Slashdot Mirror
IP Addresses Not Enough To ID Users
phaedrus5001, with his first accepted story, points out an article at Ars Technica from which he's excerpted a chunk relevant to nearly anyone with an internet connection: "A file-sharing lawyer admitted this week that IP addresses don't by themselves identify someone accused of sharing copyrighted material online. To figure out who actually shared the pornographic movie at the center of the case, lawyer Brett Gibbs of Steele Hansmeier LLC told the judge (PDF) he would need to search every computer in the subscriber's household."
Does it really matter? Do we need to know every time it's someone's first accepted story? I know I get a good feeling deep down in my heart to know that phaedrus5001 has finally found acceptance...
In the case of an open Wifi hotspot would it also mean all the neighbors in range too?
(I bet they'd probably just stick the owner of the router with the bill)
Sadly, I don't expect this will end anywhere good. I expect RIAA enforcement to suddenly extend to 'all computer equipment on the premise' and more draconian identifying methods by ISPs.
So what if they search all the computers in the house hold it doesn't prove who was sitting at the computer when the actual sharing was done. Most house holds have at least one computer that everyone uses at some point.
He'd have to search:
Man, that's a lot of computers to search.
Domains, shared and dedicated hosting, SSL certs, and more: ArrowBay.net
OH NO!
You just told the MAFIIA where to find it.
I would prefer, "phaedrus5001 writes,..." but if people cared what I preferred, we'd still have a CmdrTaco.
The dangers of knowledge trigger emotional distress in human beings.
For civil cases in the US, the usual standard is "a preponderance of the evidence," which just means more likely than not that X happened.
Before you can surf the web, you have to log in with your social insurance number and an ISP password. Once that's done, your ISP will allow your traffic. Time to authenticate individual users.
Don't want to do this? NO INTERNET FOR YOU!
Sent from EXXON-Mobil MGM Coca-Cola iPad
This, although I don't particularly mind seeing it in the submission. What I do mind, though, is that /.ers whine about it and point it out like a sore thumb. "Bawwww, the article is from a first poster, we must bring attention to this and ridicule him/her!"
The more you know, the more you have to say and the more you should listen.
They always find something. It only takes six lines written by the most honest man to find something on which to hang him.
Give me Classic Slashdot or give me death!
Most of the issues are really unresolvable.. esp. with us being a "representative democracy"
Add to that the fact that internet penetration is terrible and terribly expensive, those with internet connections can do whatever they want.. noone cares
Nope, it's completely about who the jury likes.
"I'm just here to regulate funkiness."
Just because the computer in question shared a file doesn't mean anyone in the house did it or was even aware of it. For that matter, there are trojans and viruses more than capable of establishing a personal computer as a file-sharing node without the knowledge of the owner / operator. The person at fault is the person that intentionally caused the content to be shared, not the computer owner or operator(s).
It could be argued that you are a bit responsible for what your computer does
Except that computers connected to the Internet are sometimes taken over by malware that causes the computers to do things outside of the control of their owners. There was a case a while back where a guy was accused of downloading child pornography, and it was discovered that it was actually malware that did the downloading. Is it really that far-fetched to think that some hacker who wants to download music without getting sued would use a botnet to hide his activities?
Palm trees and 8
and that means that within the contractual arrangement with the ISP, they are able to hold me responsible for things that happen on my connection. They can ask me to pay when there are costs as a result. They can disconnect the connection at my expense if nefarious things happen over it.
But that contract has nothing to do with my legal liability with a 3rd party. If the 3rd party sues the ISP, and the ISP, through my contractual relationship, holds me responsible, that's one thing. But that's not what they are doing. If they're going to try to prove that I'm legally liable for what they think went on, for damages they think I did to them, they're going to have to show enough proof of that.
The **AA reality distortion field is apparently even stronger than Apple's.
Hollywood can't bear to have someone copy Revenge of the Nerds 3. So they get as far as "We got this IP Address down to one household - but we don't know who in the household did it."
The solution is of course - "confiscate all equipment in the household!"
Or, we can hope, sanity will prevail...
The Unholy Trinity of Prophetic Manuals is becoming 1984, Animal Farm, and Brave New World. Bonus Reading Fahrenheit 451.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
As your attorney, I advise you to tell him to go fuck himself. Hard.
As his attorney, it's your legal obligation to refer the accuser to the response given in Arkell v. Pressdram.
Although this is won't work with DSL because of PPOE login, with a cable modem your IP address is not proof of anything.
Why? DHCP is not the only game in town. On many networks, you can take a DHCP-assigned address and determine the appropriate subnet mask, default route, and DNS server. But nothing really stops you from manually overriding the IP address, as long as you choose one in the same subnet that happens to be unused at the moment. The ISP can make this a little more difficult by remembering the MAC address associated with each address, but there are workarounds for that too.
I became aware of this when my cable modem stopped working and the support technician discovered that my IP address was in use from someplace other than my house. In those days, all addressing was static. Some other customer had inadvertently (or deliberately) assumed my IP address. The tech gave me a new address assignment and everything worked. So whoever hijacked my IP address left the audit trail pointing to ME. The hijacker was (from an IP address perspective) invisible.
As has been pointed out in previous bitch-fests about this, it's a way to encourage a more diverse range of submissions by communicating to users that they are welcome to submit stories even if they're not part of the Slashdot Cabal. Of course, many hardcore nerds LOVE to be part of clique-ish cabals. So I assume you're one of those knee-jerk noob haters as well as an AC. I would guess that the recent high frequency of "first time submitter" mentions is because this plan is ACTUALLY WORKING. Get over yourself.
Weeeellll...considering the fact it has been slashvertisement city here as of late frankly we ought to be damned happy that it isn't some more Infoworld or that other site (you know, the one that had the brass balls to put a FIFTY ONE PAGE TFA under "Best FOSS software!" like a giant douche?) so personally I say welcome aboard dude.
As for TFA, yeah that is ALL we need, considering their "detection software" said a fricking laser printer was file sharing, is to give these douches an excuse for a fishing expedition on EVERY PC IN THE HOUSE. Be honest guys, how many of you have receipts for every bit of media, software, movies, etc, that you have? I know I'm moved 4 times in the past 5 years and have NO clue as to where half of my damned discs are. That was kinda the whole point of backing everything up onto a HDD as it is a hell of a lot easier to keep up with a USB HDD that holds thousands of discs worth of stuff than it is to keep up with thousands of discs.
I know some got crunched and tossed when my amp fell over on the box (boy that was a mess!) some are in storage, some I lent to my mom (whom I'm sure has promptly lost them or her damned goat of a dog had them for lunch), some I lent to friends (yeah good luck seeing THOSE again, hell I don't even remember who has what), some are in storage and some lord only knows where I put those boxes.
Personally as much as I hated Wesley Crusher I saw a video of Wil Wheaton at some convention and he nailed it "Make it simple for people to have the files legally" because as Gabe at Valve pointed out the pirates are offering a better value. I should be able to buy a disc ONCE, register it, and that's it, I'm done. i should from then on be able to put it in any damned format I like, toss the disc, whatever, I paid and I'm done. The IP bullshit is the only damned thing I can think where they say it is property AND/OR a license, apparently on the whim of the IP asshole. If I have the disc I only have a license, but then I lose the disc I only had the media and need to replace, WTF?
If I would have kept up with every single disc I swear i wouldn't be able to even walk in my damned apt, and if scum sucking lawyers like in TFA start using that excuse to make fishing expeditions frankly we're all fucked.
ACs don't waste your time replying, your posts are never seen by me.
And goodluckwiththat if they want to search every computer that has used my IP address; that includes the 10 or so in the house, virtually every relative and friend who has come a-visiting, several business associates and clients, members of assorted local clubs and social committees who rotate to my house for meetings, neighbours and their kids on occasions when their own connection has been down, and every random joe and jill who has benefitted from my FÓN shared bandwidth.
Don't forget these lawyers don't actually believe all this crap about licensing and ownership. They know perfectly well it's bullshit, and that the legal framework for IP is broken in the gutter, but their employers and clients pay them money to pretend. It's their job to lie to us. That's what makes them lower than vole scrota.
and if scum sucking lawyers like in TFA start using that excuse to make fishing expeditions frankly we're all fucked.
There have already been Constitutionality questions raised about many aspects of the RIAA lawsuit mill. In fact, we're already beyond the merely ridiculous, in both the outrageous claims these lawyers make, the "evidence" they present, what courts have been accepting from overpaid Armani suits.
The thing is, there's some precedent for these kinds of fishing expeditions, and it doesn't even take a schlock outfit like the RIAA to start one. The first of which I was aware was the infamous Steve Jackson Games case, where the Secret Service took the word of a phone company (a phone company!) that wrongdoing had been committed, and caused quite a bit of damage. When it got to court they lost, and received a reprimand from the judge for their sloppy investigative practices.
Law enforcement always tends to take the side of large corporate legal departments over individuals: the tragedy there is that the corporation can afford to pay for its mistakes, while the average citizen cannot and can easily be bankrupted.
The higher the technology, the sharper that two-edged sword.
Not running out of IPv4 space.. not logic.. but the ability to identify traffic as coming from a specific computer vice "it came from that network". (yes I know there is IPv6 NAT.. but we are talking about the masses).
I suspect you're going to be disappointed there, because an IPv6 address doesn't actually identify anything either. The only reason that you can even connect an IPv4 address to an account holder is that the ISP keeps records and people have been willing to assume that those records are accurate. With IPv6, the ISP will allocate a block of address to each account holder and the account holder will use them for their devices. The ISP won't have any idea which address allocated to the account holder was used for which device, and the address assigned to each device may change arbitrarily according to the whim of the account holder, who is not likely to keep any records and whose records naturally could not be trusted in any event.
As I pointed out in another subthread 'NAT is not a shield', an ISP could provide the Network ID part of a private owner's address, but if that private owner has distributed addresses b/w the computers of different family members or even guests, that would be intrusive on other people in that network. The problem gets worse if one is talking about an office environment, where hundreds of employees could have to be tagged.
Then they will have to make IPv6 NATs illegal, too.
ISPs charge extra for more than one IP so anybody who has more than one device (PC, Tablet, TV, Smartphone, etc) will enable a NAT in their crappy router.
This whole "gotta do anything to get all possible profit for media" is getting out of hand. But since people are OK with the TSA hand literally up their asses they won't mind having different hand on their wallets, too.
If one gets IPv6, one will get not a /128, but a /64 address range, which allows one to have up to 2^64 addresses on one's network. If DHCPv6 is used, it'll be impossible to identify which device had which ID and when - particularly if all this is going thru a private wireless router. Currently, under IPv4, you're probably going thru multiple NAT layers, but under IPv6, the router could be assigned the Network ID, each SSID to a separate subnet, and then, under this router, addresses could be assigned using DHCPv6, thereby having dynamic IPv6 addresses and throwing off the scent. ISPs would charge the same for a single /64 as they would for for a single /32 under IPv4. In the latter case, one could either use just one device, or connect it to a switch and then NAT it, whereas in the former case, one can connect any number of devices (less than 2^64) to it. So the cost of the single /64 would be spread over all of them, instead of being dedicated to just a single address.
There is no such thing as IPv6 NAT - by design, IPv6 doesn't have any NAT. All the NAT mechanisms that work w/ IPv6 are there for the purposes of interfacing w/ IPv4 private addresses - there is NAT 46, NAT64, NAT464, but absolutely no NAT66. Large Scale NAT is there in a v6 network, where the translation from v6 to v4 is done just before the address goes to a device that can just deal w/ IPv4.
Who needs NAT? Autoconfiguration is just a standard way to pick a non-conflicting address, but since ARP is still part of the spec, you can choose any other as well so long as all other machines on that subnet agree to respect the same standard.
Alternative standards exist already, including choosing a random address and sending out probe ARPs to see if it conflicts.
So while only one machine at a time can have a particular IPv6 address, any computer on the subnet could have been that one if you so choose.
Taken to the e