If someone wants to locate someone who has posted on a board like this, can they do it?
What are the legal and technical blocks to overcome?
Who, if anyone, can do it? A computer hacker? A detective? Local police with a warrant? The FBI?
Thanks.
Before this board’s recent upgrade, there used to be a link at the bottom of each post which read “IP: logged.” This was so that an Administrator (or Moderator?) could see the IP address that was used to post that message. I suppose they still see the link but we don’t.
Once the site has obtained a poster’s IP address, my understanding is that if there is any probable cause to investigate, they can report the post and IP address to the authorities who can then subpoena the user’s ISP to reveal the name and address of the poster.
In order for a hacker to get the IP address, they’d have to log in as someone who has access to that information. I don’t know if there is any covert way to go from IP address to name and physical address though.
And if you’re a subscriber, the Reader’s likely got your name.
Related phenomena that occur over time are the voluntary and quasi-voluntary surrender of anonymity.
Voluntary surrenders happen when people meet at Dopefests, correspond via email, reveal their real names in postings, or some such. Not every instance of the above results in people knowing who you are, but often enough it does.
Quasi-voluntary surrenders are the aggregate result of personal information revealed in your posts. Once again, this does not necessarily apply universally. But once you’ve posted here a thousand times, you’ve likely dropped enough personal info (age, gender, occupation, where you went to school, where you live, what kind of car you drive, first name, etc.) that a determined investigator probably could establish your identity.
Well without getting into the uber-technical details, it goes something like this:
You IP address is basically how the little bits of data on the internet find their way to your computer. If they can find your computer, then so can big brother. Here’s how:
First they need your IP address, which is pretty easy to get. For example mine (at the moment) is 64.26.163.185
Then a trace of that IP address shows who that IP address belongs to. Run a command prompt and type >tracert 64.26.163.185 and you should see my ISP pop up (magma.ca) at the end of all the hops
So now time and date becomes important because the ISP dishes out IP addresses dynamically, so you don’t always get the same one. Here is where big brother steps in and says ‘Hey Magma, I want to know which user account was assigned IP 64.26.163.185 on April 23rd at 9:34PM EST’. If they give out that information, they can find out the phone number that dialed in, and next thing you know they are at your door.
Luckily most ISP wont give out that sort of information without a warrant. Except of course, many Americans can probably see where the Patriot Act is gonna come in here…
Apart from things that you reveal about yourself on this board, let’s talk about technological methods of finding you.
Well, even without that link, a person with access to the Reader’s machines can find out what your IP number is, or at least what the IP number of your firewall is. A person with the requisite legal authority could force the Reader to give them the IP number. A person without access to the Reader’s machines who can hack in could also possibly determine your IP number.
A person without access to the Reader’s machines and who is unable to hack into their machines could have a device called a packet sniffer somewhere in the path between your machine and the SDMB server. Since we are all sending our messages in plaintext across the net, a person with reasonable competance could figure out that some packets caught by the sniffer were sent to you or from you. From the packet headers, one could again get your IP number.
Once a person has your IP number, they can determine what ISP you use and an approximate location as to where you live. Definately the state, probably the city, possibly even the neighborhood.
Alternatively, someone could determine what your email address is, via legal or illegal methods as noted above. From that, they can determine your mail host. If they can gain access to your mail host, or can place a packet sniffer near your mail host, they can read your email.
Note that these things are not trivial.
My understanding is that so-called “anonymizer” software–something I saw at Costco last week–allows Net surfers to completely hide their tracks and identity. True?
I thought that IP addresses were allocated in blocks? You share your IP address with several hundred other people in your neighbourhood. So you can’t get someone’s home address and phone number from an IP adress. All you can do is narrow it down to a few hundred (at best).
That’s what I thought. Am I wrong?
If it’s software that only sits on your machine and uses your existing ISP’s proxy, no, it’s not true. If it’s software that establishes a link via an anonymous or protected proxy, then essentially yes.
Well I may be wrong but I don’t think so. Think of an IP address as your computer’s identity (albeit temporary) on the internet. The internet packets need to know where to go right? That is how stuff you click on ends up in your browser.
Sure, an ISP is given a block of addresses, but when you connect via dial-up or whatever, your PC is given an address. Now at this point, only the ISP knows who that address has been given to and there are no street addresses or phone numbers involved. But if someone (NSA, FBI, BATF, I dunno) wants to track you down, they need the IP address and the date and time they recorded that address, AND the cooperation of the ISP to provide account details.
So if you want to do something really illegal on the internet (not suggesting you do), I’d use a PC at the local library, or maybe at your brother-in-law’s place.
An anonymous proxy acts like an event horizon - once you go through it you can’t easily be traced back. Especially if it’s located somewhere like Austria or Eretria. Oh, there are ways to dig past them, and you can use client-side exploits that send critical data back out, but they’re messy and don’t work 95% of the time. Sometimes, however, you can trick a person into running a Java app on their end that can leverage a Windows exploit to send all sorts of data back out through a high-numbered port.
Are ISPs obligated to log the allocation of IP addresses? I would think it would be in the best interest of the ISP to have a standing policy against logging this info, in order to avoid EVER having the data subpeonaed. Many companies have similar policies in place regarding physical documents (“document retention policies”), why not ISPs?
For one thing, because some ISPs want to catch the lawbreakers, too. Often, a lawbreaker using an ISP will cause the ISP trouble directly or indirectly, as well. They don’t have the authority to send anyone to the slammer, but they might be perfectly happy to help someone else do so.
ISP keep this information for billing purposes, but sure, I imagine they do it to cover their ass as well. Not sure how far back stuff like this is kept but if I know one thing its that electronic information NEVER dies. Short of a massive EMP blast, I’d count on all those records existing somewhere, in someform, on a disk, or tape, or data crypt somewhere…
They aren’t obligated, but I’ve never seen one that didn’t. It works to protect them as well.
And the vast, vast majority of ISPs don’t care at all about privacy - only being sued for violating privacy outside of the law. If you have a Court order or a subpoena, they typically (with some exceptions) turn over the records as fast as they can burn a DVD.
Slight Hijack:
In the BBQ pit, we discussed, SDMB Subscriptions: Protecting anonymity, in the context of the Board’s recent decision to charge for posting.
For those who use VPNs/anonymous proxies, I believe that traffic analysis can also determine the user’s IP number, given enough data. This would work especially well if the proxy was in a different country than the user, since there are only a limited number of gateways between different countries.