Eric Gauthier wrote: > Heya, > >>> In the US, folks are fighting the RIAA claiming that an IP address isn't >>> enough to identify a person. >>> >>> In Europe, folks are fighting the Google claiming that an IP address is >>> enough to identify a person. >>> >>> I guess it depends on which side of the pond you are on. >>> >> They are both right. If you have a dynamic IP such as most college students >> have, it is here-today-gone-tomorrow.
> Our University uses dynamic addressing but we are able to identify likely
> users
> in response to the RIAA stuff. There is a hidden step in here, at least for
> our
> University, in the IP-to-Person mapping. Our network essentially tracks the
> IP-to-MAC relationship and the MAC-to-Owner relationship. For us, its not
> the
> IP that identifies a person, but the combination of IP plus Timestamp, which
> can
> be used to walk our database and produce a system owner.
There are a couple of ways that can break down. "Hey, dude, lemme
borrow your laptop for a minute." Or
"ifconfig eth0 ether aa:bb:cc:dd:ee:ff"
> I'm guessing that Google et. al. have a similar multi-factor token set (IP,
> time,
> cookie, etc) which allows them to map back to a "person".
Which, for similar reasons, does not, in any absolutely reliable way,
identify a *person* at the keyboard.
--
Jeff McAdams
"They that can give up essential liberty to obtain a
little temporary safety deserve neither liberty nor safety."
-- Benjamin Franklin
signature.asc
Description: OpenPGP digital signature
