Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

more on Dynamic IP address confusion results in wrong family raided

From: David Farber <dave () farber net>
Date: Thu, 26 Oct 2006 11:42:55 -0400


Begin forwarded message:

From: Matt Blaze <blaze () cis upenn edu>
Date: October 26, 2006 11:36:22 AM EDT
To: dave () farber net
Subject: Re: [IP] Dynamic IP address confusion results in wrong family raided 

Matching dynamic IP addresses to subscribers is a very hard problem
for a third-party eavesdropper such as a law enforcement wiretap.
Steve Bellovin and I talked about some of the risks associated with
this in the context of the FBI's (subsequently renamed) "Carnivore"
system back in 2000:

    http://www.crypto.com/papers/opentap.html

More recently, some of my graduate students and I have been looking
at the more general problem of reliably wiretapping Internet
traffic.  Ironically, although the Internet often makes it relatively
easy to for a third party to intercept traffic, the protocols,
architecture and software can make it difficult for an eavesdropper
to recover accurately the content and origin of that traffic.  Worse,
many interception schemes make it relatively easy for a third party
to frame someone by injecting incriminating- looking traffic that was
never actually part of any exchange. See:

    http://www.crypto.com/papers/internet-tap.pdf

Unfortunately, Internet-based evidence is often accepted uncritically
by the legal system, and the associated risks are not well understood.
In fact, collecting "high fidelity" transcripts of Internet activity
may be very hard, and CALEA-like wiretapping capability mandates on
the Internet are likely to be very difficult (and expensive) to
implement properly (and may actually make the problem of unreliable
evidence significantly worse, since many of the points at which these
interfaces would have to be implemented will not be in a position to
extract all the context required for an accurate reconstruction).

-matt


On Oct 25, 2006, at 19:41, David Farber wrote:




Begin forwarded message:

From: Lauren Weinstein <lauren () vortex com>
Date: October 25, 2006 6:48:18 PM EDT
To: dave () farber net
Cc: lauren () vortex com
Subject: Dynamic IP address confusion results in wrong family raided


Dave,

This story should raise the red flag for virtually all Internet users,
since everyone is at risk for this sort of potentially serious
misadventure:

http://arstechnica.com/news.ars/post/20061024-8062.html

When an armed porn raid took place *at the wrong physical address*
apparently based solely on ISP information derived from an IP
address, the results could have been deadly.  It appears that a
dynamic IP address was incorrectly mapped to a subscriber.

We've seen cases before where apparently nonsensical raids have been
conducted for the MPAA based on IP addresses that may well have been
incorrect.

This isn't funny anymore, if it ever was.  ISPs, search engines, and
other sources of retained Internet user activity data are being
treated as adjuncts of law enforcement, with the incredibly
dangerous and faulty presumption that such data will always be
accurate and reliable.

In these kinds of situations, such errors involving retained data
could get people killed.

--Lauren--
Lauren Weinstein
lauren () vortex com or lauren () pfir org
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
   - People For Internet Responsibility - http://www.pfir.org
Co-Founder, IOIC
   - International Open Internet Coalition - http://www.ioic.net
Co-Founder, CIFIP
   - California Initiative For Internet Privacy - http://www.cifip.org
Moderator, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
DayThink: http://daythink.vortex.com




-------------------------------------
You are subscribed as matt+ip () crypto com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting- people/ 



-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: