[121422] in North American Network Operators' Group
Re: New netblock Geolocate wrong (Google)
daemon@ATHENA.MIT.EDU (Warren Kumari)
Mon Jan 18 21:31:13 2010
From: Warren Kumari <warren@kumari.net>
In-Reply-To: <F1BB4428-FDF9-49C8-BCF4-AC53495679FF@cs.columbia.edu>
Date: Mon, 18 Jan 2010 21:30:28 -0500
To: Steven Bellovin <smb@cs.columbia.edu>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 18, 2010, at 8:38 PM, Steven Bellovin wrote:
>=20
> On Jan 18, 2010, at 8:22 PM, Warren Kumari wrote:
>=20
>> Something that I have often wondered is how folks would feel about =
publishing some sort of geo information in reverse DNS (something like =
LOC records, with whatever precision you like) -- this would allow the =
folks that geo stuff to automagically provide the best answer, and =
because you control the record, you can specify whatever resolution / =
precision you like. Based upon the sorry state of existing reverse, I'm =
suspecting that there is no point....
>=20
> I don't think that that works. Apart from the problem that you allude =
to -- people not bothering to set it up in the first place -- IP =
geolocation is often used for certain forms of access control and policy =
enforcement. For example: "Regular Season Local Live Blackout: All =
live, regular season games available via MLB.TV, MLB.com At Bat 2009 and =
certain other MLB.com subscription services are subject to local =
blackouts. Such live games will be blacked out in each applicable Club's =
home television territory, regardless of whether that Club is playing at =
home or away." (http://www.mlb.com/mediacenter/). EBay has apparently =
used IP geolocation (poorly) to control access to certain auctions for =
items that are illegal in certain jurisdictions or that cannot be =
exported.
Ah, yes, sorry, I guess I didn't fully explain this...
This wouldn't (well, shouldn't) be used as an authoritative source -- it =
would simple be yet another signal that could be used, and would provide =
(if the ISP so chose) higher resolution.
If you think that the IP is in Uzbekistan and traceroutes, whois and RTT =
all seem to agree with that, but the published LOC type record claims =
that it is just down the road from you in NJ then, well, you would be =
silly to believe it.
Folks who are currently using geolocation for policy (like MLB.com) =
must[0] realize that this is a fundamentally flawed approach and is only =
effective against a non-determined audience, mustn't they? TOR / proxies =
/ etc will all happily get around this blocking and seem much easier for =
the average user than poking at DNS.
W
[0]: Ok, they probably don't, but....=20
>=20
> --Steve Bellovin, http://www.cs.columbia.edu/~smb
>=20
>=20
>=20
>=20
>=20
--
She'd even given herself a middle initial - X - which stood for "someone =
who has a cool and exciting middle name".
-- (Terry Pratchett, Maskerade)
