Do you have adblock enabled?
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Torrent Freak)   Florida judge rules that IP addresses are not equivalent to social security numbers   (torrentfreak.com) divider line 137
    More: Obvious, Internet Provider, IP addresses  
•       •       •

6621 clicks; posted to Main » on 25 Mar 2014 at 1:14 PM (1 year ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



137 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread

First | « | 1 | 2 | 3 | » | Last | Show all
 
ZAZ [TotalFark]
2014-03-25 03:31:25 PM  
worlddan

Judges are fighting back against bulk lawsuits because they interfere with more important business. This case feels like the judicial equivalent of jury nullification: a legally wrong decision that the decision maker felt was justified by circumstances. A different judge demanded a separate filing fee for each defendant to deter bulk lawsuits. That one was following the rules.

Judges are not fighting back against the principle of suing over not-for-compensation distribution. Or, rather, they said they thought damages should be five figures instead of six but the appeals courts reversed. The two main precedents agree that juries can hear about billions in lost profits and rule accordingly. (Thomas and Tenenbaum)
 
2014-03-25 03:33:53 PM  
Good ruling.     it about time Judges start realizing this fact.
 
2014-03-25 03:37:21 PM  

ZAZ: Judges are not fighting back against the principle of suing over not-for-compensation distribution. Or, rather, they said they thought damages should be five figures instead of six but the appeals courts reversed. The two main precedents agree that juries can hear about billions in lost profits and rule accordingly. (Thomas and Tenenbaum)


Yeah, although I believe they're wrong there... They're relying on the RIAA's interpretation of "willful" as "knowing or intentional" (understandably, since neither Thomas nor Tenenbaum ever disagreed with it), but I don't think that's correct. I believe that was Congress intended was something more like "malicious" or "for personal profit", like "willful" is interpreted in trademark infringement. But the RIAA certainly isn't going to suggest it, and if the defense never argues that they're wrong, then the judge has nothing to go on.
 
2014-03-25 03:37:26 PM  

Theaetetus: Barfmaker:You could certainly track the IP but let's say it's a Starbucks. It's not reasonable or even possible to keep track of everyone who is using it.

All I'm saying is that the metaphor of the red light camera doesn't apply, a car owner reasonably knows who is driving their car, an IP address owner may not.

Not at all. Every person who uses the car has to get the keys from you, right? Every person who uses your WiFi network has to get an NATed IP address from your router, right? And they even provide their ID, in the form of a MAC address. And, even better than the car, your router can log each and every packet to/from that NATed IP or MAC address - so you know exactly when they started sharing "Sexy Librarians 14".

Do you know their name? Probably not. Can you nonetheless provide identifying information via that MAC address that implicates them, rather than you, as the infringer? Absolutely. And the logs can be very tiny, particularly compared to how cheap storage space is now.

Hence, a person with an open access point should be able to easily rebut any accusation of copyright infringement, if they're not actually the infringer.

Your best counterargument is that the person isn't currently collecting detailed logs. And that's true, and why these cases are getting dismissed, but that's one of the things that will have to change as a result of these court decisions and the likely changes to the law that will result. It will not be a loophole forever.


You're talking about running a sniffer on the router's internal iterface, like tcpdump, capturing up to the IP headers, dumping it to a file, then correlating the infringing address with a machine's MAC. Not every router has a sniffer built in. And since this is all on the user's end, what's the prevent them from falsifying the logs?

Unless ISPs mandate only a certain category of router can operate on their network, one that captures internal traffic headers and forwards them to the ISP in a secure manner, I don't see how this is feasible to legislate.
 
2014-03-25 03:38:45 PM  

Theaetetus: But, on the other hand, the IP address is also tied to a particular modem or gateway at a particular time. Such as Starbucks' modem, smaller businesses' modems, hotels' modems, public spaces with free Internet provided by some organizations' modems, etc. There's some one point those communications are going through, and someone with control over that point... hence, equivalent to ownership of the car, even if you rent or loan your car out freely to others.


Theaetetus: But not with another MAC address on the same network, because then the router will not know where to send them. And if your point, as the owner of the access point, is to show that the infringing packets didn't come from  your computer, then it's irrelevant if they came from a real or spoofed MAC address, as long as it doesn't match yours.

Pfff, anyone  can detect if their wifi is being hijacked. Most people don't bother looking or don't know how. Again, that will be something that will change, once the law starts blaming you for anything that happens with your wifi router unless you can prove it wasn't you. Ignorance won't be a defense.


Theaetetus: Oh, I'm not using it in that way. As I said above, it's tied to a modem or gateway, which may be NATting for a whole pile of computers.


OK, hopefully this is quoting enough of you that you'll feel validated.

You look like a lawyer discussing how networking works. Each and every idea you've put out here is something that represents either a barrier that's simple to work around, or- especially in the case of MAC filtering- something that generally creates a larger security risk than it solves.
 
2014-03-25 03:39:52 PM  
beer4breakfast:
You're talking about running a sniffer on the router's internal iterface, like tcpdump, capturing up to the IP headers, dumping it to a file, then correlating the infringing address with a machine's MAC. Not every router has a sniffer built in. And since this is all on the user's end, what's the prevent them from falsifying the logs?

Unless ISPs mandate only a certain category of router can operate on their network, one that captures internal traffic headers and forwards them to the ISP in a secure manner, I don't see how this is feasible to legislate.


Yes, that would be the next step - as I said, the counterargument is that people aren't currently collecting those detailed logs. That's something that would likely change in the future, with a law that presumes liability unless you provide evidence, in the form of such logs, that it wasn't you.
 
2014-03-25 03:48:44 PM  

Gonz: Theaetetus: But, on the other hand, the IP address is also tied to a particular modem or gateway at a particular time. Such as Starbucks' modem, smaller businesses' modems, hotels' modems, public spaces with free Internet provided by some organizations' modems, etc. There's some one point those communications are going through, and someone with control over that point... hence, equivalent to ownership of the car, even if you rent or loan your car out freely to others.

Theaetetus: But not with another MAC address on the same network, because then the router will not know where to send them. And if your point, as the owner of the access point, is to show that the infringing packets didn't come from  your computer, then it's irrelevant if they came from a real or spoofed MAC address, as long as it doesn't match yours.

Pfff, anyone  can detect if their wifi is being hijacked. Most people don't bother looking or don't know how. Again, that will be something that will change, once the law starts blaming you for anything that happens with your wifi router unless you can prove it wasn't you. Ignorance won't be a defense.

Theaetetus: Oh, I'm not using it in that way. As I said above, it's tied to a modem or gateway, which may be NATting for a whole pile of computers.

OK, hopefully this is quoting enough of you that you'll feel validated.

You look like a lawyer discussing how networking works. Each and every idea you've put out here is something that represents either a barrier that's simple to work around, or- especially in the case of MAC filtering- something that generally creates a larger security risk than it solves.


Thanks for providing the quotes. Now, you say that each is either simple to work around or creates a larger security risk*, but you haven't said that any of them are  wrong. Yes, you can crack into someone's network, but since we were talking about unsecured networks generally, that's not an issue. And yes, you can spoof a MAC address of someone who is offline, but if they can show they were offline, then it doesn't matter. And yes, you can even spoof the MAC address of someone who is online, but unless their machine is configured in a very specific way, they're going to get very visible errors. And I have no idea why you quoted the third one.

Unless you actually disagree with one of those quotes, then I'm not sure how they support your contention that I lack technical prowess.

*I didn't mention MAC filtering... Did you mean that to refer to someone else?
 
2014-03-25 03:54:30 PM  

Theaetetus: even better than the car, your router can log each and every packet to/from that NATed IP or MAC address - so you know exactly when they started sharing "Sexy Librarians 14".


Name one home router that logs every packet that goes through it.

You seriously have no idea what you are talking about.
 
2014-03-25 03:57:09 PM  

Theaetetus: Yes, that would be the next step - as I said, the counterargument is that people aren't currently collecting those detailed logs. That's something that would likely change in the future, with a law that presumes liability unless you provide evidence, in the form of such logs, that it wasn't you.


Is that what you thought addressed my assertion that not all routers have the ability to log when you said "your router can log each and every packet to/from that NATed IP or MAC address"?

How soon will people with non-compliant routers have to buy new hardware to satisfy this law?

How long will they have to keep logs?

How do we verify these logs aren't tampered?

Yes, brilliant solution. Require everyone to become a network administrator.
 
2014-03-25 03:58:42 PM  
impaler:  Yes, brilliant solution.

Hey, thanks. I take back all of the stuff I said about how your constant quoting out of context makes you look like a troll.
 
2014-03-25 03:59:48 PM  

Theaetetus: Yes, you can crack into someone's network, but since we were talking about unsecured networks generally, that's not an issue.


24.media.tumblr.com
 
2014-03-25 04:01:42 PM  

impaler: Theaetetus: a law that presumes liability unless you provide evidence, in the form of such logs, that it wasn't you.

Yes, brilliant solution. Require everyone to become a network administrator.


Even better: he's requiring that the US legal system do a complete 180 into "guilty until proven innocent" territory.

That's right, an alleged lawyer just advocated for legislation that said citizens were guilty unless they could prove otherwise. Legislation that puts the burden of proof on the victim.

He's full of shiat, in every thread he enters. You guys are wasting your time.
 
2014-03-25 04:01:43 PM  

Theaetetus: And yes, you can spoof a MAC address of someone who is offline, but if they can show they were offline, then it doesn't matter.


How does someone show they were offline?
 
2014-03-25 04:03:58 PM  

impaler: Theaetetus: Yes, you can crack into someone's network, but since we were talking about unsecured networks generally, that's not an issue.

[24.media.tumblr.com image 479x361]


Hey now... Even though security experts are very clear that "secured" networks are easily broken into and most networks are unsecured anyway, it's still perfectly OK for the RIAA and MPAA to financially break people based on easily falsified data!

/Because shill!
 
2014-03-25 04:06:30 PM  

Scrotastic Method: impaler: Theaetetus: a law that presumes liability unless you provide evidence, in the form of such logs, that it wasn't you.

Yes, brilliant solution. Require everyone to become a network administrator.

Even better: he's requiring that the US legal system do a complete 180 into "guilty until proven innocent" territory.

That's right, an alleged lawyer just advocated for legislation that said citizens were guilty unless they could prove otherwise. Legislation that puts the burden of proof on the victim.


Psst - we're talking about civil law, not criminal.
 
2014-03-25 04:06:56 PM  

impaler: Theaetetus: And yes, you can spoof a MAC address of someone who is offline, but if they can show they were offline, then it doesn't matter.

How does someone show they were offline?


Take a picture of yourself at a water park... a picture with a 100% accurate tamper-proof timestamp.
 
2014-03-25 04:16:10 PM  

Theaetetus: And yes, you can even spoof the MAC address of someone who is online, but unless their machine is configured in a very specific way, they're NOT going to get very visible errors.


FTFY
 
2014-03-25 04:16:45 PM  
^^^ That's for home wifi, anyway.
 
2014-03-25 04:16:54 PM  

impaler: Theaetetus: And yes, you can spoof a MAC address of someone who is offline, but if they can show they were offline, then it doesn't matter.

How does someone show they were offline?


Thank you for asking that question, so I didn't have to quote a wall of text.

Because what seems to be argued here is that not only are you going to keep a detailed router log, but also physical, possibly off-site copies of your various system logs.

Not just a few, either. All of them. Is there going to be a time limit on how long I must maintain backup copies of /var/log? And that's just one overarching directory in Linux. We're going to need specific examples of each and every log that's required to be maintained, by OS.

Oh, yeah, and I have a VM running Haiku, which is an alpha release of an open-source copy of BeOS. Let's make sure we're comprehensive here.
 
2014-03-25 04:25:16 PM  
Such a geek: bookmarking this story 'cause I gotta go to class.

/ Pitiful
 
2014-03-25 04:27:52 PM  

Theaetetus: Carousel Beast: If I may interject in here, while Theaetetus may say some rather absurd things on other topics, in this particular thread he's being very polite and reasonable. His thought process isn't complete, as his profession is law and not technology, but there's nothing unsound about his arguments, and he's not advocating a controversial personal opinion here, but trying to explain how things are likely to fall from a legal point of view - something he's more qualified than many to speculate on.

It is entirely likely that a legislative response will indeed ignore valid technical issues, and put a burden of proof back on the defense rather than on the prosecution (where it should be), as we've seen it before. He's not saying he agrees with that, just that it's likely to happen.

TL;DR, don't jump him because you don't like what he's said on other topics.

Thanks. Although I would disagree that my profession isn't technology... I was an engineer for 10 years before shifting to this, and I'm not on the litigation side of things - I  only deal with technology now. ;)


My apologies - I actually should have said wireless security in particular. It's absolutely amazing what someone determined and skill can do to supposedly "ironclad" systems. I'm not security myself, but I establish policy and procedure for the corporate data on my systems, so I work closely with both the electronic and physical security departments, since my systems control a lot of sensitive information.

Regardless, I think you make some excellent points, and I didn't want to see people shout you down because they may have disagreed with you elsewhere, as I think happens too often on Fark.
 
2014-03-25 05:13:52 PM  

BullBearMS: impaler: Theaetetus: Then quote me saying something showing a lack of technical prowess.

OK.

Theaetetus: And they even provide their ID, in the form of a MAC address. And, even better than the car, your router can log each and every packet to/from that NATed IP or MAC address

Theaetetus: MAC addresses can be spoofed.

But not with another MAC address on the same network, because then the router will not know where to send them.

Somebody doesn't understand the physical

Data Link layer at all.

FTFY
 
2014-03-25 05:15:32 PM  
in jail lol wtf is a ip address smh dgaf #yolo
 
2014-03-25 07:04:55 PM  

Theaetetus: JackieRabbit: Good ruling, since IP addresses for most users of the internet are assigned by their IPS's DHCP server and a lease on the address can last only as long as the user is logged onto the computer.

So? If you make threatening phone calls from a hotel room phone, it's not reasonable to dismiss a case by saying that you only had the phone number for as long as you were renting the phone. Activity by the next or prior patron is irrelevant, since they're subpoenaing records about an IP address  at a particular time.


Multiple users can/often do use the same public IP at the same time.
 
2014-03-25 07:30:33 PM  

Kygz: Yup, my VPNs usually have me in IL or IA.


You're screwed buddy! They don't have internet in Iowa.

/got three warning emails for downloading True Detective (one per episode)
//because I was sharing
///no more emails after I stopped sharing, but still continued to DL
\\\suck it!
 
2014-03-25 07:32:48 PM  

elysive: Theaetetus: JackieRabbit: Good ruling, since IP addresses for most users of the internet are assigned by their IPS's DHCP server and a lease on the address can last only as long as the user is logged onto the computer.

So? If you make threatening phone calls from a hotel room phone, it's not reasonable to dismiss a case by saying that you only had the phone number for as long as you were renting the phone. Activity by the next or prior patron is irrelevant, since they're subpoenaing records about an IP address  at a particular time.

Multiple users can/often do use the same public IP at the same time.


Really? How does that work? Please explain, because clearly, no one in this thread knows and we haven't been discussing gateways and NAT for the past several hours
 
2014-03-25 07:52:32 PM  

mayIFark: JackieRabbit: Good ruling, since IP addresses for most users of the internet are assigned by their IPS's DHCP server and a lease on the address can last only as long as the user is logged onto the computer.

Not true. I don't believe ISP's use DHCP, but even if they do, your computer never logs on to that. It is your modem that does, and that is always on. Even if you turn off your modem, it will take a few days before that IP gets reassigned.


For many cable companies, modems usually receive a rfc1918 address. Connected hosts receive a public and it is assigned to that hosts mac (not the modems). This assignment is logged for abuse investigations including piracy.

You can get a static mapping setup to a host and have dhcp disabled.. meaning only that specific host will recieve a (the) ip. Done in this manner a hacker busting into your wireless will find himself high and dry unless he knows to ghost his machines mac to appear as the statically mapped host on isp dhcp server. Still vry much doable, just one more hurdle. Which is what most security comes down to.

There is rarely a question of not just what ip was used for the abuse, but even what specific device was the offendrr.

This doesnt change the fact that unless youve established by either law or binding contract claus associated responsibility... you still have no clue WHO clicky clickied the link. ( My guess is Col. Mustard in the ballroom with the Dell XPS)

/That said, pirate errything.
//Hack the planet
 
2014-03-25 07:55:10 PM  

Ex-Texan: I'd like to know of a way to hold theatres liable, and providing recompense of at least the ticket price, for a movie you find bad.


I worked at several movie theaters when I was younger. All of them refunded ticket prices to customers who left the movie early complaining it was bad. I don't recall any times someone sat through the whole movie, and then wanted a refund.
 
2014-03-25 08:32:22 PM  

Theaetetus: elysive: Theaetetus: JackieRabbit: Good ruling, since IP addresses for most users of the internet are assigned by their IPS's DHCP server and a lease on the address can last only as long as the user is logged onto the computer.

So? If you make threatening phone calls from a hotel room phone, it's not reasonable to dismiss a case by saying that you only had the phone number for as long as you were renting the phone. Activity by the next or prior patron is irrelevant, since they're subpoenaing records about an IP address  at a particular time.

Multiple users can/often do use the same public IP at the same time.

Really? How does that work? Please explain, because clearly, no one in this thread knows and we haven't been discussing gateways and NAT for the past several hours


I get that you have been talking about MAC logging and have made a few side references to NAT, but this particular analogy would apply more to NAT'ed IP if every room in the hotel had the same phone number and if it weren't just an issue of what time you made the call. Oh wait, you know, I'm pretty sure it often does. There's the public hotel phone number (public address) and then a room extension (private address). Internal call logs by whomever administers the network (MAC addresses if it's VoIP) might suddenly make it relevant when you were in your room. At least that's my rudimentary understanding of the telecom exchange.

I know you are insistent that soon equipment everywhere will keep extensive logs so that judges and LEOs can see who has been accessing what. That's a fine fantasy worth holding your breath for that wouldn't be a total waste of money or an undue burden on ISP and enterprise equipment that transfer ungodly amounts of data. Whether something of that nature comes to fruition or not, I wish media companies would decide to stop bleeding money with law suits, lobbying and chasing after ever-evolving piracy that they can't beat. They would do a lot better just to change their business model and sell something that people want to buy.

As for using logged MAC addresses as evidence against someone, how do you propose people's MAC addresses get revealed? Voluntarily? Verbally? Written? Physically produced? Does the person have to surrender their devices at which time the investigating party can snoop around for other evidence? Wouldn't that be putting the horse before the buggy? At least it's not terribly difficult to tell when people are making up MAC addresses. It is even easier when you know the manufacturer of the device. Would you believe I've had people who work in the networking industry give me MAC addresses with G's and H's in them? *shakes head*
 
2014-03-25 08:33:51 PM  
lol, cart before the horse. It's been a long day. I should just pack up.
 
2014-03-25 09:01:04 PM  

elysive: Theaetetus: elysive: Theaetetus: JackieRabbit: Good ruling, since IP addresses for most users of the internet are assigned by their IPS's DHCP server and a lease on the address can last only as long as the user is logged onto the computer.

So? If you make threatening phone calls from a hotel room phone, it's not reasonable to dismiss a case by saying that you only had the phone number for as long as you were renting the phone. Activity by the next or prior patron is irrelevant, since they're subpoenaing records about an IP address  at a particular time.

Multiple users can/often do use the same public IP at the same time.

Really? How does that work? Please explain, because clearly, no one in this thread knows and we haven't been discussing gateways and NAT for the past several hours

I get that you have been talking about MAC logging and have made a few side references to NAT, but this particular analogy would apply more to NAT'ed IP if every room in the hotel had the same phone number and if it weren't just an issue of what time you made the call. Oh wait, you know, I'm pretty sure it often does.There's the public hotel phone number (public address) and then a room extension (private address). Internal call logs by whomever administers the network (MAC addresses if it's VoIP) might suddenly make it relevant when you were in your room. At least that's my rudimentary understanding of the telecom exchange.


Yes, I know. That's why I suggested it. Most hotels have a PBX, either POTS or, more likely, SIP. Accordingly, your outgoing phone number may appear the same, it is nonetheless still traceable to your room at a particular time, with the hotel's internal routing logs.

I know you are insistent that soon equipment everywhere will keep extensive logs so that judges and LEOs can see who has been accessing what.

Nope, plaintiffs in discovery. We're not talking about criminal law.

That's a fine fantasy worth holding your breath for that wouldn't be a total waste of money or an undue burden on ISP and enterprise equipment that transfer ungodly amounts of data. Whether something of that nature comes to fruition or not, I wish media companies would decide to stop bleeding money with law suits, lobbying and chasing after ever-evolving piracy that they can't beat. They would do a lot better just to change their business model and sell something that people want to buy.

Perhaps, but we've been trying to sell the RIAA/MPAA on that for how many decades now? It's a fine fantasy that they'll suddenly sit up and say "gosh, piracy isn't an issue if we just sell product that people want to give us money for."

And where else has that model worked? Heck, look at the games industry, shifting to always-on connections and server-side DRM. If they won't embrace "no restrictions, just please give us money", then why do you think Hollywood would?

As for using logged MAC addresses as evidence against someone, how do you propose people's MAC addresses get revealed? Voluntarily? Verbally? Written? Physically produced? Does the person have to surrender their devices at which time the investigating party can snoop around for other evidence? Wouldn't that be putting the horse before the buggy? At least it's not terribly difficult to tell when people are making up MAC addresses. It is even easier when you know the manufacturer of the device. Would you believe I've had people who work in the networking industry give me MAC addresses with G's and H's in them? *shakes head*

Voluntarily, of course. See, if the law changes in the way that I think it's likely to, if you own the router in question that was distributing infringing works, you're responsible for that infringement... Unless you can show it wasn't you. And one way to do so would be by showing your logs. Or turning over your hard drive for investigation. Or any other such data that would lead a jury to believe that you're more credible than the plaintiff and that you didn't really do it.

This is civil litigation - the burden of proof is "preponderance of the evidence", not "beyond a reasonable doubt". If the plaintiffs establish your router was transmitting the packets (and the law changes to a rebuttable presumption that you are responsible for everything going out your router), then they've met their burden... then it's up to you to push that preponderance back by providing evidence that it wasn't you. And I think it's highly likely that the law will shift in that direction, if more of these decisions start going against the RIAA/MPAA rather than extortion trolls and fraudsters like Prenda, and if people like the EFF aren't pushing back to prevent that shift.
 
ZAZ [TotalFark]
2014-03-25 09:43:40 PM  
elysive

You are all making this way more complicated than it needs to be. In the normal case nobody is playing games with spoofing. The law is designed to handle the normal case efficiently. I could get a good fake license plate for my car. We trust license plates because most people don't.

If we as a society want all network traffic to be tied to a person, not anonymous, the solution will be cryptographic with secure hardware. If your logon smart card gets "stolen" we already have the answer from the motor vehicle world: you are strictly liable for misuse before it is reported stolen, not liable for use after (because it has been cut off from network access).

I don't think we'll want that because the current system mostly works and we value anonymous speech.

As for the specific question, how does a MAC address get revealed, the ultimate answer if you want to play tough is

1. In a criminal case a police officer puts a gun to your head (usually with a warrant) and pulls the trigger if you don't give up your phone / computer.

2. In a civil case the judge says give it up or you lose the case.

There are plenty of things to do before these steps. They could, for example, note that a MAC address appeared in the lobby right when you checked in, moved to your room, returned to the lobby when you checked out, then vanished. That's good evidence against you already and they don't even need to see if your phone has that address. It's still evidence if you produce a phone with a different address.

In at least one of the RIAA cases they did get an order to examine the defendant's computer. She tried to get clever by wiping evidence, but the forensic experts were more clever.

The people who get caught aren't the smart ones with VPNs, encrypted partitions, and seven proxies.
 
2014-03-25 10:43:29 PM  

ZAZ: There are plenty of things to do before these steps. They could, for example, note that a MAC address appeared in the lobby right when you checked in, moved to your room, returned to the lobby when you checked out, then vanished. That's good evidence against you already and they don't even need to see if your phone has that address. It's still evidence if you produce a phone with a different address.

The people who get caught aren't the smart ones with VPNs, encrypted partitions, and seven proxies.


I was trying to get at the ridiculousness of having to surrender devices with your MAC addresses. Unless an authority searches all of your person and your property, it speculatively requires you prove a negative. How do I prove I don't have a device with a particular MAC? Well, I can give them a different device. If I am innocent, will people not trust me? If I am guilty, why would I self incriminate and surrender a guilty device?

 Most tech savvy people own tons of devices. I could have a dedicated piracy computer and still surrender like 15-20 devices from our household without any connection to that dedicated device. Location-based tracking correlated with other evidence of your physical presence is probably more objective evidence, but it could be considered circumstantial (yes, preponderance of evidence and all) and that requires ridiculous amounts of logging. I'm still skeptical that the technology will ever go in that direction, not because of technological limitations but rather because networking resources need to be dedicated to more important things. If you really wanted to log MAC addresses and have reasonable accounting of device ownership, I think it would be more realistic to have required registration of all networking components.

Re: the networking resources required to store and go through MAC logs...well, I have debugged traffic on a wlan controller and I can't imagine the monotony of trying to go through logs of hundreds of thousands of frames or even packets transferred every hour. The NSA doesn't know what to do with all the phone call and email data it collects and those count orders of magnitudes fewer than the frames and packets transferred during the public's web browsing sessions.
 
2014-03-25 11:31:36 PM  

elysive: I was trying to get at the ridiculousness of having to surrender devices with your MAC addresses. Unless an authority searches all of your person and your property, it speculatively requires you prove a negative. How do I prove I don't have a device with a particular MAC? Well, I can give them a different device. If I am innocent, will people not trust me? If I am guilty, why would I self incriminate and surrender a guilty device?


ZAZ mentioned Thomas-Rasset having to turn over her hard drive. It's the same question - how do you prove you didn't download those particular files? Well, she gave them a different hard drive, one with an initialization time well after she was ordered to preserve evidence. That's why no one trusted her.
 
2014-03-25 11:33:47 PM  

ZAZ: The people who get caught aren't the smart ones with VPNs, encrypted partitions, and seven proxies.


The smart ones have all those things. The smarter ones, though...

Master Foo and the Script Kiddie

A stranger from the land of Woot came to Master Foo as he was eating the morning meal with his students.
"I hear y00 are very l33t," he said. "Pl33z teach m3 all y00 know."
Master Foo's students looked at each other, confused by the stranger's barbarous language. Master Foo just smiled and replied: "You wish to learn the Way of Unix?"
"I want to b3 a wizard hax0r," the stranger replied, "and 0wn ever3one's b0xen."
"I do not teach that Way," replied Master Foo.
The stranger grew agitated. "D00d, y00 r nothing but a p0ser," he said. "If y00 n00 anything, y00 wud t33ch m3."
"There is a path," said Master Foo, "that might bring you to wisdom." The master scribbled an IP address on a piece of paper. "Cracking this box should pose you little difficulty, as its guardians are incompetent. Return and tell me what you find."
The stranger bowed and left. Master Foo finished his meal.
Days passed, then months. The stranger was forgotten.
Years later, the stranger from the land of Woot returned.
"Damn you!" he said, "I cracked that box, and it was easy like you said. But I got busted by the FBI and thrown in jail."
"Good," said Master Foo. "You are ready for the next lesson." He scribbled an IP address on another piece of paper and handed it to the stranger.
"Are you  crazy?" the stranger yelled. "After what I've been through, I'm never going to break into a computer again!"
Master Foo smiled. "Here," he said, "is the beginning of wisdom."

On hearing this, the stranger was enlightened.
 
2014-03-26 12:03:58 AM  

Theaetetus: elysive: I was trying to get at the ridiculousness of having to surrender devices with your MAC addresses. Unless an authority searches all of your person and your property, it speculatively requires you prove a negative. How do I prove I don't have a device with a particular MAC? Well, I can give them a different device. If I am innocent, will people not trust me? If I am guilty, why would I self incriminate and surrender a guilty device?

ZAZ mentioned Thomas-Rasset having to turn over her hard drive. It's the same question - how do you prove you didn't download those particular files? Well, she gave them a different hard drive, one with an initialization time well after she was ordered to preserve evidence. That's why no one trusted her.


Yea, I read about it and the girl didn't sound particularly smart. Of course if she only had one computer and limited knowledge, she probably didnt see many options. I guess so long as the idiots continue to take the heat in cases like these, real nerds can relax a little.

/doesn't use file sharing, but these cases are obnoxious
//if the thefts were truly worth what companies claimed I'd probably be ok with criminal charges
 
2014-03-26 12:12:45 AM  
elysive:Yea, I read about it and the girl didn't sound particularly smart. Of course if she only had one computer and limited knowledge, she probably didnt see many options. I guess so long as the idiots continue to take the heat in cases like these, real nerds can relax a little.

/doesn't use file sharing, but these cases are obnoxious


Yeah, but the problem there is the old "bad facts make bad law". Thomas-Rasset destroys her hard drive, destroying her credibility before the jury and making them not want to spare her the giant damage awards. Tenenbaum gets a self-aggrandizing lawyer who farks up everything and pisses off the judge because he wants his moment in the spotlight, and gets slapped down by the jury. In neither case, did they attempt to mitigate the damage award by bringing in economists or other experts.  As a result, you get precedential decisions that suck.

Or here, you get terrible plaintiffs who don't actually own the copyrights in question, and as a result, you get decisions that may be right for them, but end up having unforeseen results down the line.

//if the thefts were truly worth what companies claimed I'd probably be ok with criminal charges

The problem there is that no defendant has argued about what a  distribution license would cost, and instead just say that the damages are $1, since you could buy it on iTunes for that. With one side pointing to a statute listing damages, and the other side saying something completely nonsensical, the judge goes for the more reasonable one, even if it's wrong. And that's how we end up with 2 damage ranges instead of the three that Congress prescribed.
 
Displayed 37 of 137 comments

First | « | 1 | 2 | 3 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »
Advertisement
On Twitter






In Other Media


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report