Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Your "go out of their way" is wildly false; all that had to happen was just their electric company to drop power for one second.

So you're saying that business networks typically have completely random IPs setup by their ISP? I would hope not, as that means SSL sites could not have worked at all for most people prior to Windows Vista. Not to mention the certain problem of how Google DNS is setup for people (Hint: It uses a static IP).

In fact I think you might get even more disappointed if you consider the types of "proof" that are considered acceptable within the legal system, and commerce in general.

For instance, completing a contract by faxing over a document, having it signed, and faxing it back. That has all the same theoretical issues associated with it as blocking static IP address and yet you don't see the entire edifice of the justice system or commerce falling to bits, now do you?

> Moreover, the ISP can have assigned the banned IP address to someone else, Joe, not involved. Then Joe's usage of the Web site is no evidence against 3taps.

Why are you speaking in terms of "maybes"? 3taps themselves admitted to using a proxy to evade the ban. They knew they were blocked, and they knew why. QED

So while I would agree with you in general that an IP address is not a priori an identifier, that's not at issue in this specific case.




> So you're saying that business networks typically have completely random IPs setup by their ISP?

No. If 3taps was using a static IP address to access Craigslist, then IP address is at least somewhat meaningful as evidence, but mostly Internet users do not have static IP addresses and mostly only organizations that want to operate Internet servers, or Web servers, do. Why? Because mostly to get to a server, a user uses a domain name which uses the domain name system (DNS) which requires a static IP address.

Yes, in the specific case 3taps asked for trouble and got it.

But the article seems to suggest that this case is a threat to ordinary Internet users who, maybe, get an unusually large number of Web pages from a Web site. So, there is also some interest in the more general situation. There IP address is poor evidence.

To me, in the general case, say, Web sites that send data to anonymous users, without strong authentication, etc., should just f'get about the lawyers, suck it up, and f'get about users downloading data. Else the Web site can use strong authentication of users, charge for access to the site, etc.


Why are you talking about "most users"?

The article, and the court case it references, are about 3Taps. 3Taps had a static IP which was banned, and additionally received a Cease and Desist letter. The court case is very clear that the combination of these factors demonstrate that 3Taps' access had been revoked, and that therefore their continued access (through proxies) constituted an intentional, unauthorized access of a protected system.

If the article "seems to suggest" something other than that, either the article is wrong, or you're reading it wrong. This is only a threat to "ordinary" internet users if they're given clear indication that they are no longer allowed to use a site (something like a C&D letter to go along with an account or IP ban.)




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: