Forum Moderators: DixonJones
[corpwatch.org...]
I'm interested, for journalistic purposes, in the potential for network analysis of Internet traffic once the feds get their computers tapped into the backbone and the major hubs.
One important aspect of what sort of capabilities the feds will have, has to do with the topic of "IP delivery," which is something some SEOs know about. This has to do with the ability to identify certain characteristics of an IP address on the fly. Perhaps the most important characteristic is the geographical location of the person behind the IP number.
I've searched for information about this on Google, but can't seem to find anything relevant. My question is this: "To what extent do databases exist, or are under development, that will translate IP number to geographical location?"
Obviously, we can't do a "whois" on the fly, and just as obviously, I'm interested in something much more specific than the top-level country domain. I've noticed in my own logs over the past few years that increasingly, cable and dialup ISPs are using geographical identifiers in their reverse-resolved domain names, which are specific to the city in the U.S. where the dynamic IP originates. For example, Earthlink's dialup will look like "blah.blah.sanantonio1.level3.net" and Time Warner cable will look like "blah.blah.satx.rr.com".
This tendency has increased dramatically over the last two years.
Are there any software packages and/or databases that exploit this tendency, and/or provide lookups for domains that don't have such obvious clues in them? It wouldn't be 100 percent, but it's looking to me like it would come up with a fairly specific location for over 50 percent once you began developing a database in this direction.
Back to surveillance by the feds:
If you have a tap on the backbone and at various hubs, you could punch in location A and location B and analyze all traffic between those two points. This would be a crucial tool for sorting through the "firehose" of data streaming by.
Wasn't the NSF a key instrument in setting up ARPANET. I just can't shake the notion that the feds came up with the whole idea of "electronic commerce" to begin with. In its purest form it would make taxation a real time transaction and inescapable.
[washingtonpost.com...]
"Some analysts say the barriers could grow with the development of 'geolocation' technology, which attempts to match a person's location based on a computer's Internet address.
"Silicon Valley's Quova Inc., one of the leading providers of this technology, claims it can correctly identify a computer user's home country 98 percent of the time and the city about 85 percent of the time, but only if it's a large city. Independent studies have pegged the accuracy rate of such programs, which also are sold by companies such as InfoSplit, Digital Envoy, Netgeo and Akami, at 70 to 90 percent."
Here [download.cnet.com]
I found this WSJ quote from last October on the Quova site:
"Quova, based in Redwood City, Calif., was founded in January 2000 and claims 45 customers. The company (http://www.quova.com/) has deployed 16 servers in various locations that it uses with a variety of proprietary techniques to link billions of Internet-protocol addresses to geographic regions."
It seems that "geolocation" based on IP addresses can achieve perhaps 60 or 70 percent, using various tricks and databases, from a single location. But to get better results, you need to network your own servers around the globe. You determine which server is closest by some sort of technique, and take it from there. Each server probably specializes in different techniques for its own region.
Over time, if the server network caches its results in a central database, and checks for any changes frequently, I suspect it can get over 90 percent reliability.
Credit card companies are interested in this technology for e-commerce fraud detection.
I was impressed the other day when signed up for a hosting company. Before accepting my application they sent a mail asking why I am using a credit card based in one location while accessing their site from an IP address in another location.
Although it could be a hassle for buy-on-the-fly type product sites I think a lot of sites should implement some sort of measure like this. Or at least let consumers who travel a lot have some sort of registered extra PIN number to show that "they are who they are" no matter where they are accessing from.
Since this backbone stream is too much information, the premise is that geolocation mapping to IP numbers will allow a more specific (and more powerful) analysis of activity between any two points.
We've established that with some expertise, a network of dedicated servers, and some databases already available and yet to be developed, you can get about 80 percent geolocatiion reliability from the IP number.
Now consider that the FBI has the legal authority, right now, to go to a federal judge, tell him that this is for a criminal investigation (no showing of probable cause is required), and the law requires the judge to sign.
Then the FBI takes this signed piece of paper to places where it has trouble with the remaining 20 percent of IP numbers that are more difficult when it comes to geolocation.
For example, they take it to AOL. That means AOL is legally required to cough up all the geolocation information it has regarding all the IP numbers it uses. Cool!
The FBI can take this same warrant, signed by this same pseudo-judge, to any other ISP in any of the 50 states, and get the same information. The judge has nothing to say about it. Neato!
Hey, thanks a lot U.S. Congress! We've just been screwed.
The biggest problem is AOL and MSN.
"MetaCarta, which has 12 employees, has done a whirlwind tour of the C.I.A., the Army, the Air Force, the National Security Agency and In-Q-Tel the last several weeks. The company makes a program that can associate documents with geographic sites - kind of a combination of the World Wide Web search engine Google and the mapping program Mapquest on steroids. The agencies hope to use the technology to detect geographic hot spots of potential terrorist activities or track the movements of individuals over time."
They have a little form gizmo for display purposes where you can enter an ip and get the lookup shown do you as well as a certainty percentage. Looks like they are now selling access to their database on cost per query plans.
