Slashdot Mirror
ABC Showed IPs of Chatroom Participants
Blob Pet writes "The Associated Press reports that ABC News published the IP addresses of those who participated in an 'Internet news broadcast' Monday with Sam Donaldson. It prevents someone like Bill Clinton from pretending to be an average American and preaching how great the President is on an online forum hehe."
There's also a privacy concern or two here, as the article points out, and IMO ABC booted it on this one. Would "Mark from DC" have been as free with his opinions if he'd known his bosses could easily trace him? I doubt it.
His present 'troubles' (fabricated by a conspiratorial right wing) aside, history will show that he was one of the great orators and statesmen of this century.
Sign me,
Anonymous Coward
(no relation to the President - honest!)
--
It takes a village to raise a child.
Donations for my campaign gratefully accepted.
hilary@whitehouse.gov
I can't stand it when online sites or forums post your IP without first warning you in big flashing bold letters.
/. know how to spoof or masquerade or proxy their real IP...not to mention that Bill Clinton could just get on a AOL account if he wants to look like some average Joe Shmoe.
= -=-=-=-=-=-=-=-
First of all...from a security standpoint, it's completely useless since any eight-year-old who reads
All it does is post the IPs of people who probably aren't smart enough to know how to hide them...which pretty much paints a big red bulls eys on them for the BO/NetBus crowd.
Back on my dial-up ISP days, I didn't care if my IP was out there since all I had to do was disconnect to get a new one. But now having a cable modem, the last thing I want is for some bored wanna-be-cr/hacker to port scan me because something about my post leads him to believe I have vast treasure troves of illegal warez just waiting for him on port 2121...
- JoeShmoe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
At least dynamic IP users retain some kind of privacy - but think about all us geeks with leased lines and our own IP space. We're even easier to locate...
Showing your ips is generally a very bad idea. I think an IP should be handled the exact same way as a telephone number. You usually don't go about showing those on tv either, do you?
The least they should do is put up a big warning.
... that your IP is easily found out if your participiating in IRC and that has been so for ages. Also, you all know of course, that your IP shows up in web logs, and has been from the very beginning of the web.
You all know as well that you need to use some kind of cryptographically hard anonymizing service for better protection.
I can see the byline now when these people find out about the existance of IRC: "Massive privacy concern's discovered using popular IRC program!". Like it or not, people using IRC have their IP address made available, but it's consentual, in a way. Everyone can see your IP address, by you can see everyone's IP address too. But of course, only the really stupid packet warriors smurf someone from their own dialup.
The close to 500k people who use the various IRC networks around don't seem to complain about their IP's being shown.
Ok, actually yes quiet a few of them they do, and it's something I think IRC networks should really get their butts into gear over somehow masking. Knowing who to email when some butthead floods you on IRC is all well and good, but in these modern days of packet warriors, showing the whole IP address is less than wise. Rumour is that a near-future version of a certain-network's ircd will employ some form of hostmasking technique.
Disclaimer: I don't represent Undernet Administration as a whole.
Right now, most people are probably not too concerned about their IP adresses being kept private. As already said, modem users only have to reconnect to get a new one, and retain some semblance of anonymity. Cable is a different situation -- some services will reassign a new IP after you've been logged out for a few hours, others assign a static address. But what really gets me is the situation at many university's. A lot of schools map students email/net id's to the host name of each IP for those living in the dorms. As if that weren't enought, many then provide electronic student directories on their websites where you can enter said email/net id and get such information as students name, physical address, and phone number. In the future, as more people move away from dial-up services, IP addresses will become just one more personal, identifying number (wow, maybe they could replace social security numbers...heh). It all makes me wonder what will become of personal privacy. I'm sure this is going to be an even more important issue once a majority of people have static IP's, and maybe then something will change. In the meanwhile, watch your back college kids!
As I mentioned in a previous post, I happen to be using a cable modem...and the mental giants that set up the network decided to name every single host name by it's physical location. Which means if someone does a reverse-DNS lookup on my IP, they will get...
= -=-=-=-=-=-=-=-
customer.city.region.state.country.home.com
Plus, my since my customer number is first, if the person has any amount of human engineering skills, they will have my street address in no time. I can't tell you how many times I've had @Home reps read aloud my home address and THEN ask me for my security passcode. Failing that, since they have my city and state, if they get my last name they have a better-than-average chance of finding me listed in a phone directory. =\
Obviously, my complaints fall on deaf ears since @Home is not going to change their idiotic naming scheme any time soon. So, that means I must use the utmost caution when allowing my IP to be posted somewhere online. You people think that only e-mail address are harvested from public discussion groups? Wrong. For several weeks following a posting to a beginners help forum (that listed my IP) I was bombarded with signals on port 31337 and 12345. I actually had to threaten @Home with legal action to get them to change my IP and ever since I haven't let that thing get out of my sight.
If you have a cable modem, especially @Home, I strongly suggest you be just as careful.
- JoeShmoe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
Some things to check out:
The Anonymizer
Surf the Web anonymously
Replays Anonymous Remailers
Send email anonymously
Onion Routing
Onion Routing allows you to send IP packets anonymously.
SSonet
Multilevel security in computer networks.
I'm thinking lawsuit.
Why is this even an issue? I'd be complaining if they didn't post the IP addresses.
There isn't a newpaper in this country who values its reputation that runs blind letters to the editor. Period. Every letter must be signed and, at every newspaper I've worked for, the editorial staff goes to great lengths to make sure the name at the bottom of the letter is actually who wrote the letter. Every person who gets a letter published generally gets a phone call before the letter is published.
Folks who use the net expect a greater level of *anonymity* (not privacy) than do most people.
Anonymity and privacy are two different beasts but that's another topic.
InitZero
The web equivalent of an IRC relay would be one of those anonymizer services. They could easily have chosen to use one of these if they were truly worried about their identity.
Unless the spammer's "ISP" *is* the spammer, or the ISP is spam-friendly. At that point you have little choice but to go up another level. I've had to do that quite frequently.
Until I realized how little about high technology the readers of the ABC website (and probably their viewers as well) I was utterly baffled as to why they considered this news. It's complete nonsense.
Hmmm... Someone's web site is recording the IP addresses of the posters. So what? I'm currently engaged in the process of collecting enough AOL CDs to build a parabolic reflector to use the sun's light to write my name on the surface of the moon, and I'm already about halfway there. Almost three-quarters of the way there if I elected to use all the CDs from the other online services as well. With literally geologic epochs-worth of free online time for dozens of providers, it's far far far too easy to come from dozens of places at once. Trying to say that it will keep people from hiding their identities, I'm sad to have to say, demonstrates an incredible naivete. (Bad Rob! No biscuit for you!) For that matter, it will *not* let people track down the "real identities" of posters, since no ISP who wants to stay in buisness will ever give out the personal details of their customers without a court order.
There is only one thing that is accomplished by posting the IP address of the author... It makes it very clear to them that if they decide to troll or post a load of flame bait, that people will have their IP address and time and can send emails of complaint to their ISP. (You would be suprised at both how many web-boards don't log IP address information, as well as how many users don't realize how truly available that information actually is to the moderator of an online forum. Most of the truly awful trolls will play in other pastures once they realize that they could lose their internet account, not to mention get into a lot of trouble with their parents for their actions.
Get over it folks.
ABC has been showing either the home ISP or the IP address (when it can't resolve ISP) for as long as I've been viewing their chats -- about a year. I have no idea how long before that.
CNN, ABC, and other "big news" outlets getting into the interactivity department have learned a few things along the way. For instance, CNN discovered that with open registration, people felt anonymous and would fill up their forums with obscenities and personal abuse (flamewars for the uninitiated). CNN began requiring a "real" e-mail address (though so far as I know mainly they reject hotmail). ABC began posting chat messages like this:
frank rizzo from proxy.aol.com at 10:02am ET
Evas mom from splitrock.net at 10:04am ET
Kisuh from [210.183.28.97] at 10:11am ET
This holds in all chat rooms, not just the political ones. So far as I know, all chats at ABC are moderated anyway, so only postings approved by the moderator are shown. This policy is also something found at MANY web-based chat systems, e.g. bianca.com, again instituted after abuse forced them to.
ABC is not in the business of providing an anonymous forum; they're in the business of entertaining people with news. There are plenty of other places on the internet where one can speak their mind privately.
The person posting this was obviously a first-time ABC chat user, otherwise they would have known this. I don't understand the shock; this sort of thing is common and I'm convinced this person is a newbie with an itchy privacy finger.
lake effect weblog
{Network engineer in Chicago--looking for work!}
Actually hostnames (which are trivially gleamed from IP's) frequently share a wealth about physical locations:
The 150 might not mean anything, but it's a safe bet this guy goes to school at University and is in a dorm named Smith.
If you figure out what building 150 is (as most students at univ.edu probably can), you can walk right up and introduce yourself to The Man himself.
This guy's probably in St. Louis.
I think it's a safe bet this one's in Seattle.
Now, I will agree that it's typically rather difficult to get anything more specific than this, but hostnames are very frequently made up is geographical details.
There are also a number of other reasons IP's can be used maliciously to make your life difficult, but I think the other posters have adequately covered those.
The chat transcript in question. Valid at least until the next time it's used, I guess.
The IP reporting is not "unusual" as stated in the boston.com article (see my other post), nor is it given for "each participant". It is only shown when the originating ISP cannot be resolved.
lake effect weblog
{Network engineer in Chicago--looking for work!}