IPv6 IP addresses will make it easier for security services to track you
By Ellen Branagh | Monday, December 8th 2014
The next generation of IP addresses will help security services track people more accurately through their devices, according to the head of the body representing the UK internet industry.
James Blessing, chair of the Internet Service Providers’ Association (ISPA), said the new version of IP (Internet Protocol) addresses would make it less laborious for service providers to work out exactly what user relates to an IP address.
But there needs to be a balance between security and privacy, as anything that makes a system vulnerable to authorities also makes it open to “bad actors”, he said.
Mr Blessing said the way current IP addresses, known as IPv4, work makes it difficult for operators to work exactly which user relates to an IP address.
But he said the latest version of the protocol, IPv6, would solve the problems.
IPv6 provides a far larger number of addresses, hoped to deal with the need for a greater number needed by the rapidly growing number of devices across the world.
Speaking to Cable.co.uk, Mr Blessing said when mobile operators are asked for IP location data on a subscriber, they have to do a lot of tracing back, making it difficult to find the right person.
He said: “If you use your phone to access the internet, you don’t get a static IP address. You get a dynamic address and you get a private dynamic address and there’s a gateway in the middle.
“On the outside of that, to the outside world, that’s one address. So all you can tell is that all the people behind that one address which could be 2,000 – one of those 2,000 people.
“Unless you have more details about what they did on that side, you can’t actually trace that back to an end user.
“Basically, as you go through the gateway you have a port number, and you’re assigned a port number. And that port number – if you’ve recorded the information correctly over here, will be able to tell you which port it came from.
“So on the gateway here you can tell which user that was. And then you can trace it back to the user. That’s fine. But the port number tends to get lost in the process.
“There is a solution to that, it’s called IPv6.
“So for a law enforcement’s point of view, if all mobile networks moved to IPv6, you would know where every phone was, and you would know who it was, because the phone would have a unique address all the time.”
Mr Blessing, who previously criticised a lack of understanding by police and security services about how the internet works, said you could try to change your address dynamically, but ISP or mobile network would know it’s the same device.
But he said that security services’ efforts to find out what’s going on could create “back doors” that could be used by “bad actors”.
He added: “There’s a lot of things that happen on the networks that are designed to stop bad actors – people who want to steal your information, all sorts of people or devices or software out there to do things that it shouldn’t be doing.
“And a lot of that actually breaks the security services trying to find out what’s going on.
“So there’s a balance there between security and privacy. Not just privacy but safety.
“There’s a whole issue there. What you come across is that a lot of things that certain American organisations have been doing to try and get through and work out who people are and what they’re doing has actually introduced back holes and backdoors and flaws in security so that they can get to the information.
“Basically what you do is if you try to subvert something to find information, you end up opening the door for other people.
“It’s like breaking into a house, climbing out the door and then leaving it unlocked so you can get back in later.”