Monday, April 11, 2016

Digital hell: this Kansas farm is the default location for 600 million IP addresses


Kashmir Hill at Fusion.net has a related story - a rather impressive piece of investigation that the bigger news outlets never seem to undertake any more. Extensive excerpts below, but read the whole thing:

Eighty-two year old Joyce Taylor of Potwin, Kansas and her renters have been visited by all kinds of mysterious trouble. They’ve been accused of being identity thieves, spammers, scammers and fraudsters. 

They’ve gotten visited by FBI agents, federal marshals, IRS collectors, ambulances searching for suicidal veterans, and police officers searching for runaway children. They’ve found people scrounging around in their barn. The renters have been doxxed, their names and addresses posted on the internet by vigilantes. Once, someone left a broken toilet in the driveway as a strange, indefinite threat.

The trouble for the Taylor farm started in 2002, when a Massachusetts-based digital mapping company called MaxMind decided it wanted to provide “IP intelligence” to companies who wanted to know the geographic location of a computer to, for example, show the person using it relevant ads or to send the person a warning letter if they were pirating music or movies. But here's the problem:
... IP mapping isn’t an exact science. At its most precise, an IP address can be mapped to a house. (You can try to map your own IP address here.) At its least precise, it can be mapped only to a country. In order to deal with that imprecision, MaxMind decided to set default locations at the city, state and country level for when it knows only roughly where the IP address lives. If it knows only that an IP address is somewhere in the U.S., and can’t figure out anything more about where it is, it will point to the center of the country.
For the last 14 years, every time MaxMind’s database has been queried about the location of an IP address in the United States it can’t identify, it has spit out the default location of a spot two hours away from the geographic center of the country. This happens a lot: 5,000 companies rely on MaxMind’s IP mapping information, and in all, there are now over 600 million IP addresses associated with that default coordinate. If any of those IP addresses are used by a scammer, or a computer thief, or a suicidal person contacting a help line, MaxMind’s database places them at the same spot: 38.0000,-97.0000.
Which happens to be in the front yard of Joyce Taylor’s house.

Taylor's house isn't the only spot with such problems - Mr. Hill examined MaxMind's database of IP addresses, and although the 600 million at was the worst, there were several other similar spots, including one near me, in Ashburn, VA:
Tony Pav lives in a house at the end of a cul-de-sac in Ashburn, Virginia. Among other things, Ashburn is home to a number of large data centers—the giant buildings that companies like Google and Facebook use to store their huge clusters of servers. As a result of all of these data centers, there are a gigantic number of IP addresses associated with Ashburn—more than 17 million in all.
And due to the way MaxMind selected its default locations, all 17 million of these IP addresses appeared to be located in Pav’s home.
Pav first started experiencing problems four years ago. In 2012, he came home late one night to find the police about to break down his door. They said they were looking for a stolen government laptop with personal information on it. He let them in to search; it wasn’t there, even though its IP address was pointing right at his house.

“They tore up my house looking for it, and found nothing,” he said.

One important lesson here is that IP addresses, which get used as digital evidence in criminal trials and to secure search warrants, are not always reliable. IP addresses were meant to allow computers to talk to each other, but have been repurposed to reveal details about the person behind that computer. The words “security” and “address” in their titles promise more than they can deliver.

Now that MaxMind is aware of the consequences of the default locations it’s chosen, Mather says they’re going to change them. They are picking new default locations for the U.S. and Ashburn, Virginia that are in the middle of bodies of water, rather than people’s homes.

Read the whole thing at Fusion.net.

1 comment:

  1. Oh great, so the cops will be dredging that lake twice a week.

    ReplyDelete