heading in the right direction.

 

[ithurtswhenipee]

[citation][nom]yumri[/nom]i think this ruling was kinda right kinda wrong as they could alway take it to the fedural court as the IP address idenefiys it is in the USA just not where in the USA though the IP database to find the address which the IP was asigned to at a date and time and if they dig enough probably which computer was using the protocol at the time alleged for it to have happened they will just have to upload the routing table from the router and look then as the router ussualy assigns the same IP to the same computer unless the computer does a ipconfig /relase then ipconfig /renew thing to get a new ip address thus if you can do that within 24 hours of when it happens you can find out which computer it is and then ask who uses that computer the most to get who the pirate is but if it takes more then 24 hours to get the premission to upload the routing table it probably took to much time to get the internal ip address thus not possiable to find the person who is the pirate since lots of ppl use the same connection now adays[/citation]

Longest run-on sentence ever?

 

[soccerdocks]

[citation][nom]f-14[/nom]IP address can not identify a person any more than a license plate can identify the driver[/citation]

I would actually argue that it is even less likely to identify a person than a license plate. I let a whole lot more people I know use my internet than drive my car.

 

[milktea]

Don't worry, there will be another ruling once IPv6 is widely use. There's going to be enough IPv6 addresses for every string of hair of every person on earth. Every person would have an IP address starting at birth.
Better come up with some good excuses before Piracy Advocates bring that to the court.

 

[blazorthon]

[citation][nom]milktea[/nom]Don't worry, there will be another ruling once IPv6 is widely use. There's going to be enough IPv6 addresses for every string of hair of every person on earth. Every person would have an IP address starting at birth.Better come up with some good excuses before Piracy Advocates bring that to the court.[/citation]

Again, VPN, proxy, and more can still keep that from being a problem. Then, there's also the fact that multiple people will share the same internet connection, often without the knowledge of the owner of that connection and sometimes not even with the owner's consent.

 

[Guest]

Florida...why is my name Florida? That's the name of a state!

You think you have it bad.

-John Doe

 

[justintoxicated]

i thought it's pretty easy to track an ip to a physical location. for example www.unlocktheinbox.com/locateip/ ?? couldn't this be taken further? what am i missing?

 

[ap3x]

[citation][nom]shawn808[/nom]Hey ap3x...Tell that to my VPN.[/citation]

So VPN proxy will help covering your tracks, you are correct but the vast majority of the people that are using torrents or file sharing applications are not proxying their connections through a VPN.

Also, the issue was that an IP address cannot identify a state which is not true. Even with a VPN when you come out of the other end there an address assigned that can be tracked to country and state of that IP. Your VPN connection can also be tracked back your source IP although it is a bit more difficult due to the providers willingness to provide the information to a network forensics expert. There is always a log of your transaction somewhere.

Don't think for a minute that because you have a VPN it means that your cannot be tracked. All the VPN means is that your session is encrypted so unless they have the key or certificate they would only see garbage on a packet capture. But there is still a trail when you initiated the connection.

Also, from a ISP perspective. Just because your connection is wide open to the web does not mean that there is not a firewall logging all transactions as they go. There is also a database of all anonymizers and proxy VPNs on the web and their are tools that can detect the use of proxy VPN's that users setup at their homes (commonly used by school districts to stop their students).

Trust me, privacy on the web is an illusion.

 

[ap3x]

[citation][nom]bison88[/nom]You're completely missing the point. As the article and Judge mentioned, of course it technically "could" identify a state or even city/region, but the margin for error is high for that being false or inaccurate. If you understand how IP addressing works then you know that it's dependent on how the company buy/renting IP's from an RIR allocates IP's throughout there systems. If they have enough IP's and the Network Admins took the time, they can regionally assign them based off a pre-set subnet to make troubleshooting and assignment easier.With IP addresses finally getting used up the ranges can be all over the place especially for users who have dynamic IP's. There is more too it than that, but in general geolocation IP tools work only as well as the network addressing the IP addresses wants to make it work. It isn't something magically permanent and identifable like a house address, a zip code at the very best. IPv6 that may change, but as it stands now the judge made the right decision for all intents and purposes.[/citation]

Sure you can use a non RFC1918 address as a private net and use it anywhere in the world and then translate out to the web but in terms of being publicly routable, that is a no go. We are talking about Internet routable addressing here.

As far as the margin of error argument, I can understand your point due to the possibility of proxies being used in some cases.