Comms-slurping public bodies in UK need crash course in copy 'n' paste
The UK's public authorities slurped up more than 750,000 items of communications data during 2016, with more than 1,000 reported errors – of which 29 were deemed serious. The figures were revealed today in the Interception of Communications Commissioner's Office (IOCCO) annual report. Although Commissioner Stanley Burnton …
COMMENTS
-
-
-
Wednesday 20th December 2017 15:33 GMT Anonymous Coward
Re: Buttle/Tuttle
It used to be that it was considered more important that the innocent were not convicted than the guilty were, but for certain offences that appears to have been reversed. Unfortunately we seem unable to accept that in an imperfect world if every clever, articulate and devious criminal is to be convicted then it is inevitable that we will also convict a lot of innocent people who are less articulate, and who never for a moment dreamed they would ever have to prove their innocence. I would be interested to hear one of the activists campaigning for increased conviction rates say that they accept a lot of innocent people will be convicted and maybe even volunteering to be one of them.
Its even worse with children of course. If we ensure that no child is ever harmed by a parent by taking them into care when there's even the slightest of concerns about the parents then we will inevitably take into care a lot of kids with perfectly adequate parents, and the children will then have far worse outcomes (to use the buzz word) than they would have had otherwise. How many children's lives is it acceptable to destroy to save the lives of others? I don't pretend there are easy answers, but it would be enormously helpful if the various activists didn't pretend there were, and that somehow some bit of government legislation or some extra grants would magically make for a perfect world.
-
-
-
-
Wednesday 20th December 2017 15:24 GMT Anonymous Coward
Re: IPv6
I was regularly allocated ip4 address with 5 octets by a 'Network Engineer'. After he left we discovered that for years he'd added hundreds of static routes with typos to core switches whilst trying to get things to work.
Hundreds of munged static routes with gateway typos or worse; more static routes on the wrong gateways sending the traffic off somewhere else ......
-
-
-
Wednesday 20th December 2017 15:45 GMT the-sbray
It is an impossibility to link IP addresses to individual devices. I take it no-one in authority has any idea of how NAT works, never mind how DHCP can dynamically assign IP addresses and therefore reuse the same IP address across several customers. It has been proven time and again in county courts that IP addresses alone cannot be used for verify a user/customer.
-
-
Wednesday 20th December 2017 17:33 GMT Blotto
Re: I wish I had more upvotes to give
IPv4 or IPv6 gives the IP of that connection at that particular moment in time. That's why they want to have ISP keep the so called connection meta data as it is a cornerstone in tying access request to a location, but must be used with other supporting data like subscriber log data to understand who's account had that IP at that exact moment in question, not before or after.
-
Wednesday 20th December 2017 19:56 GMT Anonymous Coward
Re: I wish I had more upvotes to give
"IPv4 or IPv6 gives the IP of that connection at that particular moment in time."
When ISPs are dynamically multiplexing several users onto one external IPv4 address - then it is the changing source port numbers that have to be tracked and matched as well. The port number can be any one of about 64,000 numbers. The multiplexing of several users concurrently is how real world IPv4 address shortages have been staved off for so long. Any port number may be assigned to a user's connection for only a few minutes - before becoming free and then re-assigned to someone else.
It is not unknown for that multiplexing process to take place more than once in a connection's path - not necessarily in the same ISP's network. It can be very tricky, if not nigh on impossible, to untangle such a trail from normal logging.
Even a home router will multiplex several devices onto one ISP internal IPv4 address by dynamically allocating source port numbers as connections are made and broken.
-
-
-
-
Thursday 21st December 2017 17:45 GMT TrumpSlurp the Troll
VPN
For my sins i provide a VPN service to selected expats.
So someone connects in to the Raspberry Pi then connects out again with our IP address.
Useful if your bank or building society is an arsehole about accepting connections from abroad.
So the user of our IP address could be anywhere in the world.
This makes me think that if you want to stay stealthed you connect to a VPN, then link through another VPN, and then connect to your target.
As for retyping IP addresses that should be like raw meat to a defence lawyer.
-
Thursday 21st December 2017 23:04 GMT Nick Kew
Re: VPN
As for retyping IP addresses that should be like raw meat to a defence lawyer.
A specialist lawyer who knows there's something to look for, aided by a techie. And by a team of juniors to do the donkey work of laying their hands on the original data (things like, get a court order for an ISP to release relevant logs, having figured out what logs will be relevant). That'll be something like the price of a house.
-
-
Thursday 21st December 2017 23:09 GMT Nick Kew
I wonder if that's anything like what happened to me, when plod turned up on my doorstep looking for [dodgy geezer who lived here some years ago], and took a pull-the-other-one attitude to my protesting I'm not him?
The fact there were no fewer than five coppers on the doorstep suggests not just that they're over-resourced but that they were taking something seriously.
-
Friday 22nd December 2017 01:16 GMT Henry Wertz 1
Mediacom did this
Our local cable company, Mediacom, did this. I had my cable internet shut off several times . When I finally went in in person to find out what the hell, it turned out A) they had been sending the "copyright violation notices" to the wong address (mistyping it every time) and b) the ip address not only had never been assigned for me (dynamic dns kept a log of what IP I had), it was for a town hundreds of miles away! I cancelled service on the spot and got DSL.
-
Friday 22nd December 2017 05:48 GMT Steve Browne
Nothing to hide ....
In another post the good old "nothing to hide, nothing to fear" mantra was rolled out, I do hope he reads this and realises just how wrong he is. I am firmly of the opinion that privacy is extremely important and that investigative spying and surveillance ought to be restricted with serious oversight to ensure that people are properly protected from over zealous investigators.
Arresting innocent people for serious offences would be an unpleasant experience for the victim.
-
Saturday 23rd December 2017 12:32 GMT Wensleydale Cheese
CTRL+C/CTRL+V isn't foolproof either
"How to fix the fat-fingered problem? Well – and it seems almost incomprehensible that the body had to dedicate an entire chapter to pointing this out – give people the power of CTRL+C/CTRL+V"
I've noticed when copying and pasting IP addresses out of logs, it's just too easy to miss out the first or last digits from an IP address.
There's also the problem of getting the correct line when doing it visually.
It's far better to write a script to ensure accuracy.