GeoIP database issues and the real world consequences
steve at blighty.com
Mon Apr 11 17:26:36 UTC 2016
> On Apr 11, 2016, at 10:11 AM, Hugo Slabbert <hugo at slabnet.com> wrote:
> On Mon 2016-Apr-11 13:02:14 -0400, Ken Chase <math at sizone.org> wrote:
>> TL;DR: GeoIP put unknown IP location mappings to the 'center of the country'
>> but then rounded off the lat long so it points at this farm.
>> Cant believe law enforcement is using this kind of info to execute searches.
>> Wouldnt that undermine the credibility of any evidence brought up in trials
>> for any geoip locates?
>> Seems to me locating unknowns somewhere in the middle of a big lake or park in
>> the center of the country might be a better idea.
> ...how about actually marking an unknown as...oh, I dunno: "unknown"? Is there no analogue in the GeoIP lookups for a 404?
It's not unknown - it's (according to the DB, anyway, which has a bunch of flaws) "in the US somewhere".
The problem with MaxMind (and other geoip databases I've seen that do Lat/Long as well as Country / State / Town) is that the data doesn't include uncertainty, so it returns "38.0/-97.0" rather than "somewhere in a 3000 mile radius circle centered on 38.0/-97.0".
Someone should show them RFC 1876 as an example of better practice.
More information about the NANOG