On a Friday in February, a visitor to the website 4chan posted child porn photos to the “international” channel. 4chan may be notorious for the offensive images that get posted there, but it turns out there are limits even on that free-wheeling board. According to a police affidavit, 4chan flagged the post, recorded the Internet Protocol (IP) address associated with the user who posted it, and reported it to the National Center for Missing and Exploited Children. The Center passed the tip along to the feds, who forwarded it to the Seattle Police Department, where it landed on the desk of Detective Daljit Gill.
The ultimate fate of that tip, according to a new white paper from the digital civil liberties group Electronic Frontier Foundation, reveals in part why IP addresses can be unreliable pieces of evidence that then misused by police and the courts.
An IP address is a unique identifier assigned to a computer or computer network that allows it to connect to the internet. Detective Gill looked up the IP address handed over by 4chan using a publicly available tool from MaxMind, which provides more information, like geographic coordinates where the computer might be located and the Internet Service Provider (ISP) it’s associated with. The ISP in this case was a company called WaveG; Gill sent it a search warrant asking for the name and address associated with the account.
The address pointed at a Seattle couple: David Robinson and Jan Bultmann. So at 6:15 a.m. on a Wednesday morning last March, gun-toting police officers showed up at the door of their condo, flashing a warrant and saying they needed to search the premises. The cops threatened to take all of the computer equipment in the house unless Robinson and Bultmann answered their questions and let them search devices. Robinson got dressed while a police officer watched, according to local alt-weekly The Stranger. Then Robinson and his wife were taken into white police vans and questioned separately for nearly an hour about whether they were child porn connoisseurs.
How can blow up something this simple into four paragraphs?
Whoever owns this publication really should stop paying by the word.
Jeremiah Sanders
That doesn't explain that they raided the wrong place, why they raided the wrong place, how they could have avoided it, and the technical background needed for the average reader.
Adrian Nguyen
Did they though? For the average reader, leaving this up to cyber magic would be in the best interest of law enforcement.
Carson Adams
Yeah. They raided the location of a Tor exit node.
But not in the best interest of "telling people what the hell is going on".
Ryan Collins
Since when can you post on 4chan from tor?
Austin Turner
No shit. Just think about all the unprotected wireless routers, and the old ones using weak encryption. Then there's all the new gear that's probably exploitable. Internet of Things = hide in the crowd.
Samuel Long
I can't wait until the day all of my lightbulbs need a firmware update whenever a new OpenSSL vulernability is found.
Joshua Torres
/int/ found a way.
Cooper Brown
...
Easton Green
It's called 4chan because there are 4 channels :^)
Kevin Nelson
Literal quote from the article: "Tor is an anonymous web browser..."
Christopher Walker
Yes. Reading won't hurt you. Nevermind, lost cause.
Isaiah Perez
if that happened i think you would basically DDoS every single fiber/copper cable on the planet
Nathan Jones
Did you know there are now wireless wall power sockets? No shit, check amazon.
When the living fuck would anyone need to use wireless for an electric wall socket? Not to mention the waste of power keeping the wireless on all the time.
Thomas Wright
That has so much potential for keks Imagine using someone else's router to post CP or animal gore or some shit
Angel Morris
You can; most people don't know how though since nearly all exit nodes are blocked.
Asher Stewart
We're getting there. You'd be horrified to see what companies are doing with docker internally.
Joseph Parker
>implying there will be updated firmware for lightbulb model x once the manufacturer releases model x+1 *hand rubbing intensifies*
Tyler Gomez
ipv6 will change this
James Barnes
amazon.com/Managed-Designed-Manufactured-Synaccess-Networks/dp/B0039OZKPE My friend showed me some power strips with remote access capabilities. I told him that it's a terrible idea and that security by obscurity (assuming that a hacker wouldn't know he hacked into a power strip) would only be somewhat effective, but also leaves room for a hacker to do more damage if devices that needed to stay up 24/7 or as much as possible were attached to one of those strips and it got hacked. All he could reply with was that he could see use in turning on or off a backup server as needed. Which doesn't make sense to me because a backup server is better off just staying online, especially for a company with an IT budget that allows for wasteful spending on a remote access power strip.
Angel Myers
kek
Zachary Phillips
Have they come out with a remote access dishwasher yet?
Juan Gonzalez
You wish. The unit is already sold, why waste money improving it? See: cellphones, basically anything that runs firmware of any kind
Wyatt Taylor
it's shitty normie home automation. so you can turn off anything connected to the outlet with your phone. pointless and limited wrt home automation but normies will still buy it.
