If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Boing Boing)   IP≠ID   (boingboing.net) divider line 97
    More: Obvious  
•       •       •

13826 clicks; posted to Main » on 23 Jan 2014 at 9:08 AM (31 weeks ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



97 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

First | « | 1 | 2 | » | Last | Show all
 
2014-01-23 10:36:31 AM
Am I the only one that read that as "IPAD" ??

Time for new glasses.
 
2014-01-23 10:36:49 AM

skozlaw: I don't think at this point law enforcement is as technically unsophisticated as you believe them to be. The courts are still lagging, but I think law enforcement, as a rule, has embraced technology to a great extent and most police forces staff or have access to people who know what they're doing and where to look for evidence in computer crime cases.


Law ENFORCEMENT? Sure, they'll always have the latest and best toys - like an APC to bust up a high school kegger or full-squad riot gear to serve a no-knock warrant on a pair of pot smokers.

LAW (as in "judges and case law")? Hell no. The law against "hacking" is an offshoot of a 1986 law (or maybe I'm thinking specifically about "hacking" e-mails?), our laws against "wiretapping" date from the 60s, and legislatures are filled with over-50s whose idea of "tech savvy" is "downloading and installing apps to their smartphones without help".
 
2014-01-23 10:38:20 AM

skozlaw: DoBeDoBeDo: Hell PCI-DSS requires logs for 90 days even though the typical breach takes place 200+ days prior to being discovered according to the latest Verizon Data Breach report.

That must be what the goal was, 90 and we doubled it so HR could have a trail for its own nefarious purposes.

That said, bear in mind that the cops can also get court orders while they're still investigating that obligate you to hold records indefinitely if they know they'll need something, but don't know exactly what they'll need just yet.


I'm totally aware of that, the problem you'll find is that ISPs take time and/or often fight the subpoena to turn over who had what IP at what time if you are running behind a dynamic IP from your ISP, which is not likely but can happen with smaller companies.   Which is really what THIS particular fight is about.

In my case it was just that the lawyers spent time debating what was and what was not "improper contact" and the judge wouldn't issue a subpoena until they got it figured out.   So by the time I got the paper I just looked at the detective and shrugged.
 
2014-01-23 10:42:28 AM
I browse from 169.254.0.1, biatches
 
2014-01-23 10:42:48 AM

Carn: CapeFearCadaver: ≠

yay!

Here's a list if you want to play with more characters (not equal is on the math page).  We need to have cooler characters like Þ and Ü and æ in english


Want So much, just don't have any use for it.   þ.com/

:þ
 
2014-01-23 10:49:22 AM

Dr Dreidel: LAW (as in "judges and case law")? Hell no. The law against "hacking" is an offshoot of a 1986 law (or maybe I'm thinking specifically about "hacking" e-mails?), our laws against "wiretapping" date from the 60s, and legislatures are filled with over-50s whose idea of "tech savvy" is "downloading and installing apps to their smartphones without help".


I blame the lawyers. Most judges and lawmakers were or are lawyers and lawyers are some of the least technically competent people on the planet. There just seems to be this prevailing attitude among them that technology is a "nerd" thing and they want nothing to do with it. Basically, an "I don't care what it is or what it does, just make it work like I want when I push a button and then go away" sort of thing. Naturally when cases involving technology come before them, then, they're at a huge disadvantage. And, of course, many of them seem to be incapable of admitting they don't know something so they too often rule from a position of complete, abject ignorance.

I certainly don't disagree with any of that, but the discussion at hand started with a claim about how law enforcement might act in a particular situation, so that's how we got where we did in my last post.

DoBeDoBeDo: In my case it was just that the lawyers spent time debating what was and what was not "improper contact" and the judge wouldn't issue a subpoena until they got it figured out. So by the time I got the paper I just looked at the detective and shrugged.


Yea, that's probably how I'd react to. "Sorry, wish I could help you... but it's your problem now."
 
2014-01-23 10:50:11 AM

Shryke: I browse from 169.254.0.1, biatches


LAN party!
 
2014-01-23 10:51:13 AM

StrangeQ: And then even if you decide to go a step farther and setup MAC address filtering, someone with even more time, inclination and again the proper software will still be able to crack it.


Hell if you just setup MAC filtering I could be inside your network in a minute.  Find out what MACs are connected to your router.  Make my MAC your MAC, disconnect your MAC and then quickly connect my device.
 
2014-01-23 10:54:55 AM

StrangeQ: Good.  Even if you setup a password on your wifi network, with the time, inclination and proper software will be able to crack it.  And then even if you decide to go a step farther and setup MAC address filtering, someone with even more time, inclination and again the proper software will still be able to crack it.


Here's what you do... make a random senseless password. at least 16 characters would suffice... For my network password, it was tested that it would take a desktop PC about 5 quintillion years to crack. Main thing, don't use words/dates/times, cause then it would be easy to crack. Mine, literally the only good method that would work would be brute force.
 
2014-01-23 10:59:18 AM

Primitive Screwhead: Cortez the Killer: 127.0.0.1

There's no place like home!


That's where my hosts file redirects all those bad poo-poo heads.
The list must be three miles long by now

127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net #[Dialer.Aconti]
127.0.0.1 am1.activemeter.com/

yada yada
 
2014-01-23 11:06:26 AM

dragonchild: rev. dave: Dynamic IP addresses, how do they work?

Dynamic IP is the least of the problems.  With IP4 address depletion there are NATs out there with thousands of end users behind them.  You could be working at an office with hundreds of co-workers and if one idiot like the boss' nephew embezzles money or downloads kiddie pr0n the "IP=ID" means the cops can bust just about anyone they want and the trial would be just a formality.

Freedom dodged on hell of a bullet with this ruling, but unfortunately it's just one round out of a very long belt.


No, because the cops that work on these cases are not entirely clueless and  know your company would more than likely have logs on the firewall that show who accesses the Federal Reserve's mainfram at 02:14:04 last tuesday, just seconds before all the funds were transfered to an overseas bank.

I have had to work with the cops on a few occasions in cases like this, and they proved to be very knowldegeable and know what the technology can and can not do, so they don't issue a warrant for the 117 people who were accessing hotmail from the office during those 3 minutes prior to an e-mail confirming a drug deal shipment was sent to an undercover operative.

Also, a large corporation will have lawyers on the case as soon as the cops call.

Which is not the case when your 14 year old neighbor uses your unprotected wifi access to download pr0n, and the lawyers suing for copyright infrigement know this, that's why they're going against individual users, and not large companies.
 
2014-01-23 11:21:19 AM

Carn: CapeFearCadaver: ≠

yay!

Here's a list if you want to play with more characters (not equal is on the math page).  We need to have cooler characters like Þ and Ü and æ in english


thorn is an (old) english character.  would be nice to have it in new english though.
 
2014-01-23 11:24:05 AM

Carn: CapeFearCadaver: ≠

yay!

Here's a list if you want to play with more characters (not equal is on the math page).  We need to have cooler characters like Þ and Ü and æ in english


You know who else used unlauts?
 
2014-01-23 11:26:10 AM

pute kisses like a man: I agree with the ruling. However, isn't there someway, through discovery, to find more information about who did the downloading?


There would have been, but under the Supreme Court's ruling in Iqbal, you have to allege sufficient facts in the complaint to have a plausible cause of action, not just a possible one. Here, they weren't able to plausibly claim that the defendants operated the torrent client, just that it was possible that they did, so they don't have sufficient facts in the complaint to even get to the discovery stage.

It's actually a pretty big Catch 22 - you need to have the incriminating information before you can get a court order to search for the incriminating information. I'd look for Iqbal to be narrowed at some point in the future, particularly because it was a 5-4 decision.
 
2014-01-23 11:47:54 AM

MadMattressMack: Carn: CapeFearCadaver: ≠

yay!

Here's a list if you want to play with more characters (not equal is on the math page).  We need to have cooler characters like Þ and Ü and æ in english

You know who else used unlauts?


Mötörhead?
 
2014-01-23 11:58:57 AM

flamark: Am I the only one that read that as "IPAD" ??

Time for new glasses.


--
I saw "iPAID" -- thought it was some kind of Apple lawsuit settlement.
 
2014-01-23 12:16:41 PM

CapeFearCadaver: Wait wait wait. How did you get the 'does not equal' sign?


www.sipree.com
 
2014-01-23 12:18:06 PM

StrangeQ: Good.  Even if you setup a password on your wifi network, with the time, inclination and proper software will be able to crack it.  And then even if you decide to go a step farther and setup MAC address filtering, someone with even more time, inclination and again the proper software will still be able to crack it.


Or a frikkin'  pineapple with antennas.
 
2014-01-23 12:42:22 PM

StrangeQ: Good.  Even if you setup a password on your wifi network, with the time, inclination and proper software will be able to crack it.  And then even if you decide to go a step farther and setup MAC address filtering, someone with even more time, inclination and again the proper software will still be able to crack it.


Dude: we must've had a class together. Right after my first networking/security teacher introduced himself (circa 1996), he states, "Computer security does not exist. The safest computer is unplugged and buried in six feet of concrete. What I mean by that is that anyone with the time, resources, and motivation will get whatever access and data they want."

So I guess the first rule of computer security...?
 
2014-01-23 12:44:00 PM

MadMattressMack: Carn: CapeFearCadaver: ≠

yay!

Here's a list if you want to play with more characters (not equal is on the math page).  We need to have cooler characters like Þ and Ü and æ in english

You know who else used unlauts?


Hanz and Franz?
 
2014-01-23 12:46:29 PM

Marcus Aurelius: About god damned frigging time.


It's actually about the hundredth time. My IP's been subpoenaed and I've written successful motions to quash the subpoena -- I've even sent copies to other Farkers before, and someone once bought me a year of TF for it. Anyway, I cited a few dozen cases where the judges ruled that IP alone was insufficient to prosecute. I could dig them up if someone really needs the cases. 

barefoot in the head: Ergo:

If someone gets in an accident while driving my car


Except if you didn't report your car stolen there's every reason to expect you'd either be in control of it or could ID who did. The same kind of thing is why piracy is not equal to theft: someone getting a free copy of a movie doesn't deprive anyone else of that movie, and someone jacking into my Wifi wouldn't deprive me of its use, nor would I know that it happened. Someone taking your car for a spin, however, means you don't get to drive your car.
 
2014-01-23 12:51:33 PM

MadMattressMack: Carn: CapeFearCadaver: ≠

yay!

Here's a list if you want to play with more characters (not equal is on the math page).  We need to have cooler characters like Þ and Ü and æ in english

You know who else used unlauts?


Tiësto
 
2014-01-23 01:24:29 PM

dragonchild: This is the same legal system that decided a company with a monopoly on the consumer OS market wasn't being anti-competitive by bundling its software on said OS.  Does it defy logic?


If you are referring to the Microsoft anti-trust suit, then no, it doesn't defy logic, it defies the fact.

Microsoft was found guilty of anti-competitive behavior.
 
2014-01-23 01:49:12 PM

Theaetetus: pute kisses like a man: I agree with the ruling. However, isn't there someway, through discovery, to find more information about who did the downloading?

There would have been, but under the Supreme Court's ruling in Iqbal, you have to allege sufficient facts in the complaint to have a plausible cause of action, not just a possible one. Here, they weren't able to plausibly claim that the defendants operated the torrent client, just that it was possible that they did, so they don't have sufficient facts in the complaint to even get to the discovery stage.

It's actually a pretty big Catch 22 - you need to have the incriminating information before you can get a court order to search for the incriminating information. I'd look for Iqbal to be narrowed at some point in the future, particularly because it was a 5-4 decision.


Farking Iqbal. Yeah, totally makes sense. I wasn't thinking like a lawyer, more like a relatively lay person interested in the works of networks, etc.

I've spent too much time dealing with state court judges that let everything and anything fly. Would that many of my cases could be removed. Farking state courts.
 
2014-01-23 01:55:42 PM

Scrotastic Method: Marcus Aurelius: About god damned frigging time.

It's actually about the hundredth time. My IP's been subpoenaed and I've written successful motions to quash the subpoena -- I've even sent copies to other Farkers before, and someone once bought me a year of TF for it. Anyway, I cited a few dozen cases where the judges ruled that IP alone was insufficient to prosecute. I could dig them up if someone really needs the cases. 

barefoot in the head: Ergo:

If someone gets in an accident while driving my car

Except if you didn't report your car stolen there's every reason to expect you'd either be in control of it or could ID who did. The same kind of thing is why piracy is not equal to theft: someone getting a free copy of a movie doesn't deprive anyone else of that movie, and someone jacking into my Wifi wouldn't deprive me of its use, nor would I know that it happened. Someone taking your car for a spin, however, means you don't get to drive your car.


It's theft without larceny.
 
2014-01-23 02:02:52 PM

CFitzDE: It's theft without larceny.


Hey look, we found Cary Sherman's Fark account.
 
2014-01-23 02:06:51 PM
 
2014-01-23 02:49:39 PM
Don't pull out the confetti just yet. The RIAA and there little friends will this till they find the "right" judge.
 
2014-01-23 02:52:35 PM

lilbordr: [www.fullhdwpp.com image 850x478]


localhost?
 
2014-01-23 02:55:08 PM
I'm sure there would have been a different outcome if the 'plaintiff' had been Disney or some other big studio.
 
2014-01-23 03:46:14 PM

flaminio: Vertdang: 867.5.3.09

Won't work; the numbers have to be less than 256. So:

86.75.30.9

Would be cool. Also:

Jenny's Constant = (7^(e-1/e)-9)*pi^2


Huh, it looks like Jenny lives in France...
 
2014-01-23 03:55:36 PM

Uchiha_Cycliste: MadMattressMack: Carn: CapeFearCadaver: ≠

yay!

Here's a list if you want to play with more characters (not equal is on the math page).  We need to have cooler characters like Þ and Ü and æ in english

You know who else used unlauts?

Tiësto


Nope, Mötley Crüe
 
2014-01-23 04:03:43 PM

MadMattressMack: Uchiha_Cycliste: MadMattressMack: Carn: CapeFearCadaver: ≠

yay!

Here's a list if you want to play with more characters (not equal is on the math page).  We need to have cooler characters like Þ and Ü and æ in english

You know who else used unlauts?

Tiësto

Nope, Mötley Crüe


it doesn't mean those silly dots?
 
2014-01-23 04:05:15 PM

KyDave: StrangeQ: Good.  Even if you setup a password on your wifi network, with the time, inclination and proper software will be able to crack it.  And then even if you decide to go a step farther and setup MAC address filtering, someone with even more time, inclination and again the proper software will still be able to crack it.

Dude: we must've had a class together. Right after my first networking/security teacher introduced himself (circa 1996), he states, "Computer security does not exist. The safest computer is unplugged and buried in six feet of concrete. What I mean by that is that anyone with the time, resources, and motivation will get whatever access and data they want."

So I guess the first rule of computer security...?


He definitely has a point.  I work cyber security for DoD and the assumption is that the chinese and iranians have already breached our networks.  The goal is containment so as to limit the damage they can do.
 
2014-01-23 04:06:26 PM

The_Time_Master: lilbordr: [www.fullhdwpp.com image 850x478]

localhost?


I must have spent too much time with cisco products.  I read that as loopback.
 
2014-01-23 04:26:31 PM
The future is ::1

/Any year now
 
2014-01-23 05:18:11 PM

Uchiha_Cycliste: MadMattressMack: Uchiha_Cycliste: MadMattressMack: Carn: CapeFearCadaver: ≠

yay!

Here's a list if you want to play with more characters (not equal is on the math page).  We need to have cooler characters like Þ and Ü and æ in english

You know who else used unlauts?

Tiësto

Nope, Mötley Crüe

it doesn't mean those silly dots?


Nope, those silly dots are a diacritic properly called diaresis.
 
2014-01-23 05:18:26 PM
Next you're going to tell me that my car isn't me!
 
2014-01-23 07:19:19 PM

BitwiseShift: Primitive Screwhead: Cortez the Killer: 127.0.0.1

There's no place like home!

That's where my hosts file redirects all those bad poo-poo heads.
The list must be three miles long by now

127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net #[Dialer.Aconti]
127.0.0.1 am1.activemeter.com/
yada yada


Oh, yah, mon. And I ran a local web server with the default home page of a pirate flag.

That sucker was ALL OVER the page.
 
2014-01-23 07:36:44 PM

Carn: CapeFearCadaver: ≠

yay!

Here's a list if you want to play with more characters (not equal is on the math page).  We need to have cooler characters like Þ and Ü and æ in english


Æ is great.  All my game character names and gamertags have it when it's allowed, otherwise I have to resort to AE, uck..

Æsthetically pleasing.

/I blame Æon Flux for my infatuation with it.
 
2014-01-23 07:37:53 PM
//via Liquid Television
 
2014-01-23 08:11:22 PM

dragonchild: It scares me that a decision based on such an obvious fact causes me to sigh with great relief.


Just wait....
 
2014-01-24 05:28:05 AM

Cortez the Killer: Carn: It shows your IP as 192.168.0.2 127.0.0.1, looks like we've got our child rapist.
Fixed


What? Are you all cavemen?

::1
 
2014-01-24 08:37:10 AM

People_are_Idiots: StrangeQ: Good.  Even if you setup a password on your wifi network, with the time, inclination and proper software will be able to crack it.  And then even if you decide to go a step farther and setup MAC address filtering, someone with even more time, inclination and again the proper software will still be able to crack it.

Here's what you do... make a random senseless password. at least 16 characters would suffice... For my network password, it was tested that it would take a desktop PC about 5 quintillion years to crack. Main thing, don't use words/dates/times, cause then it would be easy to crack. Mine, literally the only good method that would work would be brute force.


That's not the kind of cracking I'm talking about.  Brute forcing a password is inefficient and in most cases impossible.  But on a wifi network, all you have to do is sit and listen to over the air packets and eventually you can deduce what the network password is as well as the addresses of every device wirelessly connected to the network.
 
2014-01-24 11:15:14 AM

StrangeQ: People_are_Idiots: StrangeQ: Good.  Even if you setup a password on your wifi network, with the time, inclination and proper software will be able to crack it.  And then even if you decide to go a step farther and setup MAC address filtering, someone with even more time, inclination and again the proper software will still be able to crack it.

Here's what you do... make a random senseless password. at least 16 characters would suffice... For my network password, it was tested that it would take a desktop PC about 5 quintillion years to crack. Main thing, don't use words/dates/times, cause then it would be easy to crack. Mine, literally the only good method that would work would be brute force.

That's not the kind of cracking I'm talking about.  Brute forcing a password is inefficient and in most cases impossible.  But on a wifi network, all you have to do is sit and listen to over the air packets and eventually you can deduce what the network password is as well as the addresses of every device wirelessly connected to the network.


You would still need to have some form of software to find (A) the MAC addresses, and (B) the password.
 
2014-01-24 11:59:42 AM

People_are_Idiots: StrangeQ: People_are_Idiots: StrangeQ: Good.  Even if you setup a password on your wifi network, with the time, inclination and proper software will be able to crack it.  And then even if you decide to go a step farther and setup MAC address filtering, someone with even more time, inclination and again the proper software will still be able to crack it.

Here's what you do... make a random senseless password. at least 16 characters would suffice... For my network password, it was tested that it would take a desktop PC about 5 quintillion years to crack. Main thing, don't use words/dates/times, cause then it would be easy to crack. Mine, literally the only good method that would work would be brute force.

That's not the kind of cracking I'm talking about.  Brute forcing a password is inefficient and in most cases impossible.  But on a wifi network, all you have to do is sit and listen to over the air packets and eventually you can deduce what the network password is as well as the addresses of every device wirelessly connected to the network.

You would still need to have some form of software to find (A) the MAC addresses, and (B) the password.


Link
 
2014-01-24 01:59:52 PM

CapeFearCadaver: Wait wait wait. How did you get the 'does not equal' sign?


It's easy.  Just hold compose while typing "/=" without the quotes.  Offer not valid on operating systems stuck in the 1980s.
 
Displayed 47 of 97 comments

First | « | 1 | 2 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report