back to article 'Snoopers' Charter IS DEAD', Lib Dems claim as party waves through IP address-matching

IP address-matching powers for police and spooks are to be pushed through Parliament with the blessing of the junior member of the UK's Coalition government, after the Liberal Democrats claimed today that the Snoopers' Charter was "dead". Home Secretary Theresa May The move has been expected for some time. In May 2013, it …

  1. Disgruntled of TW
    FAIL

    Blind leading the blind

    Once again fantastic claims of "aiding crime prevention" without a shred of evidence to support them. Ms May appears ill informed, and thinks all she has to do is convince a non-technical parliamentary group to give her something she can wave as a trophy. Where are the subject matter experts, lining up to support her? Scared of peer review I expect.

    And does a DSL DHCP allocation to a router go far enough? If not, do they think ISPs can afford to deploy technology to map an individual (ID cards anyone?) to an IP address beyond the NATing router? What about public access points? VPNs? Proxies? RFC1918 addresses? They have no clue.

    If she succeeds, as there aren't enough security professionals to vote her out, she will go down as the Home Secretary that gave away our freedom.

    1. Adrian 4

      Re: Blind leading the blind

      "If she succeeds, as there aren't enough security professionals to vote her out, she will go down as the Home Secretary that gave away our freedom."

      Like all the home secretaries before her.

      1. Anonymous Coward
        Anonymous Coward

        Re: Blind leading the blind

        Like all the home secretaries before her.

        Yes. That's the role, isn't it. Shame they don't ham it up a bit; like, say, deliver these speeches as Richard the Third (okay, I suppose in one respect that's exactly what they do - but, you know, dressed for the part).

        The whole place is like a lot of poor to mediocre character actors. There were some good ones once upon a time but they kicked the bucket or anyway succummed to old age years ago. No leads. It's like English football without the Premiership or the Championship, as if Division Three was the height of our excellence.

        Cabinet Ministers trying to do comedy:

        Customer: "I wish to make a complaint"

        Director: "Register!"

        Customer: "Uh...I wish to complain about a register"

        Director: "For fuck's sake"

        Shopkeeper: "Certainly sir. If you'll just complete this form"

        Customer: "Dum de dum de dum"

        Director: "The parrot! The fucking parrot! "

        Customer: "Oh! Yes!...Er, I have a parrot!"

        Shopkeeper: "It's a very nice parrot sir!"

        Customer (to Director): "Shouldn't I say it's my wife's parrot?"

        Shopkeeper (to Director): "What if it's his second parrot? Would he even bring it in with that camera in here?"

        Director: "So much for the fourth wall."

        Customer: "This is for charity. It's tax deductible"

        Shopkeeper: "I'd be a lot happier if all this cash Children-in-Need raises every year went where it actually is needed! The sooner they're all microchipped, the safer they'll be!"

        Etc. Bored now.

    2. Anonymous Coward
      Anonymous Coward

      Re: Blind leading the blind

      Ms May appears ill informed

      Never mind that she also appears to be the daughter of Wurzel Gummidge.

      For those unfamiliar with the creature, look at that picture of the crone in the article, and then Google up an image of her dad. This could explain her feeble mindedness in handing the Stasi's requests for more snooping powers, because her brain is made of straw.

      In fact thinking about it, as May is a scarecrow, I think British politics has clearly been whisked away to fantasy land. Clegg's more than a bit of a tin man, Cameron's the cowardly lion. Which leaves the sad panda as Dorothy: "Toto, I've a feeling we're not in Hampstead now!"

      1. frank ly

        Re: Blind leading the blind

        By strange coincidence, The Independent has just published an article about how Theresa May only sleeps for 5-6 hours a night. She seems to be positioning herself as Thatcher's heiress, projecting a strong-woman image. I assume that her PR team advised against being pictured with a hunting rifle while bare chested on horseback, since two of those activities would be illegal in this country.

        I'm wondering what the effects of long term sleep deprivation are on someone's physcial and mental health.

        1. Anonymous Coward
          Anonymous Coward

          Re: Blind leading the blind

          Paranoia, detachment from reality...were you around in the Thatcher era? I was never quite sure what she was on, but it seems to have come out since her death that the answer is "sleep deprivation and whisky". Sad really, John Major was worth ten of the mad old bat, and he's still around talking sense.

      2. hplasm
        Childcatcher

        Re: Blind leading the blind

        "Never mind that she also appears to be the daughter of Wurzel Gummidge."

        Ms May IS Emperor Palpatine. The photo in the article proves it.

        1. Red Bren

          Re: Blind leading the blind

          I find it distasteful that you're condemning Ms May on the basis of her appearance, when you could be condemning her for her words and deeds!

          1. Anonymous Coward
            Anonymous Coward

            Re: Blind leading the blind

            Mrs May is the main reason to get the conservatives out of power...

            She is the reason I won't be voting for them...

    3. Anonymous Coward
      Anonymous Coward

      Re: Blind leading the blind

      And not just the issue of NATed addresses behind routers - this still doesn't meet the touted aim of "mapping an IP address to an individual". It just doesn't. It just gets you to at best, a device which is potentially shared by multiple users or at worst, a router which hosts a whole bunch of devices.

      A good few child porn cases already dropped through the net because the prosecution couldn't prove "beyond doubt" exactly who was using the computer at the time. How is this going to help?

      The worrying thing is how many politicos don't understand (or want to understand) any of this.

      1. Anonymous Coward
        Anonymous Coward

        Re: Blind leading the blind

        My wife is the only other person who shares my internet connections (assuming no wi-fi hijacking etc.) so if something came up about our IP address searching for something really bizarre and newly illegal (whatever the new thing is that's illegal) then the hammer will most likely fall on me - nevermind the fact that it will be my wife searching for stuff. She has a stronger stomach than mine and when she hears a rule 34 reference she can't help but go in search.

        "Come and look at this - it's really messed up!" she says. Mind bleach please!

      2. NumptyScrub

        Re: Blind leading the blind

        A good few child porn cases already dropped through the net because the prosecution couldn't prove "beyond doubt" exactly who was using the computer at the time. How is this going to help?

        Easy, they do it exactly like the law that required you to incriminate yourself for motor vehicle infractions; the driver (owner of the connection) is automatically held responsible unless they grass on someone else.

        Thereby solving several issues at once; the cost of a proper investigation is no longer required, they just need "went to IP address 21.22.23.24 which is Joe Bloggs" and bingo, you are guilty until proven innocent. Conviction rates skyrocket, politicians get to grandstand about how they made a difference, G&Ts all round :)

      3. Anonymous Coward
        Anonymous Coward

        Re: Blind leading the blind

        @incarnis

        Well, to be fair, the population in general doesn't understand that its pretty damn difficult to track ACTUAL individual activity through an IP address or even a device that is shared within a household, so I don't fault pols for that. Its not reasonable to expect that they are going to know IT when they pass laws that involve IT, then pivot to know about agriculture when the farm policy bill comes up, then railroads when that comes up, etc.

        However, I do fault pols for passing laws about something they don't understand. It's like saying that we need a larger water supply, and we know that there are these unclaimed icebergs in the North Atlantic, so we're going to pass a law saying that our water supply issue is going to be resolved by lassoing icebergs floating around the North Atlantic and that will take care of the issue and we don't want to hear any more about it.

        Isn't there are committee in the House of Commons that should have at least a good layman's knowledge of IT and access to some genuine experts who are not in Parliament, and come forward with "Hey guys, what you are proposing is not going to work well for the following reasons"? As with agriculture, transport, health policy--there should be people who have a reasonable knowledge of these areas within committees devoted to legislation in those areas. Or are these committee members out there, but they are cowed into silence because they don't want to piss off the IT-witless party leadership?

      4. Matt Bryant Silver badge
        Facepalm

        Re: incarnis Re: Blind leading the blind

        ".....this still doesn't meet the touted aim of "mapping an IP address to an individual"......" Think of it as prep work for IPv6, when the individual device comes with a fixed IP address. Until then, IPv4 still allows the coppers to at least track back to a firewall or router, which is a lot better than nothing. And as for logging DHCP that is childishly easy and would require trivial amounts of storage, so to say it is 'impossible' is simply untrue. Indeed, I'd be amazed if the ISPs weren't already logging all DHCP requests and IP addresses so issued.

  2. Christoph

    All these terrible things will happen!!!!!

    What a list of all the terrible things that will happen if you don't give them even more power to snoop on everything we do.

    Most of these will not be affected in any measurable way by the extra powers.

    The one thing that we do know for certain is that they will misuse the powers. Because they always, always do. Every single time any inside information on their operations becomes public, it is found that they have massively misused their powers.

    1. dan1980

      Re: All these terrible things will happen!!!!!

      @Cristoph

      ". . . will not be affected in any measurable way by the extra powers."

      This is exactly the thing. If you want to stand up and claim that Bad Things will happen unless your are allowed to disregard privacy and procedure then you should be required to list exactly what benefits you expect the changes to have.

      If they go through, there needs to be a review after 6 months. If your goals weren't achieved, the measures are repealed.

      They are so adamant that new powers will make everything better so fucking stand by that - tell us exactly HOW and by HOW MUCH. Commit to actual, MEASURABLE improvements that can be independently assessed in order to judge it a success or failure.

      What they are doing is - ostensibly - buying supposed safety at the cost of privacy and risks to our* personal information and liberties. It's a high price so tell us how much of this safety our freedoms are buying. No?

      * - I am in Australia but the same applies here.

      1. Anonymous Coward
        Anonymous Coward

        Re: All these terrible things will happen!!!!!

        @Dan1980

        Considered "should we do this" is not the nature of bureaucracies. After awhile the expansion of the bureaucracy and its powers becomes a goal in itself to keep generating larger budgets, more opportunities for employees, more happy customers who owe the bureaucracy.

        That's one of the things that I really credit America's founding fathers with, is a very clear understanding of the nature of governmental agencies who are initially "here to help". If left unchecked, before too long they start "helping" themselves to this or that at your expense.

        And if you doubt what I'm saying, think of the last time you saw a big bureaucracy that of it's own accord came to the conclusion that "we are doing too much, and we really need to cut back our activities".

  3. Will Godfrey Silver badge
    Unhappy

    This must be really bad

    Even the vast majority of BBC commentards hate it.

  4. Anonymous Coward
    Anonymous Coward

    "I'll have an IP address please, Bobby"

    It makes me nostalgic for an AOL style system where your IP address was continually changing.

    1. Tom Chiverton 1 Silver badge

      Re: "I'll have an IP address please, Bobby"

      Change your router's MAC once a week and reboot then.

      The point is not that it's easy to get around (use a public wifi hot spot) it's that it's being rammed through, as part of a grubby compromise (see DRIP) with no evidence (again, shades of DRIP).

      1. Anonymous Coward
        Anonymous Coward

        Re: "I'll have an IP address please, Bobby"

        and for the devices behind that router, or if you use dhcpd on a different box; stop using RFC1918 and start using

        subnet 195.99.147.112 netmask 255.255.255.240 {

        range 195.99.147.112 195.99.147.126;

        default-lease-time 10;

        max-lease-time 10;

        }

        Make sure the PC you do bad things from is the machine at .120 ...

        1. This post has been deleted by its author

      2. tom dial Silver badge

        Re: "I'll have an IP address please, Bobby"

        I haven't tried this with Comcast, but a few years ago I had to replace a failed Cox router which, of course, had a different MAC address. It would not establish connectivity until I had a chat with Cox tech support.

        Given that many or most of the IP addresses the provider gives out, and the number of computers and users attached to each, the evidentiary value of the information is apt to be quite low, scarcely more, in the US at least, than what is necessary to get a search warrant.

        I suspect that those who want anonymity had best change their computer's wireless MAC address and connect from a public WiFi point. That probably won't protect those who are active surveillance targets of concern to a nation-state, but would make tracking more difficult.

      3. Anonymous Coward
        Anonymous Coward

        Re: "I'll have an IP address please, Bobby"

        Try changing your mac address in windows 7 good luck with that !

      4. phuzz Silver badge
        Thumb Up

        Re: "I'll have an IP address please, Bobby"

        Note for Virgin (notso)Superhub users:

        To change your IP, put your SH back into SH mode (assuming you were starting off in modem mode).

        Then change the MAC of your router.

        Then put the SH back into modem mode.

        Just changing the MAC of your router while in modem mode will stop you from being able to connect at all.

        (You can easily change your MAC in Win7, as long as the driver for your network device allows it. It won't help you get a new external IP though)

  5. Anonymous Coward
    Anonymous Coward

    Three words about security

    I have been using a VPN for a while - OK, so maybe it's not perfect against government level tech but I'm a lot more concerned about the local busybodies than the GCHQ/NSA bunch.

  6. Anonymous Coward
    Anonymous Coward

    any recommendations for VPN router?

    Hi,

    Can anyone recommend a good router that allows VPN configuration? I'd like to get one before that becomes illegal too.

    Thanks

    anon in case this comment is regarded as aiding terrorism or something

    1. Anonymous Coward
      Anonymous Coward

      Re: any recommendations for VPN router?

      Well, for just standard privacy, I'd suggest that you abandon whatever modem/router the TELCO offers you, (mine has 3 separate admin accounts, DSLAM-side accessible, with hardwired passwords that I haven't found yet) Just take out a single short ethernet cable to your managed router. Update the firmware to whatever is latest. These ASUS below have reasonable VPN, probably insufficient entropy to upset the NSA but enough to avoid any local crims.

      Then you're free to start your real network, perhaps one of the ASUS routers, whichever is cheaper RT-N16 (maybe £70) or Asus RT-AC56U (dual-core CPU and 256MB DDR3 RAM around £75) or perhaps Asus RT-N66U for around £100 though these prices vary, (I bought an N16 really cheaply from AmazonFrance of all places)

      The asus'es have great amounts of RAM & FLASH and work much better than anything available off-the-shelf. Although in EU the 'FritzBox' router is starting to take off, if you don't like asustek. My fritzbox only speaks german, so be careful if you go that route. enjoy!

      p.s. don't forget to generate fake data, such as large use of P2P which might contain steganography, or might be harmless, or whatever... browse websites that don't interest you..automate it

    2. John Brown (no body) Silver badge

      Re: any recommendations for VPN router?

      Just because it's legal to buy one now doesn't mean it won't be illegal to use or even just own one in the future.

      Just look at the annual gun and knife "amnesties" held by the police every year. People handing over what may well have been legally purchased and owned weapons but which are now illegal even to possess.

      I'd not put it past goverment to at least try to ban or licence VPN use in the future.

    3. Rabbit80

      Re: any recommendations for VPN router?

      Just have a look for anything that supports dd-wrt firmware. I picked up a TP-Link WDR3600 for about £50 and immediately put dd-wrt on it. Works fantastic.

    4. Anonymous Coward
      Anonymous Coward

      Re: any recommendations for VPN router?

      Ubiquiti Edgemax, runs Debian/Vyatta and as such allows you to use IPSec, OpenVPN (both without much hassle) or anything else you can install on Debian. Offers more features and flexibility than most top grade routers, but only costs a fraction.

      Excellent community forum and support available at no extra cost, too.

      Mine is almost constantly logged into 3 different OpenVPNs (job related), which would be a major pain to deal with on several local devices without such a router.

      Have had it for a year now, and while the initial learning curve was a bit steep-ish, it has paid off. Super reliable piece of kit.

      (Also anon, because with several VPNs and hardly any traffic leaving the house unencrypted, I must be on somebody's radar already.)

    5. Anonymous Coward
      Anonymous Coward

      Re: any recommendations for VPN router?

      One can assume they will use this new law to force VPN services in the UK to log details of who connects by making it illegal not to keep logs. My VPN provider (tinyurl.com/safevpn - Seychelles based) would likely just shut down their UK nodes as their ethos is against this kind of thing and logging is out of the question. Their nodes in Germany, France or Nederlands are only a few milliseconds different in latency anyway. America and the UK is the last place anyone wants to host anything these days due to ridiculous snooping and related laws.

  7. Richard Boyce

    Static addresses

    It would be helpful for both law enforcement and customers, if broadband customers were always given a static IPv4 address plus a group of static IPv6 addresses for as long as they were customers, as with PSTN phone lines.

    I note that some (perhaps many?) of the ISP-provided routers have firmware that conspicuously lacks support for DDNS services or supports only one professional DDNS service. ISPs really don't want to encourage VoIP services, which could explode if static addresses were widely available to the average residential customer, OFCOM permitting Or maybe despite regulation.

    So what we have here is a battle between ISPs and government, who all want to maximise their control and use of the customer, some for commercial purposes, some for political purposes.

    1. edge_e
      Facepalm

      Re: Static addresses

      Plusnet give you the option of a static IP.

      They seem like a pretty widely available consumer ISP to me.

      And why would ISPs care about if people used VoIP more?

      1. Ken Hagan Gold badge

        Re: Static addresses

        I think just about every ISP gives you the option of a static IP and in a few years time large numbers of people will be using IPv6 as their principal connection and so have a "static" IP without even asking.

        It is interesting that both of these are currently seen as "up-market" options for geeks. Apparently Mrs May wishes to be able to track Joe Public with the same ease as she can currently track the geeks. (And yes, I'm aware that she vprobably can't track the geeks as well as she thinks she can.)

        It is also interesting that no-one has ever queried the privacy implications of (nearly) everyone having "static" telephone numbers or postal addresses. Perhaps we should be careful which battles we choose to fight. This one looks like we could let it pass. Requests for deep packet inspection or "long-term storage of everything you send" look like more important battles to win.

        1. Graham Dawson Silver badge

          Re: Static addresses

          Sure, let them have this slice of the salami. There's still loads of sausage left. Just one more slice is fine...

          1. Ken Hagan Gold badge

            Re: Static addresses

            "Sure, let them have this slice of the salami."

            They already *have* this slice. You are going to look rather foolish arguing that this is where you draw the line, when power users have been paying with their own money for many years without complaint for services that provide the spooks with this slice. If you make yourself look foolish now, when it doesn't matter, you will be less persuasive later, when it does.

      2. Tom 35

        Re: Static addresses

        "And why would ISPs care about if people used VoIP more?"

        Because a lot of them are also phone companies, or offer their own VoIP.

        1. frank ly

          Re: Static addresses

          I'm with Virgin Media in the UK and my IP address is 'static' in that it always stays the same. (Until they have a network 'upgrade', then my modem locks up and I have to phone them and they 'reboot' it and I get a new IP address). The longest time I went with the same IP address was five years. Also, if I check with whatsmyip.com and similar services, they tell me that the host name is cpc3-(redacted)-2-0-cust(redacted).cable.virginm.net, which suggests to me that I can easily be traced by anyone who contacts VM and asks them nicely where I live.

          Because of this, I have no problem directing my No-IP services to my home, until the next VM network 'upgrade' when I need to update the IP pointers.

          1. Anon5000

            Re: Static addresses

            It does make you wonder if they will force ISP's to have home routers firmware send MAC address info of devices and time of use in the future and are getting in the legal framework now. IPv6 will make it easier to identify individual machines too.

            1. Frumious Bandersnatch

              Re: Static addresses

              IPv6 will make it easier to identify individual machines too.

              Not if you use the recommended protocol where the device randomly picks its own address. It's called (<clickety>) "stateless address assignment", apparently (SLAAC).

              I had a longer reply here, but I deleted it. The short version is that you use rfc4941 to make each machine pick a random, time-limited address instead of basing it on its MAC address. For this sort of setup to work well, you need to have a /64 address space for each physical LAN you have. Most tunnel brokers only offer that as the default option, so you might need to ask for a larger address space if you need to segment your LANs (such as in my case where I separate gigabit from 100Mb segments).

              I was ready to set up such a system (with a tunnel broker) until about 2 weeks of to-ing and fro-ing with my ISP's customer support finally ended up with them saying that they "couldn't" enable the two things that I needed on their side to get this to work. What two things? Bloody simple things, actually: respond to pings from the tunnel broker on their router and allow for forwarding of protocol 41 packets. I tried asking for someone higher up in the chain, but never got an answer. I have a dedicated server (with a single /64 IPv6 address range) out on the net, so I could set up a VPN on it and securely route one of my subnets out over it but in the end I decided it wasn't worth the hassle...

  8. Cipher
    FAIL

    Sady this woman has no clue as to how easy it is for a bad person with merely average skills to overcome her "solution."

    A case could be made that with the inevitable tuts on neutering her grand plan expanding all over the interwebz that she is actually assisting bad actors.

    Terrorists and organized crime already know how to evade detection, soon cyberbullies will as well...

    1. Anonymous Coward
      Anonymous Coward

      Came here to say exactly the same thing. The magic "IP-matching" gives you a billing address and a name. What it completely fails to take into account is that a home/business internet account is a bloody gateway. At least whoever is living in the house, plus potential 'guests' use that IP and that's just taking kosher use into account.

      There's also use of VPNs; outsiders using that connection through open wifi; outsiders using compromised machines on that network; direct assault on the router or a bunch of other ways in.

      I can have 4 different IP addesses without moving from this chair. A short walk would net me a beer and a bunch more. And, of course, full naughty mode with Kali would net a potentially infinite number of IPs.

      Even if the law was to be approved; the evidence it produced would be circumstantial, at best, so -as laws go- it is not fit for purpose.

      1. billse10

        "Even if the law was to be approved; the evidence it produced would be circumstantial, at best,"

        It's late but that's just made me think of a scenario:.

        Prosecution: It was this IP address, so it was you.

        Defence (carefully briefed): Prove it.

        P: This IP address was allocated to your router at the time.

        D: Not my router, mate, ISP gave it to me. Their router, I don't own it, or get any say in it's management.

        P: They say this IP address was allocated to your house, and under the ConLabDem-sponsored "FSCK Freedom" Act that means whatever was done from that IP address was done by you.

        D: Really? No-one at ISP has the brains to falsify logs then? Really? Let's ask them. One at a time. Call witness (one of ten thousand) ...

        D: ok, so now we know the ISP employs a load of people capable of faking it. Who says i'm responsible?

        P: Err, the Home Secretary

        D: Right, let's have her/him on the stand next. This'll be fun.

        P: Err .. err .. panic panic .. Crown Immunity

      2. Anonymous Coward
        Anonymous Coward

        Yep, I just scanned a village with a 2.5GHz Yagi antenna & a Pineapple

        I'm not as good as GCHQ who can allegedly do this from 8km, but at just 2 kilometers distance I was able to scan an infinite number of nearby Wi-Fi Access Points, and being evil(for research purposes only) I chose one WPA2 AP, used Kali, generated a number of unencrypted 802.11b/a/n/g management frames & success! I chose an AP that I owned, and intercepted traffic from my own device from 1.3 miles away!!! not-line-of-sight

        It means that even a 'secure' Wi-Fi access-point associated with an 'IP-address' isn't necessarily responsible for all the traffic,

        further this 'secure' Wi-Fi access-point associated with an 'IP-address' could be hacked for between £0 and £100, depending on whether you make your own yagi or repurpose summat else,

        finally as my TELCO supplied modem/Router associated with my 'IP-address' has lots of back-doors/management-ports/GCHQ-scans/Putin-bot-scans then even I don't know the origin & destination of every packet floating around my system, but they could plausibly be from someone/something else

        circumstantial? how do we explain "security/risk" to an 'establishment' judge??

  9. John Watts

    won't somebody please think of the children!

    "For example, it can be used to identify a child who has threatened over social media to commit suicide."

    I'd argue the information on their profile would be a better and quicker way to identify them.

    1. Anonymous Coward
      Anonymous Coward

      Re: won't somebody please think of the children!

      But that involves asking a US corporation for information which they may not give you because of the pro-corporation (and pro-abuser) mess that is now case law around the First Amendment.

    2. Anonymous Coward
      Coat

      Re: won't somebody please think of the children!

      "For example, it can be used to identify a child who has threatened over social media to commit suicide."

      So pro-actively monitoring children's posts on social media are we? Perverts!

      1. Ken Hagan Gold badge

        Re: won't somebody please think of the children!

        "So pro-actively monitoring children's posts on social media are we? Perverts!"

        Careful with that line of argument. There is plenty of case history on El Reg forums for the proposition that once you've posted on the web then it is public and you can't really claim a privacy breach if it is read by people who you don't know.

        Also, you'd only be a pervert if the posting was obscene, although with the UK's silly laws you wouldn't know that until you'd read it by which time it would be too late. Oops!

        Also, also, I can't help but observe that suicide is irreversible, so if you are going to do anything then I suppose you ought to be pro-active rather than retro-active.

        Also, also, also, didn't the Samaritans try this the other week and were quickly slammed for the idea. Now Mrs May thinks it should be law. Sheesh! Go figure.

  10. nsld

    All you need

    Is an open wifi network of which you will find plenty and Tor running and you are good to go, use a dumb terminal with no hard drive and an OS on a stick and what will they have?

    This is really aimed at the man/woman in the street so that the mission creep we saw with RIPA can be enhanced so they know what episode of strictly you watched when you put the wrong bin out.

    And that's before we get people spoofing IP address details or cloning kit to make it look like someone else is up to no good.

  11. Mrd000

    It's not nesessary the evil

    I disagree from the article writer and all the comentary.

    First, even if somebody uses some simple techniques, it's still possible to trace the source. That might be important in some cases.

    I undestand that most of the writers are ignorant enough because there was no major terror act happened since 2007 (?) in the UK. So they think nobody actually targeted the UK and it's safe. Actually, I'm sure there was a lot of effort being made to stop that activity.

    Another reason for total ignorance is that nobody from those commented had any serious problem yet. If they have they will change their thinking. If you or your relatives are in trouble then you will be extremely happy about any help, even a little, from anywhere. Whether it is theft (which is not that bad) or somebody was raped and the video was put online or something like that.

    Oh, that's awful, but I ... don't use any VPN at all. I don't hide. And I don't think I'm in a weak situation. I don't do anything unlawful. And I realise that nobody could have enough time to spy on me all day long. It just does not make sense.

    Any commercial or political use of IP matching is not realistic. And it's not something you can get easily, nobody sells that data and will never have right to sell that data. Requests are usually done for a specific case. Major ISPs have that mapping anyway even for CGN (NAT inside the ISPs). Any sensible and smart person understands that there are critical times when you really need to know who that person was. That might be another 9/11 for example. Or it might be some network attack as well. There are many cases.

    The whole hysteria created by media is simply a bubble in my view. There is nothing there. It's just to attract attention to the media. I'm confident that IP matching databases exist in all major ISPs. So any legislation will just make that a rule for everyone and set particular retention period.

    Yes, you can get some information from different sources. But imagine that somebody killed your relative and you have an IP which might lead to a killer. Will you want your privacy (which is basically something in your mind which tells you that you are not secure for some potential, hypothetical or just simply made-up reason) or do you want police to trace that IP?

    1. John H Woods Silver badge

      Re: It's not nesessary the evil

      "But imagine that somebody killed your relative ..."

      Stupid argument, I'm suprised you're not ashamed to make it. I was going to explain why it's stupid, but I'm sure you're too stupid to understand, so I won't bother. Perhaps I'll just ask whether you would like government/police operated TV throughout your house? No? But what if somebody killed your relative?

      1. Anonymous Coward
        Anonymous Coward

        Re: It's not nesessary the evil

        I expect that as somebody who has nothing to fear because they have nothing to hide, that you leave the bathroom door open when you go for a shite?

    2. Anonymous Coward
      Anonymous Coward

      Re: It's not nesessary the evil

      I pity your ignorance.

      There are many notable instances of mission creep from laws designed to combat terrorism.

      Obviously, you'd happily give up your privacy and freedom for the illusion of security, because that's all it is, an illusion, and one designed to fool idiots like yourself.

      Obviously this government employed technique is working as designed on you. Now go away and do lots of reading and educate yourself as to why laws such as this do nothing to stop all the things talked about and only serve as a tighter grip on freedom loving, law abiding citizens. You were but one step away from using the "If you have nothing to hide why worry argument", this argument is also very easily debunked as really stupid.

      1. tom dial Silver badge

        Re: It's not nesessary the evil

        "There are many notable instances of mission creep from laws designed to combat terrorism."

        If that is true you should have no difficulty listing three or four examples related specifically to telecommunications provisions like those authorized by section 215 of the US Patriot Act or mentioned in the article.

        1. Anonymous Coward
          FAIL

          Re: It's not nesessary the evil

          @ Tom dial:

          "If that is true you should have no difficulty listing three or four examples related specifically to telecommunications provisions like those authorized by section 215 of the US Patriot Act or mentioned in the article."

          This has fuck all to do the the Patriot ACT, you have the wrong country. I know we are the US' bitch, but hell, learn where the UK is.

          but as you demand "three or four examples"

          Eat this:

          http://www.itv.com/news/story/2012-08-22/councils-using-terror-laws-to-snoop-on-the-public/

          Just search for RIPA abuses for hundreds more.

        2. phuzz Silver badge
          Thumb Down

          Re: It's not nesessary the evil

          "no difficulty listing three or four examples related specifically to telecommunications provisions"

          OK, I'm sure some of our US cousins can give you examples from the Patriot act, but as the article is about UK laws, here's some examples of the British government abusing it's powers as regards telecommunications:

          1) The Met used RIPA to pull the phone records of a journalist, to discover the identity of a source who was making the police look bad:

          http://www.theguardian.com/media/2014/sep/02/plebgate-met-phone-records-sun-tom-newton-dunn

          Note that there was never any hint of terrorism in this case, or indeed any other kind of threat. the RIPA bill was used as that gave the police access without going through a judge.

          2) Kent police did the same with another journalist, who had written stories that lead to the disgrace of an MP:

          http://www.pressgazette.co.uk/second-police-force-admits-using-ripa-spy-journalists-phone-records-and-out-confidential-sources

          (when police forces were asked how often this happened, they refused saying it was at "matter of national security")

          3) Animal right activists were forced to turn over passwords to computers:

          http://www.theregister.co.uk/2007/11/14/ripa_encryption_key_notice/

          And a whole pdf full of some more:

          http://www.bigbrotherwatch.org.uk/TheGrimRIPA.pdf

          And this is just abuses of RIPA.

          (And while we're on the subject, let's not forget the The Prevention of Terrorism Act, 1974, which was supposed to be a temporary measure with a shelf life of 6 months, and was extended, and extended, before finally being made permanent in 1989, despite the threat [the IRA] that it was designed to combat ceasing to be a danger.)

    3. nsld

      Re: It's not nesessary the evil

      "But imagine that somebody killed your relative and you have an IP which might lead to a killer."

      I can't ever recall reading about a murder where someone was beaten to death with a router on a static IP address!

      UK police can request the connection data for any ISP currently and they will get something, the grim reality is that the something they get may not yield anything for a variety of reasons. This new law doesn't change that in the slightest.

      What Treasonous May is moving towards is wholesale collection and retention for extended periods, something the European court declared illegal last year and led to the rushed emergency legislation for DRIP.

      As for your opening comments many of us are old enough to remember the threats and attacks from the medieval terror bastards IRA long before the events of 11/9 and we didn't need our privacy and liberty destroyed to deal with them.

      1. MrXavia

        Re: It's not nesessary the evil

        many of us are old enough to remember the threats and attacks from the medieval terror bastards IRA long before the events of 11/9 and we didn't need our privacy and liberty destroyed to deal with them."

        Exactly! We don't need useless legislation that won't even protect us.

    4. fruitoftheloon
      FAIL

      @Mrd000 Re: It's not nesessary the evil

      Mrd,

      I can't be assed to read your whole diatribe (have a dinner to cook), you could surrender every smidgeon of privacy you have, do you seriously think all the bad guys will collectively say "Damn, we had better give this sh!t up, find a proper job and become a fully-rounded member of society"?

      A LITTE UNLIKELY EH?

      Fyi a family member was in close proximity to a provo bomb going off in London (thankfully finished his shift at a different time), I have also had one go off 10 yards from my desk in central london (I was working at home at the time), my best friend just missed getting splatted by the bus bombers in central London.

      Have I changed what I do with my life? No f'ing way, if you do, THEY HAVE WON.

      Terrorists and random nutters are just that, we have had them since the dawn of time and always will.

      Please do us all a favour and think about the implications of what you are saying...

      Better switch the oven on now.

      J

    5. Rol

      Re: It's not nesessary the evil

      and when this proposed legislation has had zero impact on terrorism, "what" we will be asking "was the point of it?"

      Well, imagine polling day. The ruling junta are tracking everyone and have noticed the majority of cars heading toward home along the motorway are opposition supporters coming back from the usual twelve hour minimum wage shift.

      A quick thinking minion of the state realises car crashes at junctions 12 and 13 will prevent many commuters from reaching the polls in time and ten marginal wards will be prevented from voting in opposition MP's.

      Far flung fantasy? Possibly. Well, most possibly, but beyond the scope of technology and the proposed legislation? No. Not at all.

      If we are to go down the big brother route, let's find a big brother organisation that could be trusted to keep our secrets from our glorious leaders until such a time sufficient evidence is produced to suggest society might benefit from unmasking your internet activity. Trouble is I can't for the life of me think of one British institution that wouldn't cave into government demands for nothing more than a favourable tax inspection or a get out of jail free card.

    6. Anonymous Coward
      Anonymous Coward

      Re: It's not nesessary the evil

      > But imagine that somebody killed your relative

      But you told me to take care of him, so I took care of him. Besides, he was fucking annoying anyway.

      A few people here have called you an idiot, and I don't usually condone online name calling. There are exceptions though.

    7. Anonymous Coward
      Mushroom

      Re: It's not nesessary the evil

      Three letters

      IRA.

      I had a friend injured by the IRA in a blast in London and he is a VERY staunch defender of human rights and is a active member of Amnesty and Privacy International.

      I also was stood next to a car bomb in Birmingham just a minute or two before it (unsuccessfully) went off. (http://news.bbc.co.uk/1/hi/england/1636919.stm). Do I think that because of that I think every bit of information should be gathered up on everyone? No. As pointed out, this is for Terrorists and Peado's, oh and victims of cybercrime, oh and trolling, oh and those that illegally download music and films, oh what about TV license evaders, yes, oh and benefit cheats, hey, why not those that haven't paid a parking fine, and those that watch that beheading on YouTube....yes I know it may be a 13 year old kid but they MAY become radicalised (don't really care if it is a white catholic girl, doesn't matter, they MAY become radicalised).

      Successive governments have a PROVEN track record of mission creep, give them an inch and they will take a mile.

      I have nothing to hide, but doesn't mean I want every faceless civil servant knowing what I do.

  12. Will Godfrey Silver badge
    Unhappy

    And another thing

    There is something deeply disturbing about a government, any government repeatedly trying to force though legislation that the people they are suppsed to represent have clearly said thay don't want.

    1. Anonymous Coward
      Anonymous Coward

      Re: And another thing

      Why?

      Its been going on for years. Who voted for open door immigration and the handing out of British passports like smarties? Who voted to have their rubbish collected every two weeks? Who voted for the Lisbon treaty, or indeed to hand British sovereignty to Brussels? Who voted for the expensive and crap energy policy? Who voted for untrammeled globalisation and offshoring of UK jobs to make the City richer? Who voted for state-owned RBS to pay billions of pounds in undeserved staff bonuses? Who voted for weak and ineffectual regulators in telecoms and finance? Who voted to get embroiled in Iraq, Libya, and increasingly in Syria? Who voted for HS2? When they agree after the next election to build another unnecessary runway for a London airport, who will have voted for that, other than the lobbyists? Who (outside of Scotland) voted to give even more money to Scotland for voting "no"? Who voted for poorly constructed international tax treaties that enable multinationals to brazenly dodge UK taxes?

      That's why UKIP are on a roll. Not because they have any answers, but because they aren't the established incompetents of Conservative, Labour or Liberal. I'm certainly not expecting much of UKIP, but regardless of the consequences they're guaranteed my vote.

      1. Anonymous Coward
        Anonymous Coward

        Re: And another thing

        As UKIP is run by a hedge fund trader who went to a public school, and has just acquired a new MP whose views are to the right of Farage, I think we can safely say that UKIP is more of the same but just further right. And I think I can say, since I'm not a Labour MP, that Rochester White Van Man is stupid since he has just been fooled into voting for someone who regards him as a useful idiot helping him get into power, seemingly failing to notice that that someone is more similar to Cameron and Clegg than any of the other candidates and was parachuted in in the first place, while the actual Conservative candidate was local and has real world experience. Mark Reckless; just like us, if we went to Marlborough and Christ Church Oxford, there to read PPE. Perhaps his under-footman has a white van.

        God preserve us from illiterate voters, is what I hope. But I doubt she's listening.

        1. Sir Runcible Spoon

          Re: And another thing

          "And I think I can say, since I'm not a Labour MP, that Rochester White Van Man is stupid since he has just been fooled into voting for someone who regards him as a useful idiot helping him get into power"

          Are you sure about your facts here?..

          "He (Dan Ware) is the sort of voter Labour needs on its side if it is to stand any chance at next year’s general election, but is so disaffected with politics he says he “can’t even remember when I last voted” because: “No matter who you have in, it doesn’t matter.” He had not even been aware that a by-election was happening in Rochester and Strood before reporters started knocking on his door. "

          So he wasn't fooled into voting at all.

  13. Anonymous Coward
    Anonymous Coward

    I can see why, in theory, the police would like to do a reverse lookup on an IP address to get the name of a person but this just won't work for a multitude of technical reasons. Any half competent defence lawyer should be able to mount a very robust defence against this sort of evidence along the lines of "prove it was my client using that IP address and not one of the dozen other people running through that NAT". At best it gives the police minor time saving to narrow it down to an address / subscriber. The chilling possibility is that this could pave the way towards the sort of legislation we have with cars e.g. the owner is forced to tell the police who was driving when an offence was committed.

    Anyway, putting that to one side for a moment I can't see why we need this bill in order to stop terrorist attacks. Since the IRA stopped blowing us up I can think of only one major terrorist incident: the July 2005 bombings. Sure, there's been a couple of other incidents that were nasty but it's hardly like things are blowing up left right and centre. Since they keep telling us there's a terrorist around every corner I can only assume that the police have been doing an excellent job with the powers they have and therefore they don't need any more.

    1. Neil Barnes Silver badge

      There have been a number of terrorist actions *claimed* to have been stopped. Oddly enough we never find out what they were.

      I can't recall a single instance where someone has made use of an IP address to prove a case.

      I'm not sure which would be most damaging to May's case: either 'we haven't actually had any cases like this' or 'yes, we've had seven hundred and forty in the last week, and this is the list...'

      Once again: there is exactly *no* need for terrorist-specific laws. Everything a terrorist does is covered by existing law, and the terrorist-specific laws are designed to avoid little inconveniences like evidence, oversight, and a jury of one's peers. We have this odd convention in this country: you're not guilty until *after* the trial at which you are found guilty.

    2. jonathanb Silver badge

      Most of the terrorist incidents come from animal rights groups, not Islamists or Irish Republicans.

      1. Intractable Potsherd

        Of course, you have proof of that, jonathan?

    3. Anonymous Coward
      Anonymous Coward

      ^^ This....

      "The chilling possibility is that this could pave the way towards the sort of legislation we have with cars e.g. the owner is forced to tell the police who was driving when an offence was committed"

      Indeed. I've been involved in talking to plod about some activity on a given IP, and I specifically asked them the question about why they were speaking to who they initally spoke to - and it was down to "we start by talking to who is paying the bill". Very S172.

      Discuss anything to do with DHCP, leases, multiple local devices, rebooting routers, hosted services (that respond to queries), wireless access points, visitors etc etc tends to sail straight over their heads, in a very scary fashion.

    4. Chris_B

      "Any half competent defence lawyer should be able to mount a very robust defence against this sort of evidence along the lines of "prove it was my client using that IP address and not one of the dozen other people running through that NAT"."

      Unfortunately that used to the be the original defence when speed cameras came in. "Prove it was me driving"

      So what did they do? yup, they changed the law so that the car owner was liable.

      Next step? You make the Router owner liable for all traffic.

      I really don't like the way this is all going.

      I wonder if the Houses of parliament have open WifFi ? :)

  14. Boris the Cockroach Silver badge

    Just

    tell ms May and the clueless nitwits that the terrorists are using a hidden internet to communicate their evil plans and that to access it, you need to connect at the IP address 127.0.0.1

  15. Lee D Silver badge

    Methinks we're going to see a lot of attacks from 192.88.99.1 (the standardised IP 6to4 address).

    When this website can't even be bothered to put in an AAAA, what chances do the ISP's have of possessing forensic tools able to trace it back?

  16. Anonymous Coward
    Anonymous Coward

    What's new about tracing an IP address to an individual?

    .. I thought they had been able to do this for many years.

    Doesn't every ISP keep a log which contains IP addr, time-date, telephone number? Or, if not telephone number, then some data that uniquely identifies "the other end of the telephone wire".

    If not, will some knowledgeable person here please explain how it all works. Thanks!

    1. Dan 55 Silver badge

      Re: What's new about tracing an IP address to an individual?

      I thought so too. I suppose the head of AAISP will post something soon at revk.uk to explain what's going on.

      1. Dan 55 Silver badge

        Re: What's new about tracing an IP address to an individual?

        It seems he's as confused as anyone else...

        http://www.revk.uk/2014/11/theresa-may-loses-plot-again.html

        So the change is not technical. So having not checked, it I assume the AC is right, it probably allows more fishing expeditions.

    2. Anonymous Coward
      Anonymous Coward

      Re: What's new about tracing an IP address to an individual?

      > Doesn't every ISP keep a log which contains IP addr, time-date, telephone number?

      Yes, but if you wanted to access that information you would need to go see a bloke wearing a funny wig who will want explaining exactly what crime one is suspected of and how that piece of information will help you in bringing one to justice.

      As opposed to going on random fishing expeditions, you see.

  17. Anonymous Coward
    Anonymous Coward

    She and the people wanting these powers are unlawful incompetent mobsters

    Yes, what the legal system would call criminals, if the people running it were honest!

    Anyone competent doing anything where security is critical is probably using at least one layer of VPN and proxies already, so tracking IPs will only catch newbies, lower income people, the less intelligent, or small fish; basically tracking IPs will be a useless waste of time and resources.

    The private snoops and state 'security' already have so much traffic volume to scan and increasing broadband speeds are reducing exposure time, so I'd be surprised if they can find many a "needle in a haystack" at all, which is why I'm not concerned yet.

    I'll move to unlogged VPN(s) when I see enough tracking competence to make it necessary; I don't yet!

    1. Anonymous Coward
      Anonymous Coward

      Re: She and the people wanting these powers are unlawful incompetent mobsters

      "[...] so I'd be surprised if they can find many a "needle in a haystack" at all, which is why I'm not concerned yet."

      That's a variant of "I'm innocent so I have nothing to fear".

      That mindset is laudable - but it assumes that the individual agents of the State are all idealists who would die rather than betray our rights.

      Unfortunately they are only to human with rent to pay - and with varying degrees of pride and career ambition. The institution mindset too easily breeds the philosophy of "the end justifies the means". If it's a personally important numbers game - then human nature will try to ensure the totals look right irrespective of how they were fudged.

      The needles in the haystack are proverbially hard to find. Easier to just pick a small piece of straw and say it looks like a needle. The temptation to stop looking too closely is in proportion to the career and intangible personal rewards based on getting an approved answer. When your superiors buy into your (self)deceit for similar reasons - then your backside is covered when they cover theirs.

      I have seen IT engineers do that. They think they have solved a difficult problem quickly - while they have been ignoring contradictory evidence. It doesn't even have to be a conscious decision - it's just the way some people are wired. Their superiors may take some vicarious credit by loudly praising the engineer's ability and efficiency. - and then find the truth inconvenient when the system falls over again.

  18. John Brown (no body) Silver badge
    Windows

    IP Freely...

    ...available to match to people?

    Does this mean your inate ability to remain hidden is now all out in the open?

  19. Anonymous Coward
    Anonymous Coward

    This is Round 2

    They lost round 1 when Directive 2006/24/EC (Their directive. Let us not forget Britain was its main and most enthusiastic sponsor) was found to be in contravention of fundamental rights earlier this year in Strasbourg.

    What they are attempting to do now is come back with the same thing, but at a national level, and therefore hope that it will fly under the radar. It would be interesting to challenge this new law in court on the basis that the same principles are being violated as in the aforementioned Directive, if anyone still in Britain has any self-respect left and is willing to do that.

  20. Anonymous Coward
    Anonymous Coward

    Fantastic bit of double talk there, wasn't it?

    The LibDems: "And we congratulate ourselves on this new law which violates your privacy and presumption of innocence. We could have passed another one which would be even worse."

  21. Anonymous Coward
    Anonymous Coward

    Anyone thinking this is any use for actual crime fighting...

    I used to live in Spain and wanted my address updated on my residence document once, but had no means to prove that I actually lived where I lived, since everything was on someone else's name. So I called the police and asked them what to do.

    Their advice: "Oh, don't bother. If we ever want to find you, we will find you."

    That day I learned in Spain you can live as a free man, until the day you actually do something wrong. Suited everyone fine. :-)

    1. Anonymous Coward
      Anonymous Coward

      Re: Anyone thinking this is any use for actual crime fighting...

      That day I learned in Spain you can live as a free man, until the day you actually do something wrong.

      From a relative experince, I'll ammend

      That day I learned in Spain you can live as a free man, until the day you actually realised you forgot to pass the *letter* to the local mayor to refill your swimming pool in order to get the correct permit.

      1. Anonymous Coward
        Anonymous Coward

        Re: Anyone thinking this is any use for actual crime fighting...

        > From a relative experince, I'll ammend [sic]

        Yes, of course. With that said, that stroke my curiosity enough to discuss it with friends in various police forces. They confirmed that they don't keep tabs on everyone as that would be an utter waste of their time and resources, apart from being illegal.

        A couple of interesting bits of information I discovered were how little data they actually have about "normal" people (I've seen my own record on their systems), and that details gathered about people during the course of an investigation are not accessible even by other policemen unless they are granted authorisation by the officer in charge. This stops the curious from using the police systems as a source of gossip or as a second Facebook to spy on the girlfriends, etc.

        > until the day you actually realised you forgot to pass the *letter* to the local mayor to refill your swimming pool in order to get the correct permit.

        Mayors in Spain are as corruptible / incorruptible as anywhere else, if that's what you meant.

        1. Anonymous Coward
          Anonymous Coward

          Re: Anyone thinking this is any use for actual crime fighting...

          "I've seen my own record on their systems"

          Is that a breach of the supposed controls on access to that data?

          The ECRB clearance process is supposed to cough up some of the "soft intelligence" on a person. As that file could also include hearsay that was slanderous or libellous then the police would not be keen to let the person see their file.

          There is a worrying trend in the UK to pass laws to punish people - for something for which a criminal prosecution would fail due to lack of evidence. ASBOs were the start - and the latest HO proposals are enshrining the idea of summary justice conveniently bypassing the basic concept of "innocent unless proved guilty beyond all reasonable doubt".

          Investigations of apparently innocent people often appear to be intended as a form of deterrence and summary punishment. Their addition to the "soft intelligence" then becomes a source of self-perpetuating reasons for that person being targeted again in the future.

  22. Anonymous Coward
    Anonymous Coward

    Ho hum

    Tor, VPN. SMB*.

    *Suck My Balls

  23. Schultz

    "communications data capability gap", "gaps in our armoury of powers",

    but what about the gap between her ears? Shouldn't we worry about that one too?

  24. Anonymous Coward
    Anonymous Coward

    Assuming this works

    Assuming this works [which it won't] this would track all the MPs and their Lovers and all the political party backers - hedge funds and the like; financial institutions and all the rest.

    There was a recent thing called phone hacking - will this be open to IP hacking?

    The main politicos want the majority kept silent and only focused on which celebrity is bonking another celebrity's wife; what's going on in the big brother house or the jungle; who went off Strictly; the football news or name your own...

    You do realize that for "newspapers" like the Sun, that each paragraph is one sentence. Their front page headlines tell you what they think is important. Keep the masses quiet! [and ignorant!]

    The broadsheets generally have more analysis and I imagine that they'll be all over this.

  25. corestore

    Two immediate thoughts...

    1. "The inability to link IP addresses to individuals poses serious challenges for law enforcement agencies." - well THAT is code for internet passports or ID cards. It's one thing relating an IP address to a name on a bill - hell, copyright infringement lawyers have been doing that for years, going after the account holder (very dubiously). But that's obviously useless for intelligence purposes and NOT what .gov are talking about; they're demanding the ability to identify *individuals* - even on shared internet connections, public WiFi hot spots, internet cafes etc etc. That means some kind of passport or digital fingerprint...

    2. There's one obvious hole in this; prepaid (and overseas roaming) cellphones, bought and paid for with cash. There's no paper trail there, no way to identify that with a specific named individual - at least not with present technology...

    Very very worrying stuff.

  26. Anonymous Coward
    Anonymous Coward

    Wouldn't it be easier to just check the GDS or Airlines for a PAX?

    "These measures are among a package of tough new powers that will address specific gaps in our armoury of powers to disrupt travel to Syria or Iraq and manage the risk posed by returnees."

    As to everything else "follow the money" normally works better than anything else.

  27. Wiltshire

    A confused SysOp writes:

    I really really would love to be able to relate a specific IP address to a specific user, to find the wa**er who has been gaming my employer's online customer loyalty rewards scheme.

    Yes, browser session records do contain the IP address of the connecting device. Problem solved?

    No, more problems raised. As previously pointed out, an IP address is of limited use because there are so many routers and gateways funnelling NAT connections. A mobile user's IP addresses will be changing, and only likely to form a pattern if (e.g.) they travel the same way to & from work day in and day out.

    It's even worse in this case because the naughty so-and-so I'm trying to trace is using multiple browers over a TOR connection.

    99.9%+ of people that you can ID from a specific address are dumb or innocent or both.

    The less-than-0.1% of real concern are going to be masking their real IP address.

    Professionally, I'd be more interested if we had a way of finding the MAC address. Then we would be much closer to identifying a truly specific device-user. Now, how do we do that?

    1. Sir Runcible Spoon

      It's childs play to spoof a MAC address you know.

      1. Vic

        It's childs play to spoof a MAC address you know.

        It's also largely pointless when you're connected with PPPoA...

        Vic.

  28. Derek Kingscote

    This is Insane

    The service providers could say how many individual IP addresses are re-connected every day. Each IP address might have 5 devices connected through it - PC; laptop tablets; etc.

    Some people log on and off 27 times a day [and 27 different IP addresses.] Then there are the mobile devices, wait until we have intelligent fridges and ovens; the Nest thermostat is half way there.

    They will be buried under data, and the ISPs will be fighting to not to collect this anyway. If you have internet passports or ID cards, then that has to be authenticated - the ISPs will have to sign up to that with the authentication happening before you can connect to anything.

    Another case of Government of Insanity.

  29. Anon5000
    Coat

    3rd paragraph...

    ...before they mentioned PedoTerrorists.

    Last one out turn off the lights

  30. MustyMusgrave

    Sigh, incompitance is the downfall of US all...

    Listen Carefully Kiddies:

    Cupcake (1.5)

    Donut (1.6)

    Eclair (2.0–2.1)

    Froyo (2.2–2.2.3)

    Gingerbread (2.3–2.3.7)

    Honeycomb (3.0–3.2.6)

    Ice Cream Sandwich (4.0–4.0.4)

    Jelly Bean (4.1–4.3.1)

    KitKat (4.4–4.4.4)

    Lollipop (5.0)

    Why would anyone take "Candy" from Strangers?

    Read the Quotes from senior programmers around the world carefully...

    "All SoC (system on chip developers should die!) - Linus Torvald...

    The irony, those SoC chips which he publicly has a go at nVidia about, are actually OpenSource, it's a Linux SoC Chip made in TEXA's you know, that place with a UTAH datacenter?!?

    It's the hive mind brain child of Microsoft & Redhat Linux & More Googliness!

    Which is why everybody should just swap to a system that respects, security and privacy, it's called Berkley Secure Demon! Complete with LibreJS & LibreSSL... Gen. Alexander "Hackers need to do better!" Sadly no, your education must be lacking, hackers can break password hashes in 0.11 nano seconds with John the ripper.. Because one agency got into bed with IBM in 1976 and promoted a secure password hashing algorithm called the Data Encryption Standard (DES aka: Lucifer!) which was withdrawn publicly from circulation in 1999 by the National Information Standards & Technology (NIST) at the time in 1997 a replacement was offered called the - Information Concealment Engine or I.C.E for short, which was not adopted because it has no weak "keys" as a consequence 17 years later everybody is now a hacking victim, because your Agency, couldnt do what is was tasked with doing back in 1997!

    in your WAR against cryptography you fail to understand that Cryptograhic Standards are open standards and the reason your security is suffering is because you guy's held it back, you stupid old goat!

  31. Thecowking

    Clearly all they need to do

    Is make a GUI in Visual Basic to trace the killer's IP in real time.

    I saw it on the telly.

    https://www.youtube.com/watch?v=hkDD03yeLnU

  32. Anonymous Coward
    Anonymous Coward

    Don't many mobile networks use the same Internet IP for many customers?

    Will be fun to see how they get around that.

  33. colinvj

    Old Teflon Drawers and her obsession with control power

    Well if old Teflon drawers (nothing ever sticks to her , its always someone else,s fault) really thinks this rubbish will work, then let her and her followers put it in place, its all about making them think they are clever.and trying to impress others . Do they honestly believe that terrorist and others, cant overcome this?, how does this square up with "Whats App" and their decision to encypt ALL messages or others by using secure encypted VPN .

    She is obsessed with wanting power to control everyone ,she is the next best thing to a dictatorship, trying to controll the population, and ensuring they cant read or access forbidden works.

    Russel Brand sounds more normal by the day, none of these idiots are worth voting for, when they knock on your doors in the next few months , be sure to tell them so.

  34. Anon5000

    ECJ / European Court of Justice

    In April the ECJ declared the ISP data retention stuff invalid as it went against the “fundamental right to respect for private life and the fundamental right to the protection of personal data” which lead to some ISP's in Sweden deleting all the logged data of their customers. I would assume that UK isp's should be abiding by this ruling too while we are still in the EU. Theresa May is attempting to trump this ruling among the many other atrocities she is attempting to rush through without oversight.

  35. Anonymous Coward
    Anonymous Coward

    Some poor soul...

    ...took the trouble to go down the thread downvoting every comment that did not agree with The Official Stance.

    Bless them. :-)

  36. lucki bstard

    So basically

    - Pendrive Linux

    - Old laptop

    - Pay cash at a Starbucks and use different Starbucks for free wi-fi

    And you've bypassed everything.

    The bill won't solve anything, but then that is probably the idea. It doesn't need to solve anything, it just needs to get her airtime and build up her reputation on making tough decisions. If it fails to pass it may make her position better; it could easily be spun as the present politicians lack ability to make tough decisions, so she needs to get an office with more power. And she is probably begging that the bill if passed then gets blocked by Brussels. Not only does she then get a reputation of a protector of the people, tough on (insert latest buzzword), but she also can get the euro-sceptic vote as well.

    Win Win as far as she's concerned.

    Would Sir Humphrey love it? You might think that, I couldn't possibly comment.

  37. Anonymous Coward
    Anonymous Coward

    Meh

    Can you not feel the democracy. Words fail me, it fills me with an awe inspiring sense of pride to know our leaders have the necesary courage, and the resolve required to make difficult decisions in these difficult times. Without people like Theresa May, terrorist bombers, and paedophiles would be littering every street corner... :P

  38. Richard 12 Silver badge

    Collective Responsibility?

    Surely this should mean the members of the Cabinet are personally responsible for the inevitable fines DRIP and this new piece of illegal legislation will garner from the ECHR?

    Maybe that would start to concentrate minds.

    Only personal consequences work when dealing with such people.

  39. earl grey
    FAIL

    why does the term "stupid bint" come to mind?

    Anyone?

  40. Anonymous Coward
    Anonymous Coward

    The internet is inside a box.

    The problem is they think the IT Crowd is a factual documentary.

    The IT Crowd - Series 3 - Episode 4: The Internet

    https://www.youtube.com/watch?v=iDbyYGrswtg

    It's all in the box! It must be easy!

    You have to decide which bit is the comedy, Theresa May and the Govt or the IT crowd!

  41. Zap

    So easy to overcome

    Whenever they come out with these ideas it always shows they know sweet FA about technolofy.

    So what happens is that the whole population is monitored and has their privacy invaded while the actual villains use a VPN like this https://bitly.com/vpn01 which has 44,000 IP addresses to choose from and allows you to state your locations.

    Even if they did not spring $60 for that they might just grab one of the less secure 20,000+ proxies advertised every day.

    Maybe that is the idea, get people to use these VPN services and then have MI5 hack the VPN provider.

    I have used these to watch BBC TV while abroad and in my work or just when I do not like the idea of being snooped on.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon