Subpoena to Anonymous Made by Ampersand
One of the most challenging things about being Sara de la Guerra is moderating the diverse, often emotional comments that are made at BlogaBarbara. There are times when I make judgement calls as to what I allow to be published and I reject many comments for various reasons every day. They are either way off-topic, use profanity or are over-the-top in their mean-spritedness which I don't believe facilitates civil dialogue. Protecting your freedom of speech, however, is an important matter to me -- even if I don't agree with what you have to say.
It has come to my attention that Google has received a subpoena from Ampersand Publishing requesting the IP address for an "Anonymous" who made a comment on January 27, 2007. In it -- the commenter said a "bombshell" would be dropped soon related to a former employee of the News-Press. My understanding is that Google intends to provide this information and I felt strongly that our community should know about this as it doesn't sound like there would be a way for the anonymous commenter to know that information is being sought about them.
To keep their identity from being revealed, the commenter might want to contact an attorney or seek assistance from The Electronic Frontier Foundation which has been invaluable to my efforts to keep my identity private. I want to make it clear I do not know who made the comment.
That being said -- common, everyday dynamic IP addresses and other anonymizing technologies will usually keep anyone from knowing where you are writing your comments from past your Internet Service Provider. Still, for whoever made this comment not to know they might be found out seemed wrong to me on an ethical and philosophical level -- whether or not I agree with them. Perhaps we would all be better served if we never wrote anything we wouldn't want to stand up for ourselves.
It has come to my attention that Google has received a subpoena from Ampersand Publishing requesting the IP address for an "Anonymous" who made a comment on January 27, 2007. In it -- the commenter said a "bombshell" would be dropped soon related to a former employee of the News-Press. My understanding is that Google intends to provide this information and I felt strongly that our community should know about this as it doesn't sound like there would be a way for the anonymous commenter to know that information is being sought about them.
To keep their identity from being revealed, the commenter might want to contact an attorney or seek assistance from The Electronic Frontier Foundation which has been invaluable to my efforts to keep my identity private. I want to make it clear I do not know who made the comment.
That being said -- common, everyday dynamic IP addresses and other anonymizing technologies will usually keep anyone from knowing where you are writing your comments from past your Internet Service Provider. Still, for whoever made this comment not to know they might be found out seemed wrong to me on an ethical and philosophical level -- whether or not I agree with them. Perhaps we would all be better served if we never wrote anything we wouldn't want to stand up for ourselves.
posted by Sara De la Guerra | 3/06/2007 08:00:00 PM
Our Community Guidelines ask that you use the Blogger/Open ID login or the
more private Name/URL option when making comments. Comments using "Anonymous" will not be published. For more info, see choosing an identity.
65 Comments:
Clears up the speculation about whether Wendy reads this blog or not, doesn't it?
She probably has people that do that for her...I would welcome her contribution as a community post at any time. An email to saradelaguerra@yahoo.com could verify that it is her and be posted without comment or edit on my part.
I think that we should ALL claim that it was us and see if she sues us all...how many hits do you get in a day.
Oh tee,hee Sara, I do thinks (just an opinion here, folks) this subpena might be a bit of a ruse to perhaps see if in fact one can subpena the identity that particularly peculiar "anonymous" who first made the "bombshell" comment you refer to in this thread.
You know, like a trial balloon?
Maybe just maybe, that person, hypothetically speaking of course, could learn whether or not one can in fact bust that ISP confidentiality. That might be comforting or discomfiting information to acquire.
So if you can't in fact under a possible hypothetical trial balloon exercise bust the ISP confidentiality then that particularly peculiar "anonymous" could rest assured he/she/it will remain anonymous in perpetuity. Or in pulchitrude. Whatever.
Like, just hypothetically speaking of course, one swore under oath to a federal authority that they were not so-and-so, yet a subpena could reveal that so-and-so was lying under oath because in fact they were so-and-so once the ISP was forced to reveal the true identity.
Where does the law go with that? Craig, where are you now that we need you?
Kind of like Liddy and Martha getting nailed for lying to federal authorities under oath turned out to be big no-no, even though all the rest of their actions were pure as the driven snow.
It certainly does sound like the subpena-ed "anonymous" in question was speaking with inside knowledge ....about something. Or was he/she/it?
I would welcome Wendy too. Things are not all that bad under the new NewsPress - go Travis and hold the line on more housing.
Everyday there is more and more to read of local interest. You go, girl Wendy. It is your paper. But you do want to sell it to our community. (Don't you?)
I went back and looked at the comment, which was:
"The union and ex-employees are VERY paranoid.No one was fired for going to Alcorn's party, or McDonald's. Maybe, just maybe, they were not as good an employee as the people make them out to be. I believe a bombshell of conduct by a former employee, is about to be exposed. It will forever change the way people jump in to protect someone they really do not know on a personal level. The one's who came to the defense of the ex-employee will now be tainted with a stain that can never be erased."
That strikes me as a comment coming from someone tending to be pro-SBNP and anti-employee, so one wonders what the NP has to gain by lurking after this writer. Moreover, I think recent history has proven the writer incorrect, because it is fairly clear that if one is a SBNP employee, one goes to one of these "farewell" gatherings at the risk of one's livelihood, because the NP goons are there taking names and putting you on a "disloyal" list.
Of course, what is truly bizarre -- unless you've been following the paranoia of NP management in this period -- is that the NP is probably taking "bombshell" literally as a threat without any reason to think it is, given the context. That is what the NP does: suppress everyone and whine about loss of its free speech, bully everyone and claim to be bullied, lie about others while falsely claiming to be the victim of lies.
So which dismissal or resignation was the bombshell.....there's been so many since the post. Very anti-climatic. I don't find the post to be terribly revealing or prophetic....but then there have been a so many bombshells since the post....perhaps I am numb from the bombardment.
I hope the resulting information from the subpena results in a public address with no traces to anyone. The pursuit of this information seems childish and similar to this paranoid News Press cabal's own anti-climatic testimony at the NRLB hearings. It just makes me dislike the News Press all the more.
What post was it concerning and what day was it posted?
Won't it be funny if that Jan. 27 "anonymous" they're looking for turns out to be the "yabbadabbadoo" doing after hours pumping! The post certainly read like an "insider" trying to smear Roberts....
I agree with 9:12. Does anyone seriously doubt that the "bombshell" post came from yabbadabbadoo or her mercenaries (yabbadabbadoo x3)?
Wendy and Co. is the only one attacking her staff, and is the only one who stands to gain from these callous maneuvers.
Sorry folks -- had to do a few yabbadabbadoo's as a long standing rule of mine is to not to try to directly identify anonymous commenters...please don't use names to identify the anonymous from 1/27.
Whomever it was -- they have a right to anonymity and there is no use in making allegations as to their identity we can not prove -- no matter how obvious it may be in our own minds.
The post was on 1/27: http://blogabarbara.blogspot.com/2007/01/another-np-employee-fired.html (i'm not linking as it just destrroys the comment area -- please cut and paste)
I thought, at first, it might have something to do with the latest email from BG to mayor fiasco (the post coinciding with those two firings), but then reading the post by 9:12- it makes sense that it could be a trial balloon.
I remember the post and was looking forward to the"expose" that was promised in the post. Perhaps there was nothing to it.
It is interesting to find that "somebody" reads these posts.
Perhaps if "someone" had been reading these posts from the start of this, when the public still had faith and taken some good advice from the public that was offered, maybe, just maybe, things could have been other than they are now.
I now get most of my news via the net. I now get up in the morning and search the net and read the news...Its a change, but i like it now, and I really do not miss the smears and prints from the black ink. Hey and it's all free.... what a great country this is, what's next flying cars? oh wait, they have those now I read it on a news site.
Sara is it ture that Wendy pulled out on the Granada?
This all really needs a techno geek to verify if tracing the identity even is possible with dynamic IP addressing, which is the usual situation.
Also, EFF or others need to confirm if anything like such a subpoena ever has been done, successfully or not.
That seems the real news value here, despite the paranoid absurdity.
Sara-
Your suggestion that:
common, everyday dynamic IP addresses and other anonymizing technologies will usually keep anyone from knowing where you are writing your comments from past your Internet Service Provider.
This is both true and false. I think people need to understand a bit more about what's going on.
Ampersand's obtaining an IP address only leads them to the service provider and general location of the poster. But that IP address won't tie them to the exact individual unless Ampersand subpoenas the service provider - the exceptions being organizations assigned a specific IP address that resolves to their specific domain, which are not residential services.
Every service provider issues an IP address to their customer. If you use a router with DHCP (which everyone should for other reasons), you can still be identified via the IP address your service provider issues to you. But your service provider has to resolve that IP to you. Google has no idea who you are specifically. That IP doesn't necessarily identify you on it's own - the service provider must resolve that information.
This is exactly what the RIAA is doing with regards to their file sharing lawsuits, by the way - with much resistance from the major service providers.
If people are posting from their home, then Ampersand still has an additional subpoena to issue. They might try to do so on certain grounds, but they'll have to deal with bigger corporations than Ampersand. And if the RIAA had problems...
Here's the catch - even if people post from an identifiable IP address, Ampersand still has to subpoena that organization for information as to who that IP address is assigned.
In other words, Google can freely give the IP address. Unless it leads to an immediately identifiable organization, it does Ampersand little good unless they issue an additional subpoena to whomever owns that IP address. If they start doing that, then that's the time to start paying attention.
I am techie not a lawyer, so take that for what it is worth.
Yes but once Ampersand gets the address - how do they "prove" who wrote the comment? Seems to me that's a whole other issue - especially if there is more than one person who occupies the location.
And to boot, the commenter said "I believe....." a qualifier which indicates a personal opinion, not necessarily a statement of fact. dd
(Sara De la Guerra said...
Sorry folks -- had to do a few yabbadabbadoo's as a long standing rule of mine is to not to try to directly identify anonymous commenters...please don't use names to identify the anonymous from 1/27.
Whomever it was -- they have a right to anonymity and there is no use in making allegations as to their identity we can not prove -- no matter how obvious it may be in our own minds.)
Now I know who "yabbadabbadoo" is. Thanks! I had wondered --- and btw, it should be "whoever" in your following paragraph.
Also: for the techie: I suspect they're looking to see if the IP address comes from the NP building/account or other recognizable to Ampersand account. ... Question: does the IP address follow the computer so that, for instance, a laptop were used at another's house, does the IP address become that of the location or remain that of the specific computer?
thanks - wish I knew more how this magic tool that is computer communication worked.
I confess. I’m the one who started the entire conspiracy against the News-Press.
I spiked Travis’s drink and called the cops to catch him driving while under the influence.
It is I who got 40 plus NP journalists and managers to inject bias into their writing.
I got many of the Santa Barbara city council members and supervisors together to plot the demise of Wendy and the News-Press.
I’m the one posting hundreds of notes on the numerous blogs that have sprung up, complaining about the News-Press.
I’m so powerful that I extended this conspiracy to hundreds of newspapers and magazines to get them to write stories about journalistic ethics violations at the News-Press.
I personally got thousands of people to cancel their News-Press subscriptions.
Now I’m working on the NLRB and the courts to enmesh Wendy and the News-Press in this conspiracy.
I admit it, I am omnipotent.
What makes you think Google will give this information up? I would VERY HIGHLY doubt that Google will turn this information over. They stood strong against the US gov't. They understand that the moment they lose the public's trust, Google is over. I'd LOVE to see Wendy attempt to throw her money at them - if you haven't heard, Google has over $11bil in cash on hand and privacy and ethics is something they don't take lightly. If Wendy thinks she can scare them into submission and takes Google on as a personal battle, it WILL be the end of her.
So lets say that the NP is able to garner the IP address from Google and then convince the ISP to disclose the identity of the subscriber.
Even if they are able to do this how will they ever prove that the person who owns that account was the writer and how can they ever prove that any damages were inflicted as a result of this rather benign comment?
This is another very scary example of how corporate interest come before the rights of the individual.
For those of you interested in online privacy please use TOR. It is available for download at www.eff.org and will allow you to voice your opinions with out prejudice or fear or reprisal.
The answer to the IP tracking is NO.
Although each computer that accesses the web now has a MAC Number that is unique to their machine. There are other signatures that can tie a specific machine to a IP and to a Post but these are not always kept in LOGS.
Also: for the techie: I suspect they're looking to see if the IP address comes from the NP building/account or other recognizable to Ampersand account. ... Question: does the IP address follow the computer so that, for instance, a laptop were used at another's house, does the IP address become that of the location or remain that of the specific computer?
The IP address is assigned at the location. My laptop, for example, is assigned one IP address at home and another at work.
Yes but once Ampersand gets the address - how do they "prove" who wrote the comment?
If the IP address came from within the News-Press' own network, I imagine their network administrator could identify the computer it came from by just looking at the IP address. If a computer assigned to a specific individual, then there you go.
>They might try to do so on certain grounds, but they'll have to deal with bigger corporations than Ampersand. And if the RIAA had problems...<
You are probably right but I recall how WM was able to win her divorce settlement by going after others her husband was involved in (Bill Gates).
Wendy: Good job on unsheathing a double-edged sword. If you succeed, wouldn't that mean Nelville's identity is up for grabs?
Mini-lecture on IP:
IP address ( basically a unique number in a special format e.g. 192.168.23.45 ) follows the computer if STATIC and does not if DYNAMIC.
DHCP manages and assigns dynamic addresses. For the vast majority of home users you have a dynamic address.
SO, can you be tracked down and identified by your IP address? Sometimes, but not always. Webservers do log the addresses of visitors, mine does, but I would never ever give out any information without a search warrant.
It's a little complicated and there's a lot more to it, but that may answer the poster's question.
I forget the timing, but could the bombshell have been the time card issue?
"What makes you think Google will give this information up? I would VERY HIGHLY doubt that Google will turn this information over. They stood strong against the US gov't."
Funny, didn't they admit to caving to the Chinese gov't?
I think you have to be obviously commiting a crime like distributing copyrighted material to get an ISP to give up your address. Searching out who's snitching by an employer doesn't seem to come close.
Google has no way of contacting the anonymous commenter and can quite easily take the position that the ISP can make the decision. They can't even know if this commenter is a customer...without someone saying they don't want their identity made known, they have no reason to do otherwise. This is the main reason why I chose to write this post -- you have a right to know.
Techies Galore -- thanks for the IP education!
Hasn't Wendy quieted a bit lately? Fewer restraining orders, attorney's letters, etc.
Is it because her ex Craig is moving to town, and perhaps has spoken to her, or perhaps she is embarassed by her mess up and is withrawing?
DHCP manages and assigns dynamic addresses. For the vast majority of home users you have a dynamic address.
That's not entirely true. Home users are typically assigned a dynamic IP address by your router. But you ISP does assign you a specific IP address that can be traced to your home. To the outside world, all of your home computers are under one IP address given to you by your IP.
This is EXACTLY what the RIAA is doing, by the way. They are issuing subpoenas to ISPs to reconcile individual IP address with the specific customers because of suspected music piracy.
If Ampersand issues a subpoena to the service provider of the IP in question, then people should pay VERY close attention how the service provider responds. If Verizon, or Cox willingly gives up that information, then anyone posting anonymously can be exposed.
SO, can you be tracked down and identified by your IP address? Sometimes, but not always. Webservers do log the addresses of visitors, mine does, but I would never ever give out any information without a search warrant.
That assumes you OWN the computer hosting the site. I pay for someone to host my site. If a suspicious comment appeared on my site, then someone could subpoena my webhost and I would have no say in whether that information was released or not.
So Sara, just what makes you think Google is going to give up information?
If it did, that would be Big News.
Please comment.
Perhaps she is waiting for the NRLB decisions. Does anyone know if the NRLB usually moves this slowly?
Wearing my tinfoil hat here, but has the board been stacked with Bush appointees? Because Wendy's ex is, of course, a huge Bush supporter and his current wife the Bush appointed ambassador to Austria. That is a plum job so I imagine that were some enormous contribution to Bush, perhaps other favors?
After all the corruption so evident in the current administration, it is scary to think it could reach to the NRLB.
One can go to NRLB.gov and write letters. Perhaps we should politely ask how things are going and let them know we are aware.
Would love to see citizen journalists write about the NRLB's current make-up. Is there potential for corruption or is that just paranoia?
John -- I had to deal with the possibility that Google would do the same to me during the recent NLRB hearing and their process is to deliver the information by a certain date unless there is an objection made by the person to which the subpoena is given...thus the need for the help of the Electronic Frontier Foundation. Google is a great company that protects their users -- but I am not sure they would have any reason not to considering they cannot contact the person who made the comment. We will see what happens.
This kind of action is disturbing and would set a bad precedent for our right to privacy -- let's hope Google holds the line.
sa1: I had the same thought about the allegedly "falsified" timecard being the big bombshell that would change everyone's opinion.
I think you may be able to escape identity by using a laptop at the local hotspot (WiFi). Of course you'd probably be videotaped by the security cameras so they could trace you to Starbucks and identify you by timestamp from the video. All a bit Orwellian but the price we pay to keep from being invaded and forced to go to the mosque everyday...
As a longtime software professional and a holder of several network patents, I can tell you that a lot of the claims here about IP addresses are mistaken. For instance, static IP addresses do not "follow the computer", they are associated with the connection. More relevantly, dynamic IP addresses are not significantly harder to trace than static IP addresses because ISP's keep logs of their DHCP assignments;
all they need to know is the time the comment was posted, from which they can determine which of their subscribers was assigned that address at that time. It's true that Ampersand needs to ask the ISP for its records -- just as they would have to with a static address -- but they can't do that until the have the IP address, at which point they surely will. What's alarming here is that any judge would grant a subpoena in regard to a blog comment with no concrete content -- there is no indication here of a crime or of grounds for a tort.
Of course, anonymizers and posting from libraries or internet cafes can keep anonymity, but that's a different issue, and few people do that.
Aside from that, it's ironic that Ampersand is going after NP supporter trolls, but this whole sorry saga has been about lashing out and lack of careful consideration.
sa1 -- a bit over-the-top with the mosque comment? What you could have pointed out is the increased sensitivity in a post 9/11 world is misplaced...
Thanks Marty -- my thought exactly.
That's not entirely true. Home users are typically assigned a dynamic IP address by your router. But you ISP does assign you a specific IP address that can be traced to your home.
People, please don't make claims about these things when you know that you have no expertise in the area and haven't verified your claims. Dynamic IP addresses are not assigned by your router, if you even have a router. A home router running NAT assigns an internal, local address such as 192.168.0.100 to each of your machines (hosts), but the IP address by which you are known to the rest of the world, whether dynamic or static (and it's dynamic unless you're running a server and paying your ISP a lot more), is assigned by your ISP.
Aside from the silly comment about invasions and mosques, sa1 misses the obvious. All one need do is point their laptop at someone's unprotected wifi router, and Ampersand will be going after the wrong party. And there are such routers on just about every block in Santa Barbara, so most people wouldn't even need to leave their homes. If you have a wireless router in your home, be sure to take proper security precautions -- see http://tinyurl.com/4qrev (http://compnetworking.about.com/od/wirelesssecurity/tp/wifisecurity.htm)
Ok, Ok...Sheesh, If it weren't for knee jerk, some of us would have no reaction at all... (Grumbles) "Where's my Xanax?"
"You can run but ya can't hide"
JQB:
You are just confusing folks who don't need the geeky details.
You make a distinction without a difference when you say "static IP addresses do not 'follow the computer', they are associated with the connection."
Your point about the DHCP logs is well taken, if the logs are kept. That would depend on the ISP, though recent Federal incursions into our privacy may affect ISP record-keeping, I wouldn't know.
Lets stay on the message about privacy and intrusion.
Wendy McCaw has shown herself to be a tough and tenacious litigator.
Once she unmasks the "bombshell" poster, don't expect her to quit. Others at BlogaBarbara, the Independent media blog, etc., have posted critical comments and rumors. No doubt Wendy wants to find out who they are, so that she can get information from them or sue them.
This isn't even close to ending. Sara might as well shut down this blog; Wendy will have her number soon enough.
Ampersand most obvious immediate legal exposure was publishing the Cohee/Barnwell personnel matters.
There are still common law tort actions against the invasion of one's privacy and libelous damage to one's reputation.
I would assume there would be ground to sue on these even if there are no federal protections against this misuse of personnel records by private parties.
If Ampersand's full page ad revealing Cohee's personnel records did become the basis of a common law tort action, then it could be critical to determine if this published exposure indeed was the threatened "bombshell" in this blogabara post by anonymous.
Discovering the author of the "bombshell" post could be used to show intentional malice if it were somehow in fact linked to this later Ampersand personnel records publication.
If the two actions were shown to be linked (the publication and the "bombshell" threat), it would present very good grounds for an award of punitive damages as intentional malice, rather than just a negligent publication.
The really delicious element in punitive damages for intentional malice is the damage award has to be subjectively punitive - they have to make that particular offending person "hurt".
They can't be just some meaningless monetary fine that a very wealthy person would laugh off. Punitive damages require investigating the offending defendent's entire net worth and then they are assessed to really economically hurt that particular person's net worth.
Ergo, the identity of the "bombshell" poster becomes critical, if in fact it gets linked to any future litigation that might arise from the Cohee personnel records publication in the NewsPress.
I would assume BOTH sides would want to know who "anonymous" was --if there is a link.
Why is it the only time I get a warning message from Norton that "some one is trying to attack my computer" is when I on this blog? Is this just happening to me?
You are just confusing folks who don't need the geeky details.
Perhaps I am only confusing you.
You make a distinction without a difference when you say "static IP addresses do not 'follow the computer', they are associated with the connection."
No, it is not a distinction without a difference; if you take your laptop from one company with a static IP address to another company with a static IP address, the IP address used by your laptop changes. You claimed that static IP addresses follow the computer whereas dynamic IP addresses don't, but that distinction is simply WRONG. The difference between static and dynamic IP addresses is how long they are assigned to a given account.
Lets stay on the message about privacy and intrusion.
Let's not provide incorrect information or attack people for giving correct information.
Perhaps I am only confusing you.
There is no need for this kind of attitude. John and I merely tried to explain things in a basic sense - not to talk down to people but so they understood what the risks were taking when posting anonymously.
"Enable DHCP" is what most people click on their Linksys or Netgear routers to enable their home networks to work. NAT address might be the correct term for the address, but it's assigned via the DHCP protocol. Completely irrelevant to the conversation at hand BTW. Even I don't think the distinction is important.
You can have static IPs assigned via DHCP. DHCP is a protocol for assigning addresses, but the address at each computer can stay the same. Important distinctions? Not really.
The IP address assigned to me by my ISP might be assigned via DHCP, but I've also had it for six months. I consider it static IP - and any website I have visited in the last six months can be traced back to my router through my ISP. THAT'S THE IMPORTANT POINT THAT PEOPLE POSTING ANONYMOUSLY NEED TO REALIZE.
Let's not provide incorrect information or attack people for giving correct information.
I don't mind being corrected if I make a mistake. I do mind being spoken to rudely, which you clearly have done to both John and myself. I'd rather have manners than "software patents" any day of the week.
I hope that Google sticks to its guns considering of all the Posts on this Blog over the last year regarding the Santa Barbara News Press. The Post on January 27th was the most ambiguous Post we have yet to see. If SBNP is successful, then all the anonymous Posts that were ever posted on BlogaBarbara or any other Blog are subject to exposure. Your free speech and anonymity would be gone forever.
. I do mind being spoken to rudely
The rudeness came from John, who groundlessly claimed that I was confusing people, and your last message, which was extremely rude. Watch for that beam in your eye, as well as for misinforming people -- DHCP does not assign static addresses; the D stands for "dynamic". But tracing doesn't depend upon whether the address is static or dynamic, as I explained before, and indeed that's what people should know.
Last response JQB:
non-geeks ignore this, OK?
Just for the record, static IP addresses are configured on the machine. When it boots, no matter what network its connected to, the driver reads the config and associates the MAC address with the IP address in the config file. If the file says use DHCP then the driver goes out looking for a server who will provide an address instead. I think you are confusing name resolution with IP and MAC addressing. If you think about it, it couldn't work any other way, since your computer might be the only one on the network. If you had to wait for some magic IP server to come on line, you'd never be able to get through the switch to the Internet. And no switches don't give out static addresses either, though some can do DHCP.
###### back on message ###########
Nonetheless, your point about open WIFI accounts is relevant. Anybody could be using your network account, and therefore appear to be you, if you leave it unprotected.
JF
Sara, you might want to take a look at cyberslapp.org, a joint project of Public Citizen, EFF, the ACLU, the Center for Democracy and Technology and the Electronic Privacy Information Center. (CyberSLAPP refers to Strategic Lawsuits Against Public Participation on the internet.) Anonymity on the internet is important and these groups are working to protect citizens' First Amendment rights to anonymous speech.
Perhaps someone from the Lawyers Alliance for Free Speech Rights can issue a motion to quash the subpoena?
jqb
Perhaps I am only confusing you.
LOL - I did actually laugh at that - thanks for brightening my day.
"For the record", blocks of public IP addresses are assigned to ISPs by registries, which have blocks of IP addresses assigned to them by IANA; they are not determined by the contents of config files on individual computers. You cannot put some random IP address into your config file and then connect via your ISP; the ISP won't allow it, and if it did, responses couldn't make it back to your computer because there's no record in any router that your computer is associated with that address. Your static IP address cannot follow your machine, any more than your street address can follow you when you leave the house; the point of the address is so that packets sent to that address can find your machine out of all the machines on the internet, and in order to do that, the address must be associated with a fixed location, not with a movable machine. That's done via the router tables in the routers on the backbone of the internet, which know how to direct addresses in large blocks that are assigned to various organizations (sort of the way zip codes are assigned to large areas); the only information about where your specific machine is, whether your IP address is static or dynamic, is in the routers of your ISP. Things are different for routing private addresses on a local network, where ARP is used to associate IP and MAC addresses.
"Nonetheless, your point about open WIFI accounts is relevant. Anybody could be using your network account, and therefore appear to be you, if you leave it unprotected."
I'm not exactly sure what "network account" refers to here. The point is that, if you leave your wifi router unprotected, anyone can use it, and any traffic they send will use your router's IP address -- the one assigned to it, via DHCP, by your ISP, and that is associated with your account at that specific time according to the ISP's logs. The user could be a neighbor or anyone driving by on the street, so I strongly advise people to follow the security guideline I posted.
I feel like I am moderating Slah Dot today (News for Nerds. Stuff that Matters!).
Let's get back on track here for the majority of our readers who get the point but not the subtleties -- I actually am interested and appreciate the discussion but am not clear most of our readers are.
Thanks though for the thorough coverage of the mysteries of DHCP!
Happy to report my mother has cancelled her NP subscription after over 20 years of continuous service. She is now looking for the Daily Sound in Carpinteria, anyone know where she can get one?
Sara, you've done a great job maintaining this Blog and it would be a shame to have the comments both good and bad in a strangle-hold due to a subpoena for anonymous blogger. Maybe you can step up to the plate and contact one of the groups who have helped you protect your anonymous blogging fanbase. What typically happens in these situations is everyone thinks the other guy is going to do it. Maybe you or one of your appointees can make that call to the people listed by Liam at 5:59 p.m. I think his ideas are sound and valid and no matter where you fall on the side of the issues at hand we all have the common goal of freedom of speech and protection.
8:22 PM -- I completely agree and I think it was important to give the commenter in question an opportunity to contact their own lawyer or the EFF. Let's see what happens over the next couple of days and I may be able to report more on my and others efforts. Clearly, there are a lot of people that care about this and part of my intention is to make sure whatever can be done is done.
Sara, my primary point has been that, contrary to what your post seemed to imply, dynamic IP addresses don't provide any additional protection. As one commenter noted, they have had the same IP address for six months despite using DHCP; while their IP address is, according to the technical terminology, "dynamic", it is for all practical purposes static.
Another point, put simply, is that when a packet destined for your IP address is sent from, say, Timbuktu, it has to get to your computer somehow, and the way that happens is akin to how a letter goes to a street address by first being routed to the US, then California, then Santa Barbara, then to your letter carrier and finally to your house. It can't "follow" you as you move from house to house.
This seems worth explaining, not just because it's helpful if users of the technology have some understanding of it, but because someone explicitly asked "does the IP address follow the computer so that, for instance, a laptop were used at another's house, does the IP address become that of the location or remain that of the specific computer?" The answer is simple -- the IP address is based on the location, not the specific computer.
Someone confused the issue by adding the geeky detail that the IP address "follows the computer if STATIC and does not if DYNAMIC", and when I pointed out that the geeky detail was incorrect, he (rudely) accused me of confusing folks by getting into geeky details, sigh.
Happy to report my mother has cancelled her NP subscription after over 20 years of continuous service.
Yay!
She is now looking for the Daily Sound in Carpinteria, anyone know where she can get one?
Well, the on-line version, http://www.dailysoundonline.com/, is quite good if she's running Internet Explorer (6.0 or up) and has at least 1024x768.
Didn't mean to imply that jqb -- you are, of course, right. They can basically find you if they want to unless you do another level or two of protection...
Hi Anon 8:12.
You can visit our Web site at
http://www.santabarbarafree.com/distlist.htm
for a complete list of drop off locations
Jeramy Gordon
Thank you, jqb, for clarifying. I wish there were a course or book understandable by non-geeks about how online connections/e-mail/routers/, etc. work. Perhaps City College has such a course, although I think kids no learn it in elementary school (or should!)
And Jeramy, when will you web site have Mac access? :)
...if her readers knew her identity. “My readers would certainly relate to my posts differently and it would create an entirely different dynamic,” De La Guerra said.
C'mon Sara, admit it, your a 14 year old boy. Ha Ha Ha I actually read a book by Orsen Scott Card with that plot.
If anyone is concerned or paranoid, this should help:
http://www.torrify.com/
Download and intsall Torpark on your computer. If I connect through that, I usually get an IP address from somewhere in Eastern Europe. It's funny when you go to Google and get the localized homepage. That's when you know it's working.
Post a Comment
<< Home