back to article Comms-slurping public bodies in UK need crash course in copy 'n' paste

The UK's public authorities slurped up more than 750,000 items of communications data during 2016, with more than 1,000 reported errors – of which 29 were deemed serious. The figures were revealed today in the Interception of Communications Commissioner's Office (IOCCO) annual report. Although Commissioner Stanley Burnton …

  1. Dan 55 Silver badge
    1. Semtex451
      Megaphone

      Re: Buttle/Tuttle

      We knew that. Didn't we?

      "People have been arrested for crimes relating to child sexual exploitation. Their children have been taken into care, and they have had to tell their employers."

      This simply cannot go on.

      1. Anonymous Coward
        Anonymous Coward

        Re: Buttle/Tuttle

        It used to be that it was considered more important that the innocent were not convicted than the guilty were, but for certain offences that appears to have been reversed. Unfortunately we seem unable to accept that in an imperfect world if every clever, articulate and devious criminal is to be convicted then it is inevitable that we will also convict a lot of innocent people who are less articulate, and who never for a moment dreamed they would ever have to prove their innocence. I would be interested to hear one of the activists campaigning for increased conviction rates say that they accept a lot of innocent people will be convicted and maybe even volunteering to be one of them.

        Its even worse with children of course. If we ensure that no child is ever harmed by a parent by taking them into care when there's even the slightest of concerns about the parents then we will inevitably take into care a lot of kids with perfectly adequate parents, and the children will then have far worse outcomes (to use the buzz word) than they would have had otherwise. How many children's lives is it acceptable to destroy to save the lives of others? I don't pretend there are easy answers, but it would be enormously helpful if the various activists didn't pretend there were, and that somehow some bit of government legislation or some extra grants would magically make for a perfect world.

        1. Anonymous Coward
          Anonymous Coward

          Re: Buttle/Tuttle

          The Home Secretary said it best when they said they'd rather 1,000 innocent people be hanged than allow one guilty to go free.

          1. Anonymous Coward
            Anonymous Coward

            Re: Buttle/Tuttle

            [citation needed]

            No, I'm not accusing you of making it up, but I would genuinely like to read the quote in context, please

  2. my farts clear the room
    Holmes

    Nigel who?

    Nigel Land?

    Nigel Lang, I think you'll find .....

    http://www.bbc.co.uk/news/uk-39328853

    1. Semtex451

      Re: Nigel who?

      Rebecca making a clever point about typos (I hope)

  3. David Austin

    IPv6

    If they're not getting it right for less than twelve characters in IPv4, lord help them when widespread IPv6 kicks in...

    1. Anonymous Coward
      Anonymous Coward

      Re: IPv6

      I was regularly allocated ip4 address with 5 octets by a 'Network Engineer'. After he left we discovered that for years he'd added hundreds of static routes with typos to core switches whilst trying to get things to work.

      Hundreds of munged static routes with gateway typos or worse; more static routes on the wrong gateways sending the traffic off somewhere else ......

    2. Steve Evans

      Re: IPv6

      My thoughts exactly!

  4. Anonymous Noel Coward
    Black Helicopters

    >This "greatly increases the risk of error", he said – especially when so much of the data processing is done manually.

    "But it increases our arrest statistics, and that's what matters."

  5. the-sbray

    It is an impossibility to link IP addresses to individual devices. I take it no-one in authority has any idea of how NAT works, never mind how DHCP can dynamically assign IP addresses and therefore reuse the same IP address across several customers. It has been proven time and again in county courts that IP addresses alone cannot be used for verify a user/customer.

    1. Anonymous Coward
      Anonymous Coward

      I wish I had more upvotes to give

      IPv4 does not give the machine and it does not give the user.

      1. Blotto Silver badge

        Re: I wish I had more upvotes to give

        IPv4 or IPv6 gives the IP of that connection at that particular moment in time. That's why they want to have ISP keep the so called connection meta data as it is a cornerstone in tying access request to a location, but must be used with other supporting data like subscriber log data to understand who's account had that IP at that exact moment in question, not before or after.

        1. Anonymous Coward
          Anonymous Coward

          Re: I wish I had more upvotes to give

          "IPv4 or IPv6 gives the IP of that connection at that particular moment in time."

          When ISPs are dynamically multiplexing several users onto one external IPv4 address - then it is the changing source port numbers that have to be tracked and matched as well. The port number can be any one of about 64,000 numbers. The multiplexing of several users concurrently is how real world IPv4 address shortages have been staved off for so long. Any port number may be assigned to a user's connection for only a few minutes - before becoming free and then re-assigned to someone else.

          It is not unknown for that multiplexing process to take place more than once in a connection's path - not necessarily in the same ISP's network. It can be very tricky, if not nigh on impossible, to untangle such a trail from normal logging.

          Even a home router will multiplex several devices onto one ISP internal IPv4 address by dynamically allocating source port numbers as connections are made and broken.

    2. DJO Silver badge

      It is an impossibility to link IP addresses to individual devices.

      But it must be possible, how else could Microsoft phone me up to tell me about the virus on my (non-Windows) PC?

    3. Warm Braw

      reuse the same IP address

      WIth carrier-grade NAT, the same (external) IP address may be assigned to several customers simultaneously. That's potentially a lot of splintered doors.

      1. Anonymous Coward
        Anonymous Coward

        A small sacrifice

        for the common good citizen.

  6. TrumpSlurp the Troll

    VPN

    For my sins i provide a VPN service to selected expats.

    So someone connects in to the Raspberry Pi then connects out again with our IP address.

    Useful if your bank or building society is an arsehole about accepting connections from abroad.

    So the user of our IP address could be anywhere in the world.

    This makes me think that if you want to stay stealthed you connect to a VPN, then link through another VPN, and then connect to your target.

    As for retyping IP addresses that should be like raw meat to a defence lawyer.

    1. Nick Kew

      Re: VPN

      As for retyping IP addresses that should be like raw meat to a defence lawyer.

      A specialist lawyer who knows there's something to look for, aided by a techie. And by a team of juniors to do the donkey work of laying their hands on the original data (things like, get a court order for an ISP to release relevant logs, having figured out what logs will be relevant). That'll be something like the price of a house.

  7. Nick Kew
    Terminator

    I wonder if that's anything like what happened to me, when plod turned up on my doorstep looking for [dodgy geezer who lived here some years ago], and took a pull-the-other-one attitude to my protesting I'm not him?

    The fact there were no fewer than five coppers on the doorstep suggests not just that they're over-resourced but that they were taking something seriously.

  8. Henry Wertz 1 Gold badge

    Mediacom did this

    Our local cable company, Mediacom, did this. I had my cable internet shut off several times . When I finally went in in person to find out what the hell, it turned out A) they had been sending the "copyright violation notices" to the wong address (mistyping it every time) and b) the ip address not only had never been assigned for me (dynamic dns kept a log of what IP I had), it was for a town hundreds of miles away! I cancelled service on the spot and got DSL.

  9. Steve Browne

    Nothing to hide ....

    In another post the good old "nothing to hide, nothing to fear" mantra was rolled out, I do hope he reads this and realises just how wrong he is. I am firmly of the opinion that privacy is extremely important and that investigative spying and surveillance ought to be restricted with serious oversight to ensure that people are properly protected from over zealous investigators.

    Arresting innocent people for serious offences would be an unpleasant experience for the victim.

  10. Anonymous Coward
    Anonymous Coward

    All good reasons to make sure they don't know your [actual] IP address.

  11. Wensleydale Cheese

    CTRL+C/CTRL+V isn't foolproof either

    "How to fix the fat-fingered problem? Well – and it seems almost incomprehensible that the body had to dedicate an entire chapter to pointing this out – give people the power of CTRL+C/CTRL+V"

    I've noticed when copying and pasting IP addresses out of logs, it's just too easy to miss out the first or last digits from an IP address.

    There's also the problem of getting the correct line when doing it visually.

    It's far better to write a script to ensure accuracy.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like