Submitting Fake Geolocation for blocks to Data Brokers and RIRs

Thu Apr 22 15:45:53 UTC 2021

On Apr 22, 2021, at 10:23 AM, Matthew Petach <mpetach at netflight.com> wrote:
> On Thu, Apr 22, 2021 at 7:12 AM nanoguser100 via NANOG <nanog at nanog.org> wrote:
>> William,
>> 
>> The plan is to carve out a /24 for "Estonia" and have special servers on it.  This would be the same /24 I'd have to use if I were to put a legitimate POP there.  This also means I don't conflict with the real Germany.
>> 
>> I am just worried about violating the 'rules' of these providers and getting myself blacklisted from submitting corrections.  Afterall the traceroute will still show us hitting a router in Germany before it hits my network.  Traceroutes aren't the end all be all but it's a tell-tale sign.
>> 
>> I guess this is all ISP-reported info so it's not "illegal" or a violation in any way.
>> 
>> -Nanoguser100

Love the fact you try to anonymize the question - after giving details like “server is in German, we want it to appear in Estonia”.

Anyway....

> I think it's safe to say that before anyone could be 
> held accountable for geolocation data, there would 
> have to *first* be a requirement that the data be able 
> to be reliably updated to be *correct*.

Matt: I find it amusing you think rationality and logic have anything to do with government activity. You are not usually this naïve.

> As we have not yet achieved a way of ensuring that 
> legitimate holders of IP resources can reliably update 
> the geolocation data, I think you can rest assured, 
> nobody will be holding you accountable for whatever 
> the geolocation data might show for a particular block 
> of addresses.

I am not at all certain of this. At the very least, the maintainer of the information may hold it against you if they find out you have intentionally falsified the data. Remember, the people offering IP address <> Geo-location databases for money are not beholden to you. They are beholden to the people paying them money. If $CONTENT_OWNER wants to ensure only devices in Estonia get certain content, and you go out of your way to allow devices in German get the content, this could present a problem.

Will they sue you? I cannot see that happening. Will they ignore any future updates you give them? Would not surprise me.

BTW: I know VPN providers advertise this precise ability. However, at least the VPN end point is where they say it is.

> Now, if, as an industry, we had a consistent, reliable 
> way in which geolocation records could be updated 
> with a means to audit and ensure the updates are 
> being made only by the legitimate holders of the 
> number resources...*then* you might have reason 
> to be concerned.

Wait, I thought we did. At least I see it in every movie….

> But as of now, as evidenced by the number of 
> "how do I get my geolocation data updated" 
> emails sent to NANOG, which result in a flurry 
> of "meetoo" followups, no reasonable court 
> would ever give any legal credence to the 
> current data in the various geolocation 
> databases.

I find a difference between “we tried to keep the data straight, but there are mistakes” and “this data was intentionally misrepresented”. My guess is the law might as well.

As stated above, I seriously doubt anyone will someone sue you over it. Will you go to jail? Yeah, again, I cannot see that happening. Doesn’t mean you should do it.

> You can sleep soundly at night, whichever 
> road you may choose to take.

What is this “sleep” you mention?

-- 
TTFN,
patrick