Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6
Mark Smith <markzzzsmith@gmail.com> Thu, 02 November 2017 21:07 UTC
Return-Path: <markzzzsmith@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36C7213F95E for <v6ops@ietfa.amsl.com>; Thu, 2 Nov 2017 14:07:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.497
X-Spam-Level:
X-Spam-Status: No, score=-1.497 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tahz9YG2mtf9 for <v6ops@ietfa.amsl.com>; Thu, 2 Nov 2017 14:07:20 -0700 (PDT)
Received: from mail-vk0-x235.google.com (mail-vk0-x235.google.com [IPv6:2607:f8b0:400c:c05::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9ED4813F682 for <v6ops@ietf.org>; Thu, 2 Nov 2017 14:07:20 -0700 (PDT)
Received: by mail-vk0-x235.google.com with SMTP id j2so579944vki.4 for <v6ops@ietf.org>; Thu, 02 Nov 2017 14:07:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=tGKcelLpluesqfo+cEMd3ID5VC9PGvSJXiMRbjTJxGc=; b=d8+s4P+mNv3qCj+KZWzHDp3g/kN7zJhpXrtRcRKQGxOpgOU8uAKqq/FTQDVWtFWFYX EEVkBwnnZ8VAjY2kfTLnJWxWHAqq83fDegyuSD3CYkS1L9Gg8S/HAZzeJZ0CcplUbFBn cHAZPzp9nhsbWEV2G4Ka60O9DmB1ti2vy37Cxvbl8zzpWtGwqLTpNnVKWYYGgnPzoSts t44OZnidN3oMWfxStGkCf+K+ITk914fCqZDHnKphy3stJpR3VEWU7QiRY9Gzn0Y5qz0j gco95F8shBsvVj6oYBVhhrjxt65oz0lJsLgCZ+nIceCrxVNSZFnrAXRO2aI+dg6vlqyN IhlQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=tGKcelLpluesqfo+cEMd3ID5VC9PGvSJXiMRbjTJxGc=; b=WS/PV9jAhhnWyjmHBaIsVY1eG4tPiRBPJ4eDEXZmkLCWS6Ef7V9W/Ur2DQVXv5U9jX 4PXUb2Ja4pIuXLX6bH0N8uOtGZ/QohTvyczrcET/lk1Ab11shEsVV6s0qBquzVt3ZL8I 2HBUH3G8t+lEpEX1TlyvU5vXxTldCsuIt8Yy0gcREvQjJbh6qhH7M5V1YusmUs4AyLdG dTPBr5o23GrG+f7WOVCY4LycfHjlXakoI8pzDu1NV6bmcOOZMevN+ialDB0CChPSI7pV 97W3+QF2N/28mWE2hSYUT3rJo4EewfMx4+eyUBphVPTPgtqmSAiNbet7rkjKizTFPHQs W0vg==
X-Gm-Message-State: AMCzsaW906PtNCPS3gDG5gzYIahYvXrA7hMtaK1i/HA6Z5AG8LOrFxrU dVhLKOXQ12XaoO1ludmX8WIiXTIa3gGdrtaYW3Q=
X-Google-Smtp-Source: ABhQp+QdXRf5Afy1QG+Ldz0YiOIA/a8/ik/An+yOEXeFWeUWoxtCrG7GFOsgPpHHwVusK9SmBv2/c9UB9vfnSZ9WHU8=
X-Received: by 10.31.165.214 with SMTP id o205mr3898457vke.147.1509656839651; Thu, 02 Nov 2017 14:07:19 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.159.52.221 with HTTP; Thu, 2 Nov 2017 14:07:18 -0700 (PDT)
Received: by 10.159.52.221 with HTTP; Thu, 2 Nov 2017 14:07:18 -0700 (PDT)
In-Reply-To: <CAO42Z2y4QC3gC0s0wKRvVDv9sWr9gQWzWzPksPEJN5KP+sZaLg@mail.gmail.com>
References: <f403045ef57ac52962055bd88b84@google.com> <20395E98-DA55-447F-BEFE-CB581A88BB78@gmail.com> <alpine.DEB.2.20.1710190655260.31961@uplift.swm.pp.se> <20171019083506.6627a166@echo.ms.redpill-linpro.com> <alpine.DEB.2.20.1710190856530.31961@uplift.swm.pp.se> <787AE7BB302AE849A7480A190F8B93300A056EB5@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <CAHw9_iLWAMexrfXwsdB8duGa5ueJMofqVRqNck6DeOzA=KChqA@mail.gmail.com> <C4E37677-A2FB-49F8-B362-C29B28DFD570@daveor.com> <D618D79F.8AA1A%lee@asgard.org> <22C655A9-AE02-4885-98B5-7515C49E7F2B@employees.org> <B20ECDCB-1EFD-4265-BE13-5AE1E92335AE@gmail.com> <95274753-7241-47DE-B463-0341248FAE38@employees.org> <5FA44821-D6C2-4A9C-A1A5-59BECB65B4F4@gmail.com> <D4975FFD-0A2A-49C7-BF91-9EE18429E197@daveor.com> <CAO42Z2yW1SGhmcYQNgJk35_ua7nu9LRGLv0_ChC=EavwfydnQA@mail.gmail.com> <1A0AE76A-FA3C-4BDE-B8D9-C8D2E060A8A8@gmail.com> <81B18C7D-76F7-40BC-8252-D833DDF95254@daveor.com> <CAO42Z2y4QC3gC0s0wKRvVDv9sWr9gQWzWzPksPEJN5KP+sZaLg@mail.gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Fri, 03 Nov 2017 08:07:18 +1100
Message-ID: <CAO42Z2z8i-Gd1DdGp1FJakzBAZpRFtboZiRcwZmmat=YcTLPoQ@mail.gmail.com>
To: Dave O'Reilly <rfc@daveor.com>
Cc: Fred Baker <fredbaker.ietf@gmail.com>, Tore Anderson <tore@fud.no>, "v6ops@ietf.org" <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="001a11415eeea90758055d065fe9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/7YLgWDp-XfnJJ6oPRcVjjUWG5YI>
Subject: Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Nov 2017 21:07:22 -0000
On 3 Nov. 2017 3:56 am, "Dave O'Reilly" <rfc@daveor.com> wrote: Totally agree with your assessment of the value of IP data - it cannot alone be used to identify an individual, and I don’t think you’d find many law enforcement officers anywhere who would disagree with that assessment. As I mentioned in the email I just wrote, even if the IP address identifies a specific device/endpoint (which it almost always doesn’t) that in no way attributes the activity of that device to a specific individual. HOWEVER: taken in the broader context of an investigation, IP address can play an important role in either pointing the investigation in a particular direction or corroborating evidence gathered from other sources. I doubt anybody here disagrees with that. The concern I have is that LEAs adopt a view that because address sharing is not necessary in IPv6, an IPv6 address becomes believed to be indisputable and absolute evidence that a particular individual who owns the device assigned that IPv6 address is the person responsible for all actions committed using that IPv6 address. I think the fundamental human desire for doing the least possible and making your evidence collecting job as easy as clicking a mouse button a few times makes that a risk. Regards, Mark. daveor > On 30 Oct 2017, at 02:41, Fred Baker <fredbaker.ietf@gmail.com> wrote: > > > >> On Oct 29, 2017, at 11:48 PM, Mark Smith <markzzzsmith@gmail.com> wrote: >> >> Geoff Huston's article on >> >> Metadata Retention and the Internet >> >> https://telsoc.org/ajtde/2015-04-v3-n1/a4 >> >> might be of interest. >> >> "The Metadata Retention measures being considered in Australia make some sweeping assumptions about the semantics of IP addresses and their association with individual subscribers to the Internet. But are these assumptions warranted?" > > In that context, the European Data Retention Directive (which has now been struck down by the European Privacy Court) and the activities by the "Five Eyes" in that regard, notably the US NSA, have been very much about metadata. I asked a Dutch agency representative once what their reason for lawful intercept in general and metadata capture specifically was, and he indicated "mapping criminal networks". They wanted to determine who spoke with whom, with a view to identifying members of a community, presumably an evil community. > > I note that the European Privacy Court has (apparently) specified that an IP address is "Individually Identifiable Information", the kind of thing that might be discussed in https://tools.ietf.org/html/rfc7721. I have asked repeatedly what privacy folks think might be an IID below the application layer, and that is the one thing they have come up with. On the point, I would argue that data of that type is not *identification*, but it might be possible to correlate it with other information due to operational practice. To my mind, stomping out correlations is a game of whack-a-mole; someone that desperately wants to find a correlation will probably find something that mostly works for their purposes, even if they have to discard spurious correlations to do so. In my view, that's what we see here: we might be able to correlate an IP address with a computer or subscriber, but we can't stop people in a business or family from using each other's computers. It is at best an investigative tool, not proof of something in particular.
- Re: [v6ops] Google Alert - IPv6 Paul Marks
- Re: [v6ops] Google Alert - IPv6 Fred Baker
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Brian E Carpenter
- Re: [v6ops] Google Alert - IPv6 Rajiv Asati (rajiva)
- Re: [v6ops] Google Alert - IPv6 Ca By
- Re: [v6ops] Google Alert - IPv6 Erik Kline
- Re: [v6ops] Google Alert - IPv6 Mikael Abrahamsson
- Re: [v6ops] Google Alert - IPv6 Tore Anderson
- Re: [v6ops] Google Alert - IPv6 Mikael Abrahamsson
- Re: [v6ops] Google Alert - IPv6 mohamed.boucadair
- Re: [v6ops] Google Alert - IPv6 Ca By
- Re: [v6ops] Google Alert - IPv6 Lorenzo Colitti
- Re: [v6ops] Google Alert - IPv6 Alexandre Petrescu
- Re: [v6ops] Google Alert - IPv6 Warren Kumari
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 Ca By
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] Google Alert - IPv6 mohamed.boucadair
- Re: [v6ops] [SUSPECTED SPAM] RE: Google Alert - I… Ole Troan
- Re: [v6ops] [SUSPECTED SPAM] RE: Google Alert - I… mohamed.boucadair
- Re: [v6ops] Google Alert - IPv6 Lee Howard
- Re: [v6ops] Google Alert - IPv6 Erik Nygren
- Re: [v6ops] Google Alert - IPv6 Lee Howard
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Ole Troan
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Fred Baker
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Ole Troan
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Fred Baker
- Re: [v6ops] Google Alert - IPv6 Fernando Gont
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Gert Doering
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Mark Smith
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Fred Baker
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] Google Alert - IPv6 Fred Baker
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] Google Alert - IPv6 Mark Smith
- Re: [v6ops] Google Alert - IPv6 DY Kim
- Re: [v6ops] Google Alert - IPv6 Fred Baker
- Re: [v6ops] Google Alert - IPv6 DY Kim
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Mark Andrews
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Lee Howard
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 t.petch
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Mark Smith