Internet anonymity

From Harridanic
Revision as of 19:29, 26 September 2012 by Paul Herring (talk | contribs)
Jump to navigation Jump to search

Nearly every week, if not every day, certainly in the United Kingdom, there are calls from one group of people or another for a ban on what is considered 'internet anonymity.'

The fact that, for the vast majority of people who use the internet, anonymity on the internet is a very high bar to achieve, what most of these calls are for is for people to be instantly recognisable whenever they produce content on the internet, be it a MediaWiki site such as this or Wikipedia, to the comments section beneath any news story on your local paper's website.

Anonymity?

IP Addresses

In reality, it is very difficult to be totally anonymous on the internet.

Every time you access a web page, you leave behind a record of which ISP you are using via your IP address in that sites logs.

Whether the general public can obtain that data is up to the site, but in general it's not something that's immediately accessible to someone who isn't actually involved with the site.

For example, on most MediaWiki sites, if you aren't logged in, any changes you make are recorded against your IP address. On the Revision History page of Wikipedia's Anonymity article taken on the evening of 26 Sep 2012 we have:

(cur | prev) 16:23, 14 June 2012‎ BDD (talk | contribs)‎ . . (18,240 bytes) (-1)‎ . . (main ---> see -- anonymous posting is only one aspect of online anonymity) (undo)

(cur | prev) 00:27, 9 June 2012‎ Trident13 (talk | contribs)‎ . . (18,241 bytes) (+25)‎ . . (→‎See also: * Anonymous blogging) (undo)

(cur | prev) 20:32, 18 May 2012‎ Adjwilley (talk | contribs)‎ . . (18,216 bytes) (-2)‎ . . (Good faith revert of edit(s) by 198.189.235.79 using STiki all caps) (undo)

(cur | prev) 20:28, 18 May 2012‎ 198.189.235.79 (talk)‎ . . (18,218 bytes) (+2)‎ . . (→‎Mathematics of anonymity) (undo)

(cur | prev) 20:28, 18 May 2012‎ 198.189.235.79 (talk)‎ . . (18,216 bytes) (0)‎ . . (undo)

(cur | prev) 05:40, 25 March 2012‎ Wiki141592 (talk | contribs)‎ . . (18,216 bytes) (-372)‎ . . (removed 'trend' statement; 2009 quote with no citation; and minor edits) (undo)[1]

Shown with a darker background, we have two entries by 'username' 192.189.235.79 - this is an 'anonymous' user who edited the page.

Asking one of the numerous services on the internet dedicated to such things, if you put http://whois.arin.net/rest/nets;q=192.189.235.79?showDetails=true&showARIN=false&ext=netref2 into your browser you'll find that the company that owns that IP address (along with 255 others in this particular part of the address space) is Center for Naval Analyses.

With that information, if you want to know who made those edits, then you simply contact the CNA, and ask them "who, at 20:28 on the 18th May 2012, had 198.189.235.79 as their IP address."

Problems with IP addresses

Naturally the CNA could tell you to bugger off; and if the ISP concerned was a large one - like Verizon in the states - getting this information out requires slightly more than just a request; a warrant at the absolute minimum would typically be needed.

Additionally the authority responsible for the IP address concerned might not keep records (likely for CNA,) or they may not keep them long enough. But the theory is there - if you have an IP address and a time, it gives you sufficient information to at least get you close, if not at, the person concerned.

Unless, of course, the IP address is the single public address for a company, or a household. If you have wireless in your house, and you have more than one computer accessing the internet, then all your devices will have (to the websites they visit) exactly the same IP address. But then asking Verizon who had an IP address at a particular date still gives you the household that visited the site, and deciding who's responsible for behaviour in that household is a favourite topic of companies like the RIAA.

With companies with all their employees behind the same, the process of discovery is usually a bit trickier, but ultimately (depending on that company's own logs) it can be done; supplying them with (e.g.) an additional URL they can use to search their logs will usually allow them to find who, internally, was (ab)using a site. (Most companies record what their employees are doing on the internet. Generally no-one actually looks at them without reason, but they are recorded.)

References

  1. Revision History of Anonymity from Wikipedia - WebCitation taken 26 Sep 2012