IP is irrelevant and not good evidence of
anything. The IP address used by
3taps can be changed by the 3taps ISP
at any time for any reason.
IP can't be used for authentication.
With public key cryptography and
Kerberos, there are some excellent
means of authentication. If Craigslist
wants to use such authentication, fine,
and then they can effectively and accurately
block any given collection of users.
But usually a Web site, e.g., HN, offers
access to any IP address anonymously,
without authentication. In that case,
it's next absurd for the Web site to
complain about some person when they
have next to no good evidence on that
person.
Your "go out of their way" is wildly false;
all that had to happen was just their
electric company to drop power for
one second. My electric company does this
about once a week. Then the cable modem
will forget its assigned IP address
and, when electrical power is restored,
request a new IP address. The 3taps
people need not be aware of this at all.
Moreover, the ISP can have assigned the
banned IP address to someone else,
Joe, not involved. Then Joe's usage
of the Web site is no evidence against
3taps.
Maybe 3taps knew that the Web site did
not want them to use their site,
but more importantly the site had
no good evidence, at least not from IP address,
if 3taps was using
their site at all or not.
> Your "go out of their way" is wildly false; all that had to happen was just their electric company to drop power for one second.
So you're saying that business networks typically have completely random IPs setup by their ISP? I would hope not, as that means SSL sites could not have worked at all for most people prior to Windows Vista. Not to mention the certain problem of how Google DNS is setup for people (Hint: It uses a static IP).
In fact I think you might get even more disappointed if you consider the types of "proof" that are considered acceptable within the legal system, and commerce in general.
For instance, completing a contract by faxing over a document, having it signed, and faxing it back. That has all the same theoretical issues associated with it as blocking static IP address and yet you don't see the entire edifice of the justice system or commerce falling to bits, now do you?
> Moreover, the ISP can have assigned the banned IP address to someone else, Joe, not involved. Then Joe's usage of the Web site is no evidence against 3taps.
Why are you speaking in terms of "maybes"? 3taps themselves admitted to using a proxy to evade the ban. They knew they were blocked, and they knew why. QED
So while I would agree with you in general that an IP address is not a priori an identifier, that's not at issue in this specific case.
> So you're saying that business networks typically have completely random IPs setup by their ISP?
No. If 3taps was using a static IP address to
access Craigslist, then IP address is at least
somewhat meaningful as evidence, but mostly
Internet users do not have static IP addresses
and mostly only organizations that want to
operate Internet servers, or Web servers,
do. Why? Because mostly to get to a server,
a user uses a domain name which uses the
domain name system (DNS) which requires
a static IP address.
Yes, in the specific case 3taps asked for trouble
and got it.
But the article seems to suggest that this case
is a threat to ordinary Internet users who,
maybe, get an unusually large number of Web pages
from a Web site. So, there is also some interest
in the more general situation. There IP address
is poor evidence.
To me, in the general case, say, Web sites that
send data to anonymous users, without strong
authentication, etc., should just f'get
about the lawyers, suck it up, and f'get about
users downloading data. Else the Web site
can use strong authentication of users,
charge for access to the site, etc.
The article, and the court case it references, are about 3Taps. 3Taps had a static IP which was banned, and additionally received a Cease and Desist letter. The court case is very clear that the combination of these factors demonstrate that 3Taps' access had been revoked, and that therefore their continued access (through proxies) constituted an intentional, unauthorized access of a protected system.
If the article "seems to suggest" something other than that, either the article is wrong, or you're reading it wrong. This is only a threat to "ordinary" internet users if they're given clear indication that they are no longer allowed to use a site (something like a C&D letter to go along with an account or IP ban.)
IP is irrelevant and not good evidence of anything. The IP address used by 3taps can be changed by the 3taps ISP at any time for any reason.
IP can't be used for authentication.
With public key cryptography and Kerberos, there are some excellent means of authentication. If Craigslist wants to use such authentication, fine, and then they can effectively and accurately block any given collection of users.
But usually a Web site, e.g., HN, offers access to any IP address anonymously, without authentication. In that case, it's next absurd for the Web site to complain about some person when they have next to no good evidence on that person.
Your "go out of their way" is wildly false; all that had to happen was just their electric company to drop power for one second. My electric company does this about once a week. Then the cable modem will forget its assigned IP address and, when electrical power is restored, request a new IP address. The 3taps people need not be aware of this at all.
Moreover, the ISP can have assigned the banned IP address to someone else, Joe, not involved. Then Joe's usage of the Web site is no evidence against 3taps.
Maybe 3taps knew that the Web site did not want them to use their site, but more importantly the site had no good evidence, at least not from IP address, if 3taps was using their site at all or not.