[188643] in North American Network Operators' Group
Re: GeoIP database issues and the real world consequences
daemon@ATHENA.MIT.EDU (Steve Atkins)
Mon Apr 11 13:26:44 2016
X-Original-To: nanog@nanog.org
From: Steve Atkins <steve@blighty.com>
In-Reply-To: <20160411171140.GA9284@bamboo.slabnet.com>
Date: Mon, 11 Apr 2016 10:26:36 -0700
To: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
> On Apr 11, 2016, at 10:11 AM, Hugo Slabbert <hugo@slabnet.com> wrote:
>=20
>=20
> On Mon 2016-Apr-11 13:02:14 -0400, Ken Chase <math@sizone.org> wrote:
>=20
>> TL;DR: GeoIP put unknown IP location mappings to the 'center of the =
country'
>> but then rounded off the lat long so it points at this farm.
>>=20
>> Cant believe law enforcement is using this kind of info to execute =
searches.
>> Wouldnt that undermine the credibility of any evidence brought up in =
trials
>> for any geoip locates?
>>=20
>> Seems to me locating unknowns somewhere in the middle of a big lake =
or park in
>> the center of the country might be a better idea.
>=20
> ...how about actually marking an unknown as...oh, I dunno: "unknown"? =
Is there no analogue in the GeoIP lookups for a 404?
It's not unknown - it's (according to the DB, anyway, which has a bunch =
of flaws) "in the US somewhere".
The problem with MaxMind (and other geoip databases I've seen that do =
Lat/Long as well as Country / State / Town) is that the data doesn't =
include uncertainty, so it returns "38.0/-97.0" rather than "somewhere =
in a 3000 mile radius circle centered on 38.0/-97.0".
Someone should show them RFC 1876 as an example of better practice.
Cheers,
Steve
