The idea behind anonymity in regards to the Internet is contentious at best — are you truly anonymous if online activities can be tracked to IP addresses — it might just be a thing of the past completely. More and more, there are legitimate concerns over what happens to all the geolocation data we produce. Who uses it, how long is it stored. These are just some of the concerns.
However, thanks the ingenuity of some academic types, these fears may be much closer to being reality than some would ever hope.
In a report appearing in NewScientist.com, it is possible to track computers to a much closer physical location than previous methods were capable of. Before the new method was discovered, the closest IP address-based tracking attempts could get was in the neighborhood of 20-plus miles. With the new technique discussed at NS, this distance has been staggeringly lowered.
Instead of miles, we’re talking meters — within 690 meters, if the numbers are to be believed. The technique, developed by a Chinese computer scientist named Yong Wang, uses landmarks, Google Maps, data packet inspection, and IP addresses to complete its task. In order to factor the distance of the computer being targeted, Wang’s method monitors the time it takes to send a data packet to the computer being tracked, and converting this time into the corresponding distance.
The NewScientist article has more details:
Wang and colleagues then send data packets to the known Google Maps landmark servers in this large area to find which routers they pass through. When a landmark machine and the target computer have shared a router, the researchers can compare how long a packet takes to reach each machine from the router; converted into an estimate of distance, this time difference narrows the search down further. “We shrink the size of the area where the target potentially is,” explains Wang.
Finally, they repeat the landmark search at this more fine-grained level: comparing delay times once more, they establish which landmark server is closest to the target.
The report also reveals that, because of the large amount of landmarks being used (greater than 70,000), they can get a much more accurate read on the target’s location, as close as the aforementioned 690 meters.
In fact, the report reveals this technique has been used to get within 100 meters of a target’s physical location. Furthermore, this process works even you don’t want your location being known. Wang says, “This is a client-independent method. The client does not need to approve anything.” The technique’s fearful capability doesn’t stop there either. If the target computer is hiding behind a proxy server, Wang’s process will be able to determine it. While the location will remain unknown, the fact the target computer is using a proxy will not.
While this may not mean much in the way of PC users, who are largely stationary (and no, I’m not including laptops, either), mobile Internet use is increasing at an exponential rate, and as of now, mobile device users aren’t afforded the same privacy consideration as other Internet users are. Combining Wang’s geolocation process with the desire of businesses to use this data for advertising purposes, a melding of the two could quite feasibly lead to Minority Report scenes playing out in real life:
So? Should more be done to protect users and the reams of geo-based location data they produce or is it up to the user to “opt-out” of these services? Let us know below.