those on the list with an interest in geolocating internet users and/or devices may be interested in the following: %%%%%%%% title: Internet Geolocation and Evasion http://www.ccsl.carleton.ca/~jamuir/papers/TR-06-05.pdf http://www.scs.carleton.ca/research/tech_reports/2006/ abstract: Internet geolocation technology (IP geolocation) aims to determine the physical (geographic) location of Internet users and devices. It is currently proposed or in use for a wide variety of purposes, including targeted marketing, restricting digital content sales to authorized jurisdictions, and security applications such as reducing credit card fraud. This raises questions about the veracity of claims of accurate and reliable geolocation, and the ability to evade geolocation. We begin with a state-of-the-art survey of IP geolocation techniques and limitations, and examine the specific problems of (1) approximating a physical location from an IP address; and (2) approximating the physical location of an end client requesting content from a web server. In contrast to previous work, we consider also an adversarial model: a knowledgeable adversary seeking to evade geolocation. Our survey serves as the basis from which we examine tactics useful for evasion/circumvention. The adversarial model leads us to also consider the difficulty of (3) extracting the IP address of an end client visiting a server. As a side-result, in exploring the use of proxy servers as an evasionary tactic, to our surprise we found that we were able to extract an end-client IP address even for a browser protected by Tor/Privoxy (designed to anonymize browsing), provided Java is enabled. We expect our work to stimulate further open research and analysis of techniques for accurate and reliable IP geolocation, and also for evasion thereof. Our work is a small step towards a better understanding of what can, and cannot, be reliably hidden or discovered about IP addresses and physical locations of Internet users and machines. %%%%%%%%% any comments are welcome. -James _______________________________________________ Geowanking mailing list Geowanking@lists.burri.to http://lists.burri.to/mailman/listinfo/geowanking ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]