[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Input required on Secure Wiki project
I wonder about similar things happening when reports are made against IP
addresses. Imagine an error is made when converting between timezones, for
example. Or a much more likely mistake that some webserver's time is out of
sync with the ISP.
Yes, that unfortunately really happens. :-( Last year there was a case in
germany. Some lawyer sued someone for downloading music in P2P nets based on
the IP he supposedly had at that time. Unfortunately the provider made a
mistake and actually looked up the wrong IP adress and associated the wrong
customer to the request from the lawyer. Luckily that customer had a log of
all his dynamically assigned IPs from the last year (or two) and it was enough
to raise doubts in court and the provider had to re-check and the mistake was
obvious. The funny thing was, that that accuser then argumented, the amount of
money in dispute would suddenly be much lower than he originally claimed. ;-)
(which the judge rejected quite plainly)
But I also think, that problems may be much more common that one thinks at the
first moment... Probably it is a really good idea to log the assigned IPs,
just to have some own records (even if it is no proof). (But then again, IPs
logged by some server is also no proof in itself, e.g. you can just put fake
IPs or times in the log.)
Dominik
--