Too late
I assure you that criminals have been perfectly aware of the advantages of using mobile data for quite some time now. Not for nothing is there now an iPhone botnet.
Mobile operators have kicked off the PR war against identifying those sharing files by revealing themselves as the ideal conduit for any kind of online crime. The details come from the Mobile Broadband Group, which counts all the UK's operators as members and told ZD Net that mobile operators don't allocate IP addresses to …
You'd have to keep a record of every single outgoing transaction and the source/destination somewhere. That's a *big* database.
it's just not enough to have a database of local IPs and a couple of public IPs, you need to link them, and with NAT that means on a per-connection (and for some protocols) per-packet, with millisecond accurate timing.. because if your time isn't provably accurate you'll finger the wrong person.
the mobile operators have basically just given the go ahead to do everything illegal online via their services.
my home pc's connect to the net via a NAT router, if i tried that excuse, you don't know which pc it was, i'd be held responsible for any illegal activity as the owner of the connection. Surely it's only covering their own backs to record ip's, if only to prove it wasn't them downloading all the child porn, bomb making instructions and planning a terrorist attack.
"Given that network operators already store the location of every handset on the network and the details of every call and text - not to mention counting every byte of data carried - it might seem a small thing to record IP address allocations. But the operators we contacted admitted they keep no such records."
Keeping records of IP allocation would be utterly pointless to identfy a "filesharer" - on the filesharing network all you can see is the address of the gateway. Even if the internal address allocation was stored, it wouldn't help to identify a specific user.
Four of the UK mobile operators have participated in railroading the current LTE and post-rel 8 3G design through 3GPP.
This design passes all IP data traffic through a centralised entity called a PDC which the specification states should be able to do deep packet inspection, NAT and P2P control. The entity is an evolutionary extension of the current GGSN element in 2.5+G networks and some of the functionality is already present in the GGSNs (or their supporting elements) on the market.
So to summarise the technobable - BS you plonkers!!! By the time this requirement will go live you will have the capability in the network and you have actively forced its formulae through the standards.
As usual, a knee-jerk legislation proposal from government reveals that they don't have a clue when it comes to IT.
The ubiqity of network access, and the rise of pay-as-you-go 3G connections, means that tracking down and cutting off a single individual is impossible in reality. Anyone who is cut off can stick two fingers up and get a new connection as many times as they want to.
If Mandelson has to resign for a third time, does that mean he is banned from politics forever?
"The same mechanism is used by companies, originally to preserve IP addresses, but these days mainly as a security mechanism as the NAT will only route data that was requested from an internal user, blocking attacks from the internet automatically."
Actually it's still mainly used to preserve IP addresses, in fact even more so these days than before. Because there are more internal users, and less available IPv4 public addresses. Companies will use firewalls to stop inbound traffic from the internet, they won't rely on NAT to do so. Besides, what do you think usually performs the NAT? More often than not it's the corporate firewall.
That being the case, I don't really see why a new £35 milllion database is necessary. Firewall logs will already show the private addresses being natted to public addresses to specific destinations with timestamps, assuming the mobile provider uses Checkpoint on one platform or another, which (as far as I know) almost all mobile providers do. What's the alternative? Junipers? ASAs?
This will be great for PAYG customers as you can just give any name, so even if they build there £35m database, still no true way they can identify its you, unless they start delving very deeply into all your phone calls etc which they won't be allowed access to.
Anyone can register a PAYG device in any name, think I'll start a PAYG in the name of David Beckham and see what happens
When you establish a PDP context (data connection for the non-technical among us), the mobile operator's GGSN uses a RADIUS server to authenticate the user and assign an IP address to it. One of the parameters passed to the RADIUS server is the IMSI of the mobile requesting the connection; its a trivial job for the RADIUS server to log the IMSI and assigned IP address.
My qualifications for saying this - I designed and built a commercial internet POP that interfaces to a 3G network via the operator's GGSN. The RADIUS server used in the POP logged everything, including IMSI and IP addresses.
Commercial/Industrial connections are different. The vast majority of 3G connections share a small number of public IP addresses. When the RIAA/MPAA/BPI/whoever discover a filesharer, all they have is a public IP address, and a time. That IP address will be linked back to many IMSIs, so is useless. You'd need to log a lot more information to pin it down to an individual.
In the case of Vodafone, for several weeks recently, external customer IP addresses allocated in the range 212.183.140.x would change every ten seconds or so during one ongoing connection. Wreaked havoc with online-banking authentication/security.