GeoIP database issues and the real world consequences
owen at delong.com
Mon Apr 11 21:09:56 UTC 2016
> On Apr 11, 2016, at 10:26 , Steve Atkins <steve at blighty.com> wrote:
>> On Apr 11, 2016, at 10:11 AM, Hugo Slabbert <hugo at slabnet.com> wrote:
>> On Mon 2016-Apr-11 13:02:14 -0400, Ken Chase <math at sizone.org> wrote:
>>> TL;DR: GeoIP put unknown IP location mappings to the 'center of the country'
>>> but then rounded off the lat long so it points at this farm.
>>> Cant believe law enforcement is using this kind of info to execute searches.
>>> Wouldnt that undermine the credibility of any evidence brought up in trials
>>> for any geoip locates?
>>> Seems to me locating unknowns somewhere in the middle of a big lake or park in
>>> the center of the country might be a better idea.
>> ...how about actually marking an unknown as...oh, I dunno: "unknown"? Is there no analogue in the GeoIP lookups for a 404?
> It's not unknown - it's (according to the DB, anyway, which has a bunch of flaws) "in the US somewhere".
> The problem with MaxMind (and other geoip databases I've seen that do Lat/Long as well as Country / State / Town) is that the data doesn't include uncertainty, so it returns "38.0/-97.0" rather than "somewhere in a 3000 mile radius circle centered on 38.0/-97.0".
> Someone should show them RFC 1876 as an example of better practice.
So really, what is needed is two additional fields for the lat/lon of laterr/lonerr so that, for example, instead of just 38.0/-97.0, you would get 38.0±2/-97.0±10 or something like that.
This seems reasonable to me.
More information about the NANOG