K`Tetch’s Techdirt Profile


About K`Tetch

I'm a P2P researcher, that is involved in Pirate Politics. I've worked in TV, for a record company, and dabble in particle physics on the Muon1 project.

I am also the assistant director of the EFForums track at Dragoncon ( http://eff.dragoncon.org ) and the co-editor of the book No Safe Harbor ( https://www.techdirt.com/articles/20120912/11041420360/chatting-with-andrew-ktetch-norton-about-no-safe-harbors-techdirt-book-club-interview.shtml )

Twitter: https://twitter.com/ktetch


Posted on Techdirt - 15 April 2016 @ 10:37am

How Bad Are Geolocation Tools? Really, Really Bad

from the what-a-mess dept

Geolocation is one of those tools that the less technically minded like to use to feel smart. At its core it's a database, showing locations for IP addresses, but like most database-based tools, the old maxim of GIGO [Garbage In, Garbage Out] applies. Over the weekend Fusion's Kashmir Hill wrote a great story about how one geolocation company has sent hundreds of people to one farm in Kansas for no reason other than laziness. And yes, it's exactly as bad as it sounds.

Most people often aren't the most technically minded, give them a tool, tell them it CAN produce an output, and they'll assume that any output that looks like the best quality possible, IS the best one available. It's extremely common with 'forensic evidence' and jurors in court cases, where it's given weight well beyond its actual evidentiary value (to the point that they now distrust cases without it) – there's even a name for it, "the CSI effect", named after one of the TV shows that uses it as a cornerstone.

One of the latest tools to get the blind trust of morons is IP Geolocation. At its basic level, it's a database of IP addresses with latitude and longitude listed, so when you look up an IP address, you get a pair of coordinates you can associate as an 'origin' for that.

However, there's a number of problems with that.:

  • First, what about those that don't have a lat/long listed?
  • Secondly, how often are they updated?
  • Third, how do they deal with cellular or 'mobile' devices?

So let's quickly address them.

Those that don't have a lat/long listed.

Well, there's a few ways to do it, but the way some chose to do, is just to guess. In the article that started me on this, it points out that the company MaxMind decided to guess at the average closest place it could – the geographical center of the US, except 39°50'N 98°35'W. is a messy decimal (39.8333333 N,98.585522W) so it rounded them to 38N, 97W. It's the front yard of a farm in Kansas.

Other times they just guess and get a town and put it somewhere there, although even that can be off a bit. It can be a lot off, as you'll see shortly.

How often are they updated?

There's no telling. With the great shortage of IPv4 addresses now, but with an ever-expanding list of devices, from cell phones to thermostats and even fridges, IP addresses are shifting around everywhere. There's also mergers and splits of companies, bankruptcies and so on. So unless the database is frequently updated, there's no chance that anything it has to say will be accurate – again we'll see that directly.

Finally, how does it deal with cellular devices?

Simply put, they don't. The handoff mechanism means that you'll often carry one IP address from one tower to the next (otherwise you'd have to terminate and restart any data transfer as you shifted between towers. In addition most cellular providers hide their cell customers behind NAT, precisely because of the lack of discreet IPv4 addresses to give out (and their… slowness in migrating to IPv6)

Odds are you're going to get a local network control center, or regional corporate office instead, which means it's practically no use at all.

Oh dear....

This all assumes as well that entries are made in good faith. One of the more common uses of geolocation is for targeted adverts, especially with 'adult websites', where they promise there's a horny woman (or man, if your browsing is detected as such, or the 'content' suggests you may be female) close by. Or you may have seen it in the scam adverts on news sites that should know better than to accept low-rate advertising based on scams (with easy to tell, clickbait headlines about insurance 'tricks' or similar).

This means that if you can 'rig' the database, you can expose the stupidity in parts of it, as was best demonstrated by Randall Munroe in his XKCD comic series.

So just how inaccurate are these systems? The easiest way to tell by far is to run some IP addresses where you know the location through these systems and see how far off they can be. So I did.

The most obvious one to start with is my own home connection's IP address. So I tried the link in the story, and boy was it off! Just for the record, I live on the south side of Atlanta's metro area, near Macon – Walking Dead country in fact

That's right, it put me in Ottawa, capital of Canada, roughly 1900km (1180 miles) and 1 whole country off. Part of that comes from the second question, how current the data is. It's listing my IP as belonging to Nortel networks. Problem is, I'm not a subscriber to Nortel – no-one is, the company was wound down years ago. Yet some databases still have them listed.

Cellphones don't fare much better either. I used the same service on a 4G Verizon phone sitting at my computer. It's location, San Diego. That's 1900 miles (3050km) off. Others services gave locations of New York, Atlanta, and Macon.

Wondering if it's just my semi-rural system that's messed up, I called a few friends who live in the Atlanta suburbs (a few streets from each other) and asked for their IP addresses, one used Comcast, and the other AT&T. Maybe things will be better and more accurate in a big-city environment?

I ran a number of different GeoIP services, and it was a very mixed bag of results.. One thing's certain though, none of the four set of coordinates gave an accurate location for the person (for obvious reasons I'm not going to give you their address, or mine for that matter)

Of them all, only one service – IPCIM.com – gave an error circle with a location, (twenty five mile radius), but it didn't do it for all. To me that indicates knowledge of its inaccuracy, but it's lack at other times seems to show it just doesn't care.

The second and third locations are the same coordinates, but they're less certain of the third than the second, despite both being off.

There's also something specific to note. There's 4 providers covered here. Two were done from the exact same location, yet their locations came nowhere near matching. Two more were IP addresses just streets away, but they also didn't match that well, although many went to the same default locations, including two which went to the 'lazy US Center' investigated in the Fusion piece.

More importantly, of the 30+ geolocating attempts made here, not a single one managed to be within a mile of the actual location (although one location was within a mile and a half, while another was within 3 miles – again, I'm not going to give out specifics). So for those who want to rely on them as being a source of where something is, the simple answer is "don't". This applies as much to those tracking down people who are leaving spammy comments, as it does to police officers and lawyers seeking to use them for court actions criminal or civil.

In fact lawyers and the police have absolutely NO excuse to use these kinds of databases in litigation at all as there are better, more accurate tools at their disposal – the courts themselves. In criminal cases a warrant is the preferred method, obtaining subscriber information from the ISP (fixed or cellular) which is far more accurate than any geolocation service because it's data coming from the entity actually providing the connection. In a civil trial you have a discovery subpoena to do pretty much the same thing and for the same reasons.

If you're doing it 'on your own', remember that these tools are as accurate as taking a dart and throwing it not at a map on the wall, but at a Google map display on your computer screen. Sure you'll be out a display, but you won't be potentially facing criminal charges when you go to act on what it basically bullshit data. At the very best, it can be used to advise, but it can be INCREDIBLY off, sometimes thousands of miles.


The following services were used

There were 4 IP addresses used, three residential and one cellular comprising four of the biggest ISP's in the US.

IP addresses

  • 32.99.122 (Charter fixed line cable internet connection – K`Tetch)
  • 193.166.88 (Verizon 4G cellular connection – K`Tetch )
  • 137.147.28 (Comcast fixed line cable internet connection – James)
  • (AT&T gigapower fixed line internet connection, less than 6 months old – David)

The first two were located in south metro Atlanta, near Macon. David and James are located approximately half a mile apart in north Cobb county, Georgia.

Raw coordinates


Charter Verizon Comcast


checkIP.org 45.4167, -84.3246 32.7977, -117.1322 NOT TESTED BLANK RESULT
IP2Location 33.95621, -83.98796 32.55376, -83.88741 34.02342, -84.61549 34.02342, -84.61549
IPinfo.io 32.8685, -84.3246 32.8975, -83.7536 34.0247, -84.5033 38.0000, -97.0000
EurekAPI 32.8685, -84.3246 33.7981, -84.3877 34.1015, -84.5194 34.0247, -84.5033
DB-IP 33.9562, -83.988 40.7128, -74.0059 33.9413, -84.5177 ("Marietta (bedroom)") 33.8545, -84.2171
IPCIM.com 32.8685, -84.3246 (± 25 mile)  NOT TESTED 34.0247, -84.5033 34.0247, -84.5033 (± 25 mile)
MaxMind (geoLiteCity) 32.8685, -84.3246 32.8975, -83.7536 34.0247, -84.5033 38, -97
MaxMind (GeoIP2) 32.8685, -84.3246 33.7844, -84.2135 34.0247, -84.5033 34.0247, -84.5033

If you'd rather see them on a map, they're here. (Legend Charter in green, Verizon in red, Comcast in blue, AT&T in yellow)

NOTE: One data source was extremely interesting in its provision of 11+ decimal places in its results. While this might seek to imply accuracy, it actually underscores how inaccurate it actually is. Eight decimal places gives a resolution of 1.1 millimeters – half the thickness of a CD/DVD. 11 decimal places as given in all their results is going to extremes, with locations given to less than a hair's thickness. It has been rounded down.
The "Marietta (bedroom)" label was actually on the output from their database.

I would like to thank David and James for their help with this. And for obvious reasons, we have forced changes in IP addresses for all our connections (and the release of this article was delayed to ensure that).

This is a repost from Andrew Norton's Politics & P2P blog

32 Comments | Leave a Comment..

Posted on Techdirt - 4 December 2015 @ 12:50pm

After Even His Own Lawyer Admits Prenda's Paul Hansmeier Is A 'Bad Actor,' Bankruptcy Court Liquidates His Assets

from the found-jesus? dept

It's not been a good year for Paul Hansmeier, the Prenda attorney-turned-"ADA Champion." He's been hit with counter-claims on his Americans with Disabilities Act (ADA) lawsuits which claim thousands in damages from local companies despite no actual issues. This was followed in May by an appeal hearing on Judge Wright's infamous Star Trek order where after summing up the Prenda business model 9th circuit Appeals Judge Pregerson called it an "Ingenious crooked extortionate operation."

Then in August, one of the three central figures in the Prenda saga, Paul Duffy, died, moving the focus more squarely onto Hansmeier and Steele. Finally, just over two weeks ago, the Minnesota Law Board started proceedings to disbar him, meaning his ability to continue as a lawyer at all would be in jeopardy.

Amongst all that, in July Hansmeier filed for Chapter 13 bankruptcy (RECAP docket), seeking to repay his debts (many of which are damages and costs from various Prenda cases nationwide) totaling $2.43 million via installments. Under US Bankruptcy law, a person owed money by someone in Chapter 13 proceedings cannot start or continue collection proceedings, so for Hansmeier, it would have been a neat way to push payment of these debts down the road, while paying them off at a fraction of their value. (His proposed plan would have paid off a maximum of $161,400 in monthly installments of $2,690 across 5 years legal maximum at which point all debts would be discharged and considered paid.)

However, petitions by the creditors (those who are owed money) pointed out in motions leading up to a December 3rd hearing at the United States Bankruptcy Court for the District of Minnesota that he had shown he was not trustworthy. "The argument that somehow there's going to be a payment in full, your honor, just doesn't ring true," Michael R Fadlovich, the attorney representing the Bankruptcy Trustee is reported to have said.

Even Hansmeier's lawyer admitted "he's a bad actor," but claimed "he'd found Jesus," although given the number of Does filed against, it's entirely possible Jesus was found by their speculative invoice letters. She also claimed that the sale of Hansmeier's downtown Minneapolis condo for $1.2 million would have provided a rare chance to have his debts mostly paid off, despite figures submitted by the trustee that indicate less than $90,000 would be realized by the sale.

Nevertheless, U.S. Bankruptcy Judge Kathleen H. Sanberg was not swayed, converting the proceedings from Chapter 13 to Chapter 7, and requiring a liquidation of assets to pay, while any money left from the sale of the condo goes towards the debt fund. However, the court is not yet finished with Hansmeier. Numerous lawyers (representing creditors) highlighted a number of suspicious money transfers, possibly to hide assets, as other judges have already discovered. At issue was his constant dishonesty with courts, in this proceeding and others, which the judge sided with. While further actions are coming, Hansmeier has to now be very careful, as bankruptcy fraud is an imprisonable offense, and investigated by the FBI who are presumably already well aware of Mr. Hansmeier courtesy of Judge Wright.

It seems that Hansmeier's 'luck' has just about run out.

35 Comments | Leave a Comment..

Posted on Techdirt - 12 June 2015 @ 3:28am

House Votes To Change Law Due To Trade Agreement, While Insisting That Trade Agreements Don't Change Laws

from the do-they-even-understand dept

Two weeks ago, the House Agriculture Committee voted 38-6 to repeal country-of-origin-labeling. (COOL), and now it's the full House's turn. In a 300-131 vote yesterday the "country of Origin Labeling Amendments Act" (HR 2393) passed with the support of a significant number of Democrats as well as the majority of Republicans.

The bill's prompting and passage came after the World Trade Organisation ruled in favor of Canadian farmers, who sued claiming it was "discriminatory" and thus in violation of Free Trade Agreements. The problem? Cattle bought from abroad would have to be segregated from domestic cattle, increasing costs and making imports less desirable.

With Fast Track coming up for a vote -- perhaps even today -- it's curious to see this snippet in the Associated Press report on the vote by the Speaker of the House:

House Speaker John Boehner, R-Ohio, said after the vote that the last thing American farmers need "is for Congress to sit idly by as international bureaucrats seek to punish them through retaliatory trade policies that could devastate agriculture as well as other industries."
That is, of course, the same John Boehner that has been encouraging the President to get more support for Fast Track, in order to pass more of these "Free Trade" deals that impose more international bureaucrats and will almost certainly lead to more disputes that "require" Congress to "not sit idly by."

Meanwhile, remember what President Obama said at the Nike Plant just a few weeks ago:
[TPP] critics warn that parts of this deal would undermine American regulation -- food safety, worker safety, even financial regulations. They're making this stuff up. (Applause.) This is just not true. No trade agreement is going to force us to change our laws.
Less than one month on, and we have exactly what he claimed 'is not true' happening. A trade agreement forcing a law change, and having what some would claim is an impact on food safety. And it's happening a day or so before the House is voting to create even more such situations while claiming that it won't do this. Do they not even recognize what it is they're voting on?

32 Comments | Leave a Comment..

Posted on Techdirt - 20 May 2015 @ 9:23am

Australian ISP Promises Free Lawyers For Targets Of Copyright Trolls

from the good-move dept

iiNet, the second biggest ISP in Australia, has been a bit of a magnet when it comes to BitTorrent lawsuits. In 2008 they were sued by the Australian Federation Against Copyright Theft (AFACT) for failing to prevent its subscribers from infringing copyright via Bittorrent, a case it won, as the court found it was not iiNet's responsibility.

In late 2014, Voltage Pictures – the company behind Oscar winning movie 'Dallas Buyers Club' – started proceedings against Australian users it accused of downloading its movie, just as it has in both the US and Canada. The alleged Australian infringements all occurred between 2 April 2014 and 27 May 2014.

iiNet refused to hand over the account details of the 4,726 IP addresses demanded by Voltage, and took it to court, where, in early April, the judges sided with Voltage. However, in a massive blow to Voltage, they required that any letters sent out to people be approved by the court, undermining the key tactic of exaggerating claims in these kinds of cases. Most such cases rely on threatening significant damages at court in order to 'encourage' the recipient to settle, but Justice Perram has indicated that the damages could be as low as AU$10 (US$8), although there could be significant court costs as well.

Now iiNet has dealt Voltage another blow, announcing in a blog post:

If you do receive a letter you may want to get legal advice. iiNet is working with a law firm that has offered to provide pro-bono services for any of our customers

This would be a major setback to the speculative invoicing model used by Voltage, which relies on the high potential damages, plus the significant cost of defending a case (greater than the settlement demanded) to ensure a steady revenue stream. With the court restricting the intimidating language, and the offer of free legal counsel to defend the cases, it may end up being far more costly for Voltage to pursue claims than they can hope to recoup.

And while iiNet has jumped to the defense of its customers in this way, it may not be alone. The M2 group has also indicated it may provide pro-bono legal assistance in similar cases, although they have refused to commit prior to a court hearing on May 21st when a date for the transfer of customer information will be agreed.

It is not looking like Australia will be a fruitful venue for copyright trolls.

36 Comments | Leave a Comment..

Posted on Techdirt - 19 February 2015 @ 9:15am

UK Intellectual Property Office Plays Up Imaginary 'Toxic' Claim In Grabbing Food Pretending To Be From Somewhere Else

from the grab,-go-and-exaggerate dept

When it comes to regulatory enforcement, agencies are often at a loss to try and spin actions as somehow being positive. Often such seizures are seen as petty and overreaching acts focusing on business protectionism or the shutting down threats to tax revenue (permanently in some cases) by regular people, meaning that getting public support for them can be an uphill struggle. Alcohol taxes are so unpopular that it's the origin behind one of the most popular sports in the US – NASCAR. Thus it's tempting to try and upsell things by stretching claims beyond all credulity, as the UK's Intellectual Property Office (IPO) and Department of Business, Innovation & Skills (BIS) departments did recently.

Facebook followers of the IPO were confronted with this story just recently:

"Campaign cracks down on toxic fake alcohol" screams the headline, with the comment that thousands of liters were seized in Operation OPSON (a name that looks like it was short for "operation poison"). A serious bust of dangerous goods clearly, and clearly the agencies are doing a great job protecting the country, so share it and back to cat pictures.

Or you could actually read the article itself, and find the story isn't quite as portrayed, and no cyanide-filled bottles cosplaying as spirituous liquors were annihilated by brave officials. For that matter, not only is OPSON not a veiled reference to poison, it's not even a priority. At the head of "notes to editors," Operation OPSON is described quite differently:
"Operation OPSON, jointly run by Interpol and Europol, began in 2011 to tackle the criminal production and sale of counterfeit 'protected food name' products, such as gorgonzola or champagne. It is now an international project that regularly sees the seizure of hundreds of tonnes of fake and substandard food."
That's right, international police agencies are running an operation to seize food not because they are bad, dangerous, or harmful, but because they weren't made in an approved locale. While some are fairly evident and obvious, such as lamb or beef labelled "scotch" or "welsh," others are less-so. A Cornish pasty made in Devon or Derbyshire isn't actually a Cornish pasty, because it wasn't made in Cornwall. Likewise if you were to make Feta cheese, you can't actually call it Feta, unless the sheep/goat milk came from Greece. Even Belgium has wanted in on the act for its chocolate industry.

The food is fake (and presumed sub-standard) not because it's not that food, but because the place that made it wasn't within a certain circle on a map, even if it's absolutely identical and indistinguishable from the same product made inside that circle. This was never more evident than in 2007, when the protections around "Newcastle Brown Ale" were lifted… because the Scottish & Newcastle brewery wanted to move outside the circle.

But what of the toxic alcohol seized by the gallon? Well, like the goods themselves, it's not what it appears. The 2,421.5 liters grabbed by authorities are in their own words mostly "...for fake or fiscal infringing wines and spirits." Not because they were dangerous, but because of tax evasion, or trademark violations. So where's the "toxic" issue in the headline?

The poison comes from a raid in Derbyshire, where:
"There was little of the finished product or the raw materials (Coolex screenwash) in the unit but a large quantity of bottles, tops and boxes."
Never mind, because:
"A small amount of the finished product was identified, and on examination was found to contain high levels of iso-propanol. Isopropyl Alcohol (IPA) causes intense drunkenness, is often used in cleaning chemicals."
The question is, was that actually the finished product, or one that was put aside because it had those high levels? Moreover, it's not exactly the most toxic, as the LD50 (lethal dose) for a rat orally is 5045 mg per kilogram. Compare with, say, ethanol ("good" alcohol), at 3450 mg per kilogram of mouse. Probably why even their expert, Visiting Professor at the University of Reading, Tony Hines had to say:
"...even at low levels, a 'couple of doubles' will cause dizziness, low blood pressure, abdominal pain and nausea."
Not exactly "toxic" though, or all that different from regular booze, let's be fair. In fact, the major difference is that isopropyl alcohol is just more potent than ethanol. So, to drive home the seriousness of this, they close with the following paragraph.
"In 2012, methanol poisoning from fake vodka resulted in the deaths of 50 people in the Czech Republic. In 2014, 2 men were sentenced to life imprisonment for their part in this tragedy, and many others sentenced to 14 to 20 years for their part. Eighty survivors were blinded as a result of consuming the poison."
Not to be flippant about it (the incident has killed 51), but this was an incident that happened 30 months ago 1500 km away. It even used a different chemical (methanol), so its inclusion is completely irrelevant to the issues at hand, and is there solely to try and justify tax and trademark-based raids and seizures as being about safety, and pump up the "shareability" factor by giving them a excuse to hang "toxic" in the headline.

Now, don't get me wrong, tainted and unsafe goods are bad, there's no doubt about that. Yet if you're going to try and play up a safety angle, then you really have to have a safety problem to hang your hat on. The vodka made from screenwash might be disturbing to some, but "toxic fake alcohol" is pushing it, when even if every drop of vodka they seized (171.1 liters) that year were high in isopropyl alcohol, it's only 7% of the total seized. And yet we know they didn't grab anywhere near that amount, because more than 240 bottles of the stuff is hardly "little of the finished product," a description which would seem to me to indicate a dozen liters or less. And since they found only empties, it means it's already gone out, so they've not really "cracked down" on it either.

Overall, the only toxic thing seems to be the press release, and then only for any journalist sloppy enough to regurgitate it without bothering to read it. That's probably why, on Twitter, where pushback, feedback and replies are harder to bury, there's absolutely no mention of "toxic" at all.

That's because when it comes to poisonous, nothing beats hyperbolic government press releases for leaving good will stone dead.

38 Comments | Leave a Comment..