Silk Road forums
Discussion => Security => Topic started by: Veetano on May 03, 2012, 11:19 pm
-
This can be tied into what we all fear here.
We all fear being identified by our IP address, whether through bitcoin suppliers, or through simply checking your tracking before the package may be intercepted.
http://www.geekosystem.com/ip-address-insufficient-id/
This article is about torrenting, but it doesn't change the basis of it.
With the Advent of wireless routers, anybody can do anything online with your IP. Think it's only your neighbors, think again.
It reminds me of the time I used to live out of the back of my van for a few months, and I would take showers at my local gem. Very cheap living when the whether is nice. Anyways, with about $40 and some spare metal, I built myself a super-wireless antennea and attached it to a rotating disc. I wrote a program to check the speeds of all wireness networks in range. I could access wireless networks for up to 5 miles away, if not a little further.
WPA Encrypted Wifi passwords? They're no issue. Anybody with Linux can follow some basic tutorials and crack into pretty much ANY wireless router. They are the least secure things on the planet and cracking into them doesn't take more than 45min-an hour. (keep in mind if someone is on your router, they can see all the data you submit over the network - I hacked and trolled many peoples facebooks this way on my boredem, fun times.) Nobody knew who or where I was.
Anyways.
this case sets the precedence for IP Addresses being insufficient evidence alone to link somebody to an activity/website.
So I guess now we are safe to check our USPS tracking even if it gets caught because IP addresses cannot be used against us. Same goes for buying bitcoins!
Some successful rich nerd down the street who you bullied in high school could be setting you up by hacking into your wifi, ordering bitcoins from your address, sending pounds of coke to your house and checking the tracking while using your wifi.
Cheers
-
Welcome to the difference between evidence and intelligence. IP address has very rarely ever been used as evidence, but it is still enough to get a search warrant (during which time evidence will be collected), and it is still enough to get you put under surveillance. This precedent has already largely been followed in CP investigations, people who are raided based on IP address *intelligence* (ie: every single person busted with CP) almost always have charges dropped if no CP is recovered during the raid, but it has already also been established that an IP address *is enough probable cause for a search warrant* and nobody is going to get out of charges if additional evidence is found after they are raided / put under surveillance after they are identified by their IP address.
"But the only reason they knew I was mailing heroin is because they put me under surveillance after they found my IP address!" is not going to fly.
"But the only evidence they have that I am the one who sent them heroin is that they traced their communications with the person they made a heroin deal with back to me!" has essentially never been enough to get a conviction in court and usually the judge throws out cases where a traced IP address is the *only* evidence
-
^^ This.
-
It works like this, you login to check a package the ID is recorded of the package and your ip. The police intercept it call the shipping company they verify it was tracked by such and such IP. The feds trace the ip class range to verify which company is leased this class range. The isp looks up its lease of ips from there pool to verify which mac addressed it was assigned to and who the registered owner of that line is. The impound your system verify the MAC lease of your router your modem and your nic MAC and you have sufficient evidence.
NEVER connect ANYWHERE without a fully encrypted tunnel such as VPN or multiple level wrapped VPN + TOR and even someone elses line
-
Admittedly, I only skimmed the article, but this means nothing. It has NO precedential value; district court is meaningless. Also, I cannot find the opinion, which means unpublished.
-
It works like this, you login to check a package the ID is recorded of the package and your ip. The police intercept it call the shipping company they verify it was tracked by such and such IP. The feds trace the ip class range to verify which company is leased this class range. The isp looks up its lease of ips from there pool to verify which mac addressed it was assigned to and who the registered owner of that line is. The impound your system verify the MAC lease of your router your modem and your nic MAC and you have sufficient evidence.
NEVER connect ANYWHERE without a fully encrypted tunnel such as VPN or multiple level wrapped VPN + TOR and even someone elses line
Mac Addresses are extremely easy to spoof. You're talking basic network manipulation.
There is no surefire way to ultimately pin somebodies exact computer or IP address to a cyber related crime unless you more or less find the various sites in the persons history or other intel on their computer relating to the crime.
-
It works like this, you login to check a package the ID is recorded of the package and your ip. The police intercept it call the shipping company they verify it was tracked by such and such IP. The feds trace the ip class range to verify which company is leased this class range. The isp looks up its lease of ips from there pool to verify which mac addressed it was assigned to and who the registered owner of that line is. The impound your system verify the MAC lease of your router your modem and your nic MAC and you have sufficient evidence.
NEVER connect ANYWHERE without a fully encrypted tunnel such as VPN or multiple level wrapped VPN + TOR and even someone elses line
Mac Addresses are extremely easy to spoof. You're talking basic network manipulation.
There is no surefire way to ultimately pin somebodies exact computer or IP address to a cyber related crime unless you more or less find the various sites in the persons history or other intel on their computer relating to the crime.
MAC's are easy to change, they will compare your ISP lease logs and your router logs and if you match your screwed. If ones capable know how to do this then they wont be worrying in the first place.