Mobile operators have kicked off the PR war against identifying those sharing files by revealing themselves as the ideal conduit for any kind of online crime. The details come from the Mobile Broadband Group, which counts all the UK's operators as members and told ZD Net that mobile operators don't allocate IP addresses to …
I assure you that criminals have been perfectly aware of the advantages of using mobile data for quite some time now. Not for nothing is there now an iPhone botnet.
Not just NAT, but PAT also
Its not the NATing that creates problems. Mobile Operators also use port address translation; PAT. This means that there will be 357 users all on the same IP address with the port 80 traffic from their private ip address NATed/PATed.
that may well be
but dont thinkim gonna start using my legit phone to start any dodgy dealings !!
ill stick to my proven roundabout ways thank you very much !!
Pirate Well of course !!!
said it before
.... been using my PAYG 3g device, which was bought with cash, gets topped up with cash.
I may be paying more for my bandwidth to download the latest shows from the US, but at least i can get them without any contracts (tv liscence, sky et all).
You'd have to keep a record of every single outgoing transaction and the source/destination somewhere. That's a *big* database.
it's just not enough to have a database of local IPs and a couple of public IPs, you need to link them, and with NAT that means on a per-connection (and for some protocols) per-packet, with millisecond accurate timing.. because if your time isn't provably accurate you'll finger the wrong person.
the mobile operators have basically just given the go ahead to do everything illegal online via their services.
my home pc's connect to the net via a NAT router, if i tried that excuse, you don't know which pc it was, i'd be held responsible for any illegal activity as the owner of the connection. Surely it's only covering their own backs to record ip's, if only to prove it wasn't them downloading all the child porn, bomb making instructions and planning a terrorist attack.
"Given that network operators already store the location of every handset on the network and the details of every call and text - not to mention counting every byte of data carried - it might seem a small thing to record IP address allocations. But the operators we contacted admitted they keep no such records."
Keeping records of IP allocation would be utterly pointless to identfy a "filesharer" - on the filesharing network all you can see is the address of the gateway. Even if the internal address allocation was stored, it wouldn't help to identify a specific user.
So can they explain me why they railroaded the LTE 3GPP design then
Four of the UK mobile operators have participated in railroading the current LTE and post-rel 8 3G design through 3GPP.
This design passes all IP data traffic through a centralised entity called a PDC which the specification states should be able to do deep packet inspection, NAT and P2P control. The entity is an evolutionary extension of the current GGSN element in 2.5+G networks and some of the functionality is already present in the GGSNs (or their supporting elements) on the market.
So to summarise the technobable - BS you plonkers!!! By the time this requirement will go live you will have the capability in the network and you have actively forced its formulae through the standards.
.... if I wanted to send a boom threat... I should use a PAYG mobile connection?
"no one's watching you when you're inside the operator's space. ®"
That's just what they WANT you to think !
Typical ignorance from government
As usual, a knee-jerk legislation proposal from government reveals that they don't have a clue when it comes to IT.
The ubiqity of network access, and the rise of pay-as-you-go 3G connections, means that tracking down and cutting off a single individual is impossible in reality. Anyone who is cut off can stick two fingers up and get a new connection as many times as they want to.
If Mandelson has to resign for a third time, does that mean he is banned from politics forever?
"If Mandelson has to resign for a third time, does that mean he is banned from politics forever?"
you sir owe me a new keyboard and monitor..... and a cup of coffee for that matter !!
Have mobile costs gone down recently?
Your take on this story is amusing, but if I wanted to pull down a free copy of a DVD, would I really use a mobile phone link? Last time I looked it would be cheaper *by far* to pay full price in a shop.
"The same mechanism is used by companies, originally to preserve IP addresses, but these days mainly as a security mechanism as the NAT will only route data that was requested from an internal user, blocking attacks from the internet automatically."
Actually it's still mainly used to preserve IP addresses, in fact even more so these days than before. Because there are more internal users, and less available IPv4 public addresses. Companies will use firewalls to stop inbound traffic from the internet, they won't rely on NAT to do so. Besides, what do you think usually performs the NAT? More often than not it's the corporate firewall.
That being the case, I don't really see why a new £35 milllion database is necessary. Firewall logs will already show the private addresses being natted to public addresses to specific destinations with timestamps, assuming the mobile provider uses Checkpoint on one platform or another, which (as far as I know) almost all mobile providers do. What's the alternative? Junipers? ASAs?
This will be great for PAYG customers as you can just give any name, so even if they build there £35m database, still no true way they can identify its you, unless they start delving very deeply into all your phone calls etc which they won't be allowed access to.
Anyone can register a PAYG device in any name, think I'll start a PAYG in the name of David Beckham and see what happens
Mobile Broadband Group's response is c**p
When you establish a PDP context (data connection for the non-technical among us), the mobile operator's GGSN uses a RADIUS server to authenticate the user and assign an IP address to it. One of the parameters passed to the RADIUS server is the IMSI of the mobile requesting the connection; its a trivial job for the RADIUS server to log the IMSI and assigned IP address.
My qualifications for saying this - I designed and built a commercial internet POP that interfaces to a 3G network via the operator's GGSN. The RADIUS server used in the POP logged everything, including IMSI and IP addresses.
Commercial/Industrial connections are different. The vast majority of 3G connections share a small number of public IP addresses. When the RIAA/MPAA/BPI/whoever discover a filesharer, all they have is a public IP address, and a time. That IP address will be linked back to many IMSIs, so is useless. You'd need to log a lot more information to pin it down to an individual.
Mobile isn't Broadband
It's often only a little better speed than 2 Ch ISDN and easily disconnects. Not always on.
But I think they are just making excuses.
They can do this. Any Small Office with 50 users NAT or Proxy on a single ISDN IP could do this 10 years ago.
operators "are not allocating one IP address per customer"
In the case of Vodafone, for several weeks recently, external customer IP addresses allocated in the range 212.183.140.x would change every ten seconds or so during one ongoing connection. Wreaked havoc with online-banking authentication/security.
its a big database
I record each website URL visited and on what computer for 1 month for 500 employees. That nets me a database of 4gb with a transaction log of 8gb (yippee!)
that is for 1 month. Scale that up to a few million and its a hell of a database.
- Product round-up Ten excellent FREE PC apps to brighten your Windows
- Review Tough Banana Pi: a Raspberry Pi for colour-blind diehards
- Product round-up Ten Mac freeware apps for your new Apple baby
- Analysis Pity the poor Windows developer: The tools for desktop development are in disarray
- Chromecast video on UK, Euro TVs hertz so badly it makes us judder – but Google 'won't fix'