23,000 IP addresses

[smb at cs.columbia.edu (Steven Bellovin)]

On May 10, 2011, at 9:53 16PM, Michael Painter wrote:

> Deepak Jain wrote:
>> For examples, see the RIAA's attempts and more recently the criminal investigations of child porn downloads from unsecured access
>> points. From what I understand (or wildly guess) is that ISPs with remote diagnostic capabilities are being asked if their
>> provided access point is secure or unsecure BEFORE they serve their warrants to avoid further embarrassments. [It'll probably
>> take another 6 months and more goofs before they realize that customers are perfectly capable of poorly installing their own
>> access points behind ISP provided gear].
> 
> Exactly...what about those who choose WEP/WPA-TKIP for their 'secured' access point?
> I can just imagine being in front of a judge/jury after having been arrested for, as you say, "child porn downloads " and listening to my law^H^H^H public defender explain the mechanisms of how the access point was 'cracked' and may have been used by someone sitting in their car down the street.<shudder> 
> 
> 
It's happened -- here are two cases I know of:
http://news.cnet.com/Wi-Fi-arrest-highlights-security-dangers/2100-1039_3-5112000.html
http://news.nationalpost.com/2010/05/27/ontario-man-accused-of-downloading-child-porn-because-of-free-wifi-connection/


		--Steve Bellovin, https://www.cs.columbia.edu/~smb