echelon. They government already has the ability to tap phones. They've done it very well over the years. Maggie abused it to spy on her cabinet. No kidding. They just want the ability to do it with internet too. Monitoring by security services is fine by me. Logging should only be done for proper criminal activity, and no-one outside of the security services should ever have access to it. If they proposed that bill I reckon most sane people would say fair enough.
wish I knew more on this stuff... I thought IP6 was just a way of extending the IP system to give more addresses, a bit like extending the phone number area code like they do every so oftenOriginally Posted by directhex
IPv6 is a different and incompatible layer 3 protocol - it shares a purpose with IPv4, but is different in many ways, not least of which is the massively increased address space. The IPv6 'Internet' is logically separate to the IPv4 one, although bridges do currently exist to aid in compatibility between the two.
Last edited by watercooled; 11-05-2013 at 05:14 PM.
Broadly speaking, yes. But the problem being cited here is NAT (multiple computers or people sharing one IP address, such that logged IP addresses cannot be mapped to devices or users) - there's no technical need for NAT in an IPv6 world (although it'll still totally happen anyway)
It's corruption. It leads to corruption as the Maggie example shows.
It's FB, only with legislation as your terms & condition in a society that hasn't culturally decided how it will understand and place in a context peoples' behaviour online.
Some numbers.
There are 4,294,967,296 IPv4 addresses, of which 588,514,304 are reserved (i.e. not useful for devices on the Internet) so 3,706,452,992. So give every person on Earth a smartphone, and you're already 100% oversubscribed and need to use things like NAT
There are 340,282,366,920,938,463,463,374,607,431,768,211,456 IPv6 addresses, of which who cares how many there are, you could give every person on earth a billion addresses and never run out.
Forgive my stupidity but is an ip address for each individual househould ( mine and my neighbours are both different) or each household within a area is the same ( me and my neighbours have the same )
The first. Well, sort-of.
The basic idea is that any device connected to the net needs a unique address, the IP address, so the net infrastructure knows how to communicate. In practice, in almost all domestic situations, that "unique" device is your router.
Your router will have an IP that, at any given point in time, is unique to it. Yours and your neighbours will be different. But note that "at any given time" bit. Your router will have a unique IP, but it will not necessarily remain constant. Your router gets an IP addressk on loan, on a "lease" from your ISP, and when the lease expires, your ISP may renew the existing number, or may issue a new one.
So, the number that identifies your router today may be issued to your neighbour tomorrow.
Finally, inside your router there's a process called NAT - Network Address Translation. Several IP address ranges are "reserved" for special purposes, the mist common being 192.168.x.x. Your router gets an address within that range, say, 192.168.0.1. When you turn your PC on it asks the router for an IP, and your router says "sure, you're 192.168.0.2" .... or whatever. Then, you turn your tablet on and it gets 192.168.0.3. And so on.
So when either of those want to talk on the net, the router translates that 192.168 address into the unique IP it got from your ISP, sends the message out to the web, say to Hexus, gets the reply back (addressed to that unique IP), translates it back into 192.168.etc and sends it back to whichever device sent the request out.
So at any given point in time, the IP address of your router is unique in the world, but chanfes over time.
And at any given point in time, there will be millions of devices using 192.169.x.x but each device will have a unique address within the "world" controlled by that router, though millions of devices will have the same 192.168.0.2 address, but don't know it because they're isolated from each other behind the NAT process in their router.
Note:-
Fixed IP = one permanently assigned, doesn't change over time. Common in business ISP accounts, pretty rare in domestic accounts.
Dynamic IP = as above, unique at a given time but subject to periodic change. Most domestic broadband accounts do this.
Your can probably switch your router so that the way it allocates IP's to devices inside NAT is either fixed ( a given device always has the same IP), or dynamic, where the router issues a numver every time you boot your PC, tablet, etc, and it asks for one. The default is usually dynamic, but there are reasons why some activities might require fixed.
This is the point always made by the technoheads as a slam-dunk win in this debate that annoys me. ISPs have DHCP servers which issue leases. Recording which IP went to which MAC address / router at which time is trivially easy.
Now I understand that NAT complicates things, never mind the fact you still can't prove who was using a device. But such things don't seem to stop them with phone tapping.
The thing has to be fought on principle, not technological excuses.
Well, all I was doing was giving a basic explanation of how this stuff works. What you're covering there is a rather different issue of how information gathered is used.
And there, I agree, things are much more grey.
But bear in mind, the information sought by the authorities has multiple uses. One, certainly, could be evidence in court. Another, and I suspect by far the more important, is "intelligence". And a lot of that is determining patterns.
Suppose I'm a terrorist, and you (the authorities) log my phone calls. You notice that I regularly, say, once a week, phone the same number. You'll check that number out. You'll discover I order pizza once a week, and if you bug my phones, you'll discover I like ham and pineapple, and sometimes, "garbage" pizza (loads of toppings, bung it all on) .... hold the anchovy.
But you might also get names of contacts. Innocent enough contacts, but you then monitor them, and get more contacts. Some will be irrelevant (more pizza orders) but others may help you establish a pattern, giving you a basis to target other more limited investigative resources, to establish, perhaps, surveillance. The same may well apply to data gained by net surveillance, etc.
The upside to government snoops monitoring all this is the power of data mining. It might trigger further investigation if something that otherwise might be missed, or it might simply allow better allocation if very scarce resources, like surveillance teams. And by doing so, ut might allow bombing plots, etc, to be foiled.
The downside is the privacy issues, with them using basically a national dragnet covering everyone, because it drags everyone's privacy in, regardless of any suspicion.
Basically, I do not trust the authorities.
We have anti-terror laws that gave been so widely abused. Laws supposedly aimed at terrorists used, or rather abused, by PC Plod, in his ignorance, to hassle anyone pointing a camera at almist anything .... including BBC staff photographers taking pictures of Trafalgar Square at sunset,
We had laws allowing wider scope for surveillance, and councils abusing that to surveil, using private detectives, people suspected of the utterly heinous and totally seditious offence of fibbing about where they lived to qualify for a catchment area for a different school.
So personally, I simply do not trust authorities given the power to monitor
huge aspects of our online life to do with it only what it was supposed to be for. I do not trust, for instance, them to not decide that having gathered all that dara, that they won't decude there's a revenue stream there (because there sure as hell is) and start selling it, like .... oh, electoral roll data, or DVLA data.
So, personally, I have no problem with poluce, or intelligence, getting a warrant from a judge, and telling an ISP "log this person/house" for the period defined by the warrant. I do have an issue with them logging everything, and dipping in to that treasure trove whenever and however they fancy.
And that's without even considering that "logging" everything might well result in a vastly lower signal to noise ratio, or that loads of people might well take anti-snooping measures, such as encryption at the PC and connecting to secure, foreign anonymous proxies. Then, all they're going to log is one hell of a lot of encrypted traffic going to overseas proxies, which could represent anything from a bomb plot to this week's order for ham and pineapple pizza, hold the anchovy.
ik9000 (03-06-2013),watercooled (12-05-2013)
This is no longer true - BT have started deploying "Carrier Grade NAT" on their low-end broadband users, where up to ten customers' routers will share an address as far as the outside world is concerned. It's not possible to do things which require a reliable peer-to-peer connection, like Xbox Live, with CGNAT.
But what about addresses for the UFOs?
And Nessie?
It's currently only a limited opt-out-able trial on their Option 1 package. Still, the same principal applies, just the public IP is assigned to something further upstream.
A few interesting articles on the 'I have nothing to hide' phrase:
http://www.schneier.com/blog/archive...lue_of_pr.html
http://chronicle.com/article/Why-Pri...ven-if/127461/
Also I seem to remember hearing something along the same lines said by Stalin. Just saying...
I would certainly defer to expertise on that point, but (as watercooled said) I thought this was at the planned/pilot stage, rather than "deployed".
Please correct me if I'm wrong, and I may be, but isn't the structure as I outlined still the case in all but a very small proportion of one ISP's customers?
Yeah it still applies in general, although carrier NAT is used by some mobile ISPs and IIRC some fixed-line ISPs in other countries.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote
