Skip Navigation


Mobile broadband may have problems identifying pirates
Tuesday 24 November 2009 18:04:25 by Andrew Ferguson

ZDNet UK has hit upon one major problem for how the Digital Economy Bill will handle copyright infringement. The short version of the plan is that copyright holders, can notify a provider of an alleged infringement, and the provider is then meant to match this up with the customer involved and keep a record of the number of strikes. Then at some point in the future the copyright holder can apply for the actual information that identifies the violators, the presumption being that they'll go after those with the most strikes.

With fixed line broadband this is relatively easy. Providers keep records of who was assigned what IP address from their IP pool at a specific time, and the tools the copyright holders will use will also see these IP addresses. Alas the situation is different for mobile broadband. Put simply the mobile broadband providers have a limited set of public IP addresses, and map a number of users to one of these IP addresses in a similar fashion to how a broadband router shares one public IP address between multiple computers in a home.

This means that while copyright holders will know the public IP, this will not uniquely identify the mobile broadband connection that was used. Mapping is not impossible, but it seems that on a day to day basis the mobile broadband providers do not do this (although they may have resources to do so on a small scale, e.g. for abuse and police investigations). With the millions of broadband dongles now in use the UK, creating a system to track all of these and the issue of Pay As You Go services adds to the complexity.

Of course it may be that the media industry is willing to overlook the mobile broadband market, but while it may not be used widely for copyright infringement now, if those exploiting the system become aware of this they will simply move to the mobile services, making it an issue. To some extent the data allowances on mobile broadband make it less attractive for file-sharers, but 15GB a month is an awful lot of music tracks. Lets not forget that Napster was big back in the days when most people still had dial-up. There is also the disparity between the advertising telling us that mobile broadband is fast and great, but when they want it to appear slow and less useful compared to fixed line broadband the tune changes. 3 certainly appears to have people making heavy use of their service, hence the introduction of traffic management.

Looking forward to services like LTE/4G one presumes the mobile industry will resolve this NAT like architecture, since once they introduce lower latency solutions people will try to do more things like connect games consoles and other devices that may not like the restricted access that is common at present. Some of the early satellite broadband providers had similar problems, but we assume the next generation being launched now have resolved this, though no matter how good the bandwidth is to and from a geostationary satellite very little can be done about the massive distance the data travels, which kills latency sensitive applications such as gaming.

Comments

Posted by rarpsl over 5 years ago
"Put simply the mobile broadband providers have a limited set of public IP addresses, and map a number of users to one of these IP addresses in a similar fashion to how a broadband router shares one public IP address between multiple computers in a home."

I connect and they have my device's MAC Address (I probably need to logon also). At that point they know who I am and can log the assigned IPN (until it is assigned to another user). With the IPN and Timestamp, look it up like a land line and see whose account it is.
Posted by andrew (Favicon staff member) over 5 years ago
The logon's are generic, i.e. not specific to one user. Also the issue of PAYG where you may have no customer information i.e. they buy the topups with cash

Posted by amphion over 5 years ago
Can't be that difficult surely? They always seem to wear striped jerseys, have a limb or an eye missing, and talk with a West Country accent. And ride around the High Seas in a boat or ship.

Oh, I'm sorry, you meant copyright infringers.
Posted by TonyHoyle over 5 years ago
It's not a solvable problem in the short term - we're talking about carrier grade NAT (something that will start happening with fixed line providers as well once ipv4 shortages begin to bite).

You can't just say 'who connected to x.x.x.x at this time' you have to be able to day 'who sent this packet from this port to x.x.x.x at this exact (to the millisecond) time' to be able to give any kind of certainty you've go the correct person.. and you have to store the data to go with that, which means massive amounts of extra data storage. The providers aren't going to do that voluntarily.


Posted by CARPETBURN over 5 years ago
They cant track PAYG users (IP address will be dynamic) and even if they could and issue warnings (say by detecting MAC) all the user on a PAYG scheme is buy a new dongle, the clever ones dont even need to do that as MAC spoofing is pretty simple now. Ive commented on things like this before, its not just mobile services either, any open wifi area they wont have a clue who is responsible for using the network for dodgy material... The new Swindon wifi scheme as an example will be a nightmare (read as impossible) to track ever individuals usage.
Posted by Dawn_Falcon over 5 years ago
And that's ignoring encryption and proxys...
Posted by Drefsab over 5 years ago
I love how this works, if I run an open wifi access point that NAT's a single IP I'm the person responsible for the use of that connection regardless of who did the dodgy deed. Even if you have the right to resell your link you in your ISP's terms and conditions (say on leased lines for example).

So why not hold the Mobile operator's responsible? Sure I know it wouldn't work but it would bring to like the flaws in current plan's for filesharers.
Posted by CARPETBURN over 5 years ago
quote"And that's ignoring encryption and proxys..."

Indeed, a dynamic IP, downloading through lets say a newsgroup with encryption their end and your end, combined with proxies or full on tunneling, throw in some MAC spoofing, and as good as NO chance catching that person. At best they may be able to monitor when the person is shifting data for a few moments but they wouldnt know what, then mid flow they pause spoof the MAC tunnel through a new proxy list and they have vanished like a ghost the ISP and the music/film industry wouldnt be able to prove a darn thing.
Posted by Dawn_Falcon over 5 years ago
Lol. Dynamic IP's are *no* protection, the ISP knows which of its subscribers are using a given IP at any time.
Posted by CARPETBURN over 5 years ago
quote"Lol. Dynamic IP's are *no* protection, the ISP knows which of its subscribers are using a given IP at any time."

Really, you sure about that? Would you be shocked to learn its perfectly possible for a naughty person to get assigned the same IP as an innocent at exactly the same time. Combine that with other things i mention and they have no chance of tracking EACH INDIVIDUAL.
Posted by Dawn_Falcon over 5 years ago
Carpetburn dosn't understand the net, news at 11
Posted by CARPETBURN over 5 years ago
Err so you dont think IP address cloning is possible either??? You dont think i understand things LOL, Id hijack onto a mobile connection of yours (if you have one), clone the MAC and have the same IP as you before you could blink.... Good luck explaining to your ISp it wasnt you that did x, y and z with your connection. You simply can not Monitor an individual on any wireless based network and be CERTAIN what is done with the connection is down to the regular user of that connection, its totally and utterly 100% impossible.
Posted by CARPETBURN over 5 years ago
Even with no trickery as Andrew rightly mentions..... How are you going to monitor and catch an anonymous PAYG mobile broadband customer huh? You dont even have their name let alone an address to send the nice we are gonna sue you letter. The scare mongering of this really is beyond a joke now, you cant monitor every bit and byte or every user, end off!
Posted by wizzler over 5 years ago
Mac id's are not used by the mobile networks the sim serial number (IMSI) is stored on the sim card, change that (highly unlikely) and your using another persons mobile number. The IMEI is unique (without alteration) to a specific dongle. Both of which are recorded for EVERY piece of data sent between the dongle and the cell tower) attach the internal IP address assigned and the external ip address the packet is sent to/from and they have more than enough to track you. Guess what ? They already do that as standard.
Posted by wizzler over 5 years ago
The only real way around it is to have a supply of SIM cards and a dongle which can have it's IMEI altered. Otherwise all the networks have to do is Cancel the sim card and blacklist the IMEI (as they do with lost and stolen mobiles) and that user would have to replace both to start using the service again - warnings can be delivered by routing to a specific page or by sending a text to the dongle.
Posted by Dawn_Falcon over 5 years ago
"anonymous"

The government will fix that, of course. Sheesh.

Wizzler - No they don't. They want $35 million to do it.
Posted by wizzler over 5 years ago
Actually Dawn_falcon they do I have seen such reports they do not inspect the data or store the data and possibly don't store the internal and external IP addresses which would be required to stand up in court. The report usually goes along the lines of - cell site used, IMSI number, IMEI number, amount of data in that 1 connection between dongle and cell, this information is required to bill the user and to backup any claims that it was not them - the same info is stored for phone calls too !
Posted by CARPETBURN over 5 years ago
Errr a mobile IMEI can easily be altered also, depending on model of phone some basic unlock software even allows alteration to the IMEI

Its not even mobile only networks where they wont be able to monitor and catch people......

What they gonna do if i go to my local libary and download copyright infringing content over their connection???

The whole plan is one big day dream from the music and movie industry who have no clue and have passed their cluelessness onto our government.
Posted by grahammm over 5 years ago
Maybe the answer is to change to IPv6 which has mobile IP addressing built in. That way, the IP address would be traceable irrespective of which access point is used.
Posted by Dawn_Falcon over 5 years ago
wizzler - So you say they're lying? Heh.

Carpet - Firewalls excluding most web content, duh. Wait, you think public connections with deacent content is in their interest? Heh.
Posted by CARPETBURN over 5 years ago
quote"Maybe the answer is to change to IPv6 which has mobile IP addressing built in. That way, the IP address would be traceable irrespective of which access point is used."

That will make no difference if its PAYG..... you wont know the actual person responsible.
Posted by CARPETBURN over 5 years ago
quote"Carpet - Firewalls excluding most web content, duh. Wait, you think public connections with deacent content is in their interest? Heh."

No idea what you are talking about, newsgroups can be accessed over a http web interface nowadays you could quite easily download dodgy content to your USB stick at a library.

Infact heres some evidence that the real culprits are not caught....
http://news.zdnet.co.uk/communications/0,1000000085,39909136,00.htm
Posted by CARPETBURN over 5 years ago
So there you go, head out to a public place and download merrily LOL, stupid government idea as ive said all along which wont catch anyone with half a brain cell.
Posted by Dawn_Falcon over 5 years ago
Yea Carpet, you think they won't have to end up using restrictive whitelisting to avoid liability? Get real.

And yes, a pub was fined completely contrary to the law even under existing circumstances... I already know a dozen people who've taken the public side of their wifi down as a result.
Posted by CARPETBURN over 5 years ago
^^^ Exactly so in other words this so called wonderfull new law punishes innocents, destroys services many use in the right manner and once again doesnt catch the naughty people doing wrong at all. Why is the pub owner being done for someone elses crimes?? Obviously every individuals usage cant be tracked and never will be. You simply can not monitor each bit and byte on an individual level.
Posted by Dawn_Falcon over 5 years ago
Yes you can. It'd be crippling expensive, but it's technically possible even now.
Posted by CARPETBURN over 5 years ago
Well if its possible why are they stringing up a pub owner instead of going after who was responsible..... Its not possible, if i buy a PAYG dongle you dont know who i am, my address or anything else...... Same as if i go to a library and commit copyright infringment, you dont know which of the hundreds or thousands that week did the crime, stop talking nonsense.
Posted by CARPETBURN over 5 years ago
If its possible and i have a PAYG mobile phone with modem built in, tell me please how you are going to hunt me down for dosgy downloading, when the darn phone isnt even registerd to me or anyone? Get a grip on reality!
Posted by CARPETBURN over 5 years ago
PAYG phone... Connect to pubs wifi.... Now tell me how you find out who it was? I spose you hire Mystic Meg
Posted by Dawn_Falcon over 5 years ago
Carpet - Oh don't worry, I'm sure they'll make you register 3G wireless dongles at point of sale soon enough. You can't buy a PAYG mobile without ID as it is.

(And they can track the phone via the assigned IP, if they get their £35 database, to the phone's IMEI. And changing *that* is a criminal offence, five years in jail!)

And they're not because it *is* cripplingly expensive.
Posted by CARPETBURN over 5 years ago
^^ LOL... They have never forced you to register PAYG phones or dongles and even if they did suddenly there will be a lot more Mr Smiths and Mr Blogs filling in the registration forms.
PAYG uses dynamic IP in most cases so that wont be tracked (especially if you join a wifi network). Oh and no idea where you have been buying PAYG phones ive had several and bought several as gifts in the last few years, never been forced to register or give ID, that only happens on CONTRACT phones.
Posted by CARPETBURN over 5 years ago
Even if they did make you register and check your details theres a simple way round that... Buy a used one..... AGAIN you cant say how they will track each individual because put simply you can not.

My god the police have a hard enough time tracking a PAYG mobile in a high profile crime like a murder (Only have to watch crimewatch to know that) let alone some clandestine organisation having the ability to track each individuals usage... Get real it cant be done!
Posted by CARPETBURN over 5 years ago
Oh and changing a phones IMEI is not a crime....... CLONING it (IE copying another phones IMEI) is though.
Posted by Dawn_Falcon over 5 years ago
Incorrect. See the Mobile Phones (Reprogramming) Act 2002, which explicitly establishes it as a crime.

And yea, sorry, you have to give "personally identifying details" when you get a SIM card, not a phone. And you can be asked to account for what happens to it, as well.

As to the "dynamic IP" thing, that's once again the £35 million database the mobile companies have said would be needed!
Posted by Dawn_Falcon over 5 years ago
Sorry, "Mobile Telephones (Re-programming) Act 2002"
Posted by CARPETBURN over 5 years ago
Changing an IMEi for personal use is not illegal, CLONING an IMEI is what is illegal.
Unlocking a phone (which is perfectly legal) actually on some old handsets involves changing the IMEI, something depending on mobile provider they will still happily do.
Posted by CARPETBURN over 5 years ago
Dynamic IP.... Explain please how they will track a person who connects to a Wifi spot through their phone, when the IP wont even be assigned by the mobile provider but the hotspot connection. All what would be known is a PAYG phone connected to the Wifi and used its connection, nobody if its an unregistered phone could track that back to an individual.
Posted by Dawn_Falcon over 5 years ago
Read. The. Law.

(1) A person commits an offence if—
(a) he changes a unique device identifier

And you're just as accurate on your last point.
Posted by CARPETBURN over 5 years ago
LAW, ok too bad you lost attention after point one of the act......
I REPEAT CHANGING AN IMEI IS NOT ILLEGAL
continue reading and then also google up on the amendments to the act <YAWN>
Posted by CARPETBURN over 5 years ago
Oh and im all ears on how you are going to even know what person in a country of millions with an unregistered PAYG mobile phone that uses its inbuilt modem to connect to a wifi spot can be located... Or how a person that nips down the libaray and does naughty things at their computer will get caught.... Stop day dreaming, and provide some backup to your claims
Posted by CARPETBURN over 5 years ago
Maybe every library is going to have armed guards to make sure they can shoot any P2P'er or person that dares watch a streaming video with copyrighted video or sound before they leave????

Huh take that scum for daring to use google video!

:-S
Posted by Dawn_Falcon over 5 years ago
Actually Carpet, the amendments relate to you getting hammered legally if you know of another business you have dealings with changing IMEI's and you don't report them. Changing IMEI's remains just as illegal.
Posted by CARPETBURN over 5 years ago
Not going to argue with you as like always its a pointless circle of stupid. You have had 3 chances now to tell us all how a person connecting to a wifi spot via unregistered equipment would be tracked down and locked up and you as always cant explain. Maybe you really are dumb enough to think my library idea is the solution?
You must be logged in to post comments. Click here to login.