Tags:

Can downloads be traced to a computer using an open wireless network?
February 27, 2012 1:05 PM   Subscribe

Let's say, hypothetically, I downloaded an old TV episode via a filesharing site or bittorrent. Could it be traced to me if I download it from a public access point?

First, let me set the context for you. I've downloaded three or four old (but no doubt still under copyright) movies (ex.: The Love War, a 1970 Lloyd Bridges/Angie Dickinson movie). Over the past few years I've also downloaded or torrented probably 12 or 13 albums of obscure 1950s-1970s music, and a few episodes of older TV shows while on the road in hotels.

Last week, a guy in my city was busted for what was evidently an unusually large cache of illegal pornography; and today, Lifehacker had a long, interesting article on illegal downloading. Together, these things got me thinking.

I know law enforcement can track you down in your own house (as I gather it, they would subpoena an ISP to show them your records). But what if you're using a public access point, like a coffeeshop, public library or the hotels I've stayed in? Or even a neighbor's open wifi? Could they still trace you somehow?

Note that I wouldn't do this -- for all I know, my neighbor has a data cap and I wouldn't want to bust it. I'm just wondering about the mechanics of it. Can law enforcement trace your individual computer through someone else's open wireless connection?

Asking anonymously because I don't want to hear from Angie Dickinson's lawyer.
posted by anonymous to Computers & Internet (9 answers total) 1 user marked this as a favorite
 
anonymous posted">> . But what if you're using a public access point, like a coffeeshop, public library or the hotels I've stayed in? Or even a neighbor's open wifi? Could they still trace you somehow?

Not worth their time. The only one that would be relatively easy would be hotel wifi (provided that they charged you for access). Otherwise, how are they going to determine who downloaded what? Scour security footage of a coffee shop and try to match timestamps?

You're fine. But please don't use your neighbor's open wifi to download anything, because they would be the target of any legal action.
posted by Burhanistan at 1:15 PM on February 27, 2012


Assuming this is regular torrent (and you haven't done something like enter personal information into the torrent software), the only thing the other side can track you by is IP address. Which they subpoena and track to, say, a particular coffee shop with open wifi.

From there, it's hard to imagine how they would track you (they might hold the coffee shop liable, but that's a legal question, not a technical one). The cafe's wifi access point could be logging MAC addresses but a) that's unlikely since most wifi routers don't have hard disks, and b) even if they were it's not like there's a registry of MAC addresses. c) you can change a MAC address.

If you connect via a hard port in your hotel room, the hotel might be able to correlate requests with your room (and thereby you).

But in general, no.
posted by justkevin at 1:20 PM on February 27, 2012


Hypothetically, your machine had a DHCP lease tying an IP address to a MAC address at a certain time. That information is at least cached for the duration of the lease, and quite possible logged. Those logs are possibly long lived. Especially true if there was some sort of registration page (agree to TOS, enter code on receipt, etc). Your MAC address is unique to your computer (aside from any hackery), and may have been tied to your purchase of said machine, or to your warranty, etc. So, tinfoil hat wise, sure it's easy to track an IP back to a person. And you can probably be sure that your generic commodity hardware had it's serial number somehow tied to your purchase and that serial number is tied to the MAC address of that machine. And MAC addresses are assigned to vendors, so for instance it's easy to say you were using an Apple machine and know that they should contact Apple to find which machine has that MAC.
posted by zengargoyle at 1:25 PM on February 27, 2012 [1 favorite]


MAC addresses are very short compared to modern volatile memory and yes, many Wireless Access Points log the MAC addresses, client type and time/datestamp for connections as far back as their memory will allow.

That said, MAC addresses are trivial to spoof or fake, so they're not surefire way to ID someone's connecting device.

So... they could track you but if you were out to evade detection it would be pretty trivial to do.

A person doing forensics would have to move quickly to reduce the possibility that tracking information about you was purged during normal business and technical operations, but I think it's possible that if you were not evading detection a sufficiently motivated opponent could get enough from the different links you'd have to traverse to make at least a tentative identification of the device you were using to access the torrent or whatever you were downloading.
posted by kalessin at 1:28 PM on February 27, 2012


I know law enforcement can track you down in your own house (as I gather it, they would subpoena an ISP to show them your records). But what if you're using a public access point, like a coffeeshop, public library or the hotels I've stayed in? Or even a neighbor's open wifi? Could they still trace you somehow?

In general, "law enforcement" does not get involved with tracking down individual downloaders of old music, movies, and TV shows. If for some reason the FBI is following you specifically around and snooping on your public wifi traffic, they could see stuff like torrent traffic. And similarly if the FBI is sitting at your coffee shop monitoring wifi traffic to find people torrenting for some reason you could get caught that way. Otherwise as other people have said, the best an outside observer who didn't know where you were could get is the IP address and the time, and could only match that up to you if the place you were connecting at saved records linking you to having connected with that IP address at that time.

The more realistic way these sorts of things usually go is that the copyright holder or their representative monitors a public torrent tracker to collect IP addresses, and then sends nastygrams to the ISPs of each of the IP addresses, which the ISP usually forwards to the customer associated with that IP address. In most cases, the ISPs have some sort of official or unofficial policy that if you get enough of those nastygrams they drop you as a customer. That would generally apply to your coffee shop or your neighbor, so either of them could lose their Internet access if you get caught downloading stuff from their connection. Everyone involved knows that it's inefficient to go after each infringer in court individually, so cases of individuals getting sued by copyright holders are relatively rare.
posted by burnmp3s at 1:44 PM on February 27, 2012


No need to worry. I download anywhere from 50 to 100have gigs a month in torrents and upload about 100to to 200.

I've been doing this for years, and haven't had a problem. If they don't go after me, than they certainly wouldn't waste time on you!

Thing is, it is very difficult, time consuming, and human capital expensive to go after people. Notice how copytrolls always try blanketed "jon doe" suits? Which seem lately to be dismissed.


Besides that, spoof your MAC address or change it. Mine does this frequently via a script, but software can do it easily as well.

Rest assured you are more than likely fine, and have a greater chance at being struck by lightening.
posted by handbanana at 1:51 PM on February 27, 2012


If you're a terrorist, I wouldn't count on the public access point protecting you, because the FBI would be able to track you down the hard way (surveillance, etc). They're not going to do that for torrents.

I've been doing this for years, and haven't had a problem. If they don't go after me, than they certainly wouldn't waste time on you!

It's actually part of my job to reply to subpoena requests. I can assure that they do bother, and they will waste their time on you. It really just depends on the kind of thing you're torrenting -- a 0-day video game release? The latest episode of True Blood? A movie that's still in theaters? You are taking a big risk if you're doing it from home.

I can't tell you what ISP I work for, but at least if you're of our customers there is one surefire way not to get caught -- spoof a mac address on your router, release and renew your ip, and then immediately change the mac address after the torrent is done and get a new ip and never use the old mac again.

All we'd be able to do is track you down to a specific CO. We'd never be able to track you down to a specific account.

If you're forced to use a specific mac for your account, though, this obviously wouldn't work. YMMV depending on what ISP you have and how detailed their DHCP logs are.
posted by empath at 2:38 PM on February 27, 2012 [3 favorites]


Hypothetically, your machine had a DHCP lease tying an IP address to a MAC address at a certain time. That information is at least cached for the duration of the lease, and quite possible logged. Those logs are possibly long lived.

We keep logs for about a year, but that just matches ips to macs.
posted by empath at 2:40 PM on February 27, 2012


Also, FYI, a full list of keywords that the DHS and other agencies use to triage electronic publication was recently published on Animal. You may find it... interesting?

For my part I've been toying with the idea of salting all my messages with these words.

http://animalnewyork.com/2012/02/the-department-of-homeland-security-is-searching-your-facebook-and-twitter-for-these-words/
posted by kalessin at 6:15 AM on February 29, 2012


« Older Hey, please help me delete the...   |  Scare me please! I am look... Newer »
This thread is closed to new comments.