Slashdot Mirror

← Back to Stories (view on slashdot.org)

Quova Inc. Completes Trace of 4 billion IP Addresses

Posted by timothy on from the wait-till-IPV6-for-the-real-fun dept.

RatzMilk writes: "Quova Inc. claim they have completed a global scanning system [Note: first mentioned on Slashdot in July -- timothy] that pinpoints the geographic location of Internet users in real time. The information gathered is then sold as a tool called 'GeoPoint' that can be used by advertisers to better target their advertisments to people based on their location. It doesn't rely on cookies or voluntary submissions from users, instead, using a data base built by scanning every host on the Internet. In gathering this information, they set off alarms all over the world, and yet, it seems that this is an accceptable practice in the eyes of the law. Individual people are having their computers impounded and in some cases are being incarcerated for doing the same. ... Further details on this story can be found at Security Focus." (Sorry, but Security Focus is not designed for direct linking; click on the link that says "Scanning Mystery Solved.") [Updated 5:58 GMT by timothy] Scratch the comment about deep linking; I've restored the link RatzMilk provided, which originally brought me only "page not found" errors. Hope it works for everyone ...

12 of 182 comments (clear)

  1. There should be nothing wrong with pinging. by Lord+Ender · · Score: 4

    The government should not do anthing to anyone for tracerouting or pinging. There is nothing wrong with that. I use these tools often, just for curiosity.

    If a computer has a web server running that allows anyone to download a webpage, it should be considered authorized use. If a computer returns my pings, that should be authorized use. These people should be allowed to ping/traceroute whoever they want, and so should I. If people don't want me to ping them, they should set up their computers not to return my pings.

    I long for the old days of the internet when you weren't considered a threat if you used a ping. Now we must play dumb or be considred "hackers".

    --
    A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
  2. The World is Saved! by Spud+the+Ninja · · Score: 5

    From their website:

    Global coverage. Distinguish Canada from Colombia, and Paris, Texas from Paris, France.

    As someone living in British Columbia, Canada, I have been in dire need of this service. Hooray!

    --
    You can never put too much water in a nuclear reactor.
  3. Uhmm, Sure.... by quickquack · · Score: 5

    I'd like some evidence to back their claim. First of all, 27 million AOL users will appear to be in Virginia. Secondly, I'm sure a lot of people use a ppp account on one of their colo/ISP's servers.

    Sooo, more evidence please!
    ------------

    --
    ------------
    Tonight on Fox: Deadliest Executions Part XVII
  4. Ahem... by Shoeboy · · Score: 5

    This is not news. I've been able to track people's localles over the internet for years now. All truly skilled hackers can.
    I know where you live, where you work, when you sleep and what you fear.
    I have only one thing to say to you:
    Damn you're boring - why don't you get a life?
    --Shoeboy

  5. Re:And so? by jbailey999 · · Score: 4

    If you haven't heard this before, then you haven't been reading slashdot for long. This type of fear mongering is quite common when people talk about IPv6. The *recommended* way to generate an IPv6 address is through your MAC address. You're still welcome to assign them by hand if you so choose. Also, almost every Ethernet NIC can have its MAC address overridden.

    The poster apparently hasn't been following slashdot either...

  6. An easy way to stop "them" tracking you .... by doctor_oktagon · · Score: 4

    Dial-up long distance to an ISP in a backwards country using a phone company you know don't support call-number forwarding, and get a telnet account on a old UNIX server in a country where the police force are not savvy enough to be able to read the dialup log files.

    good: No-one will ever know where you live!

    bad: Using the net will be a pain, and you won't be able to do anything usefull.

    moral: It's all a trade-off between useability and personal space. You sacrifice one for the other.

    Would the medieval version of slashdot be so concerned when boats roamed through the seas and produced those things you earth-people called "maps" ... I don't think so! :-)

  7. Phutet's GDP rises exponentially by Sheeple+Police · · Score: 4

    Future News Article:

    The small area of Phuket, located in the bustling country of Thailand, has seen it's GDP rise exponentially, due to the introduction of their latest service, Phuket Fun. Using Phuket Fun, security minded individuals can browse safely and anonymously, having their IP address completely masked.

    Should a company or individual do a lookup on the idea, they will see that the user is coming from Phuket U. A new era in privacy has thus been issued in, with companies like Akamai and services like geoTrace being told what they should have been rightfully told when they suggested such services - to Phuket.
    In all seriousness (which is rare for me), what would be the effect of using one of the many anonymous proxies out there which effectively mask your IP? Agreebly, these companies would have logs of your IP, but toss one of these companies into some off shore third world country (note: I simply used Phuket for the fun of the word), where the government can't control the people or the information, but thanks to grants/loans from places like the World Bank have been able to establish some form of information infrastructure, and you'd be safe! (And you'd also have a run-on sentance, but that is besides the point)

    In either event, I'm more concerned about the IPv6 potential for damage/abuse/blatent violations of rights than I am about having someone figure out that I live in Georgia (even though a Neotrace lookup from multiple people repeatedly implies I am in sunny California - don't I wish). It seems like just another company had some peeved geek sarcasticly tell the marketering guy "Oh, you want your database to be done by eunichs?!? Yeah, sounds like a great idea. While you're at it, why don't I create a program to find out where internet l-users live. That's another really great idea."

    Oh well, there's my two cents (Out of pity for having to endure my poor jokes).

    --

    Information is the catalyst for revolution
  8. Now THIS is ironic! by doctor_oktagon · · Score: 4

    I just refreshed this story, and what banner advert should fill my screen?

    Think Geek advertising poster depicting Map of the Internet!

    So are we now boycotting Think Geek for commercially violating our address space? Or more to the point, isn't this actually an interesting visualisation of the virtual space we inhabit?

    Call me a doctor! I think I'm gonna die laughing!!

  9. Re:IPv6 by mr3038 · · Score: 4
    There's also the issue of using ethernet MAC addresses in the last section of the address, which would uniquely identify individual computers (and therefore attach your "fingerprint" to everything you do on the net).

    How about I change my MAC address? Get root and type in ifconfig eth0 hw addr 01:02:03:04:05:06. Just got yourself another MAC address. Do this like once a minute and it can be quite hard to track you down. Of course it breaks many other things but I'm just trying to tell that MAC address is not hardwired address and therefore shouldn't be used like one. [I found this information here.]
    _________________________

    --
    _________________________
    Spelling and grammar mistakes left as an exercise for the reader.
  10. And so? by Froomkin · · Score: 4

    This is better at tracking you than a database based on reverse IP lookups because what exactly? (Keeping in mind that with IPv6 there's going to be *much* more data about you in each of those packets....)

    --

    I have a blog.

  11. Three words... by BlueHexahedron · · Score: 4

    Cease and Desist

  12. Re:Pinging by doctor_oktagon · · Score: 5

    This comment
    If you have a box connected to the Internet, you should expect to get pinged. Heck, way back when I first discovered pings, I pinged random IP addys for kicks
    hits the nail right on the head.

    The Internet is a public network, and part of that public protocol includes tools for mapping (traceroute) routes, and measuring the time it takes to traverse that route (ping).

    If you spend $20000 dollars on an pukka Firewall and a good IDS, then don't start compaining when Ping packets are recieved! The reason you spent all that cash was to block them, which you are now doing.

    I'm not convinced of the value of the data, and I'm even less sure about the intention of why they are doing it (I hate marketeers as much as the "next man"), but as I stress: the Internet is a public network, and if you get annoyed with people "walking by your house", then disconnect your machine from the net, or configure your server/router/firewall to block ICMP (which I generally do).

    The security Incidents mailing lists are full of people complaining that some 3l337 kid in Korea is pinging their server, and they don't like it. Frankly who gives a damn? It's the guy who stealth maps your machine for the latest vulnerability that should be worrying, not someone openly knocking on the front door!