Feeds

The Rozzers don't know what they're on about

It's techie versus bobby

  • alert
  • submit to reddit

The Power of One Brief: Top reasons to choose HP BladeSystem

[We criticised the police for their inability to trace emails. A Chief Inspector took issue with us. And our readers took issue with him.]

Readers' Letters: It's a biggy
Email is the British Jerry Springer
UK police no idea about the Net
Even the government thinks UK police are Web-stupid



Hi,



Just read the mail you got from Chief Inspector R M Crorie where he stated:

And what is wrong with "good policing" if she DID conceal the originating IP address (probably allocated dynamically - and do you have any idea how difficult it is to get any information out of an ISP or to get a warrant to force them?)

First of all, she was in a cybercafe (apparently), which generally have a leased line. Leased lines generally have static IPs. In fact, if somebody had told the police where to look in the headers to get the IP address, and then did a reverse lookup on it, it would probably resolve to something like townname.cyberia.net or somesuch.

In fact, the IP address probably wouldn't be required, because mail headers or so full of information that it would probably have the resolved name in it anyway. SMTP is clever like that. The Police evidently are not.

Secondly, as somebody who has worked for a few ISPs, I take exception to the Chief Inspector claiming that it is difficult to get information out of us. I have in the past helped several Police forces track down and arrest a whole host of people using the Internet to commit crime (think children/sex, ex-husbands scaring ex-wifes, bomb threats, etc.).

Unfortunately there are a few laws under the Data Protection Act which state that we have to protect our customers information - in other words you need to have a 'release' from the Police (not a warrant). This kind of helps us make sure that some random Police officer doesn't demand the address of the bloke who has been net-sexing his missus and then goes and beats him up. If the Chief Inspector is advising that we should start breaking the law, then perhaps I should be writing to my MP rather than you.

All an ISP requires is the appropriate documentation signed by a senior officer and most, if not all, ISPs will be happy to help. If the Chief Inspector (or indeed any officer or policeman reading this) need to find out how all this works, I would suggest that they contact the Manchester Obscene Publications Unit, who know this procedure inside out, and whom I have had the pleasure of assisting on several occasions back when I was working for Telinco as a sysadmin/security officer/scapegoat.

Paul Robinson



Let's see, I have an IP address that's dynamically allocated; let's pick one at random within the .co.uk TLD... Let's say 193.115.134.130



So, I run up Sam Spade (because I'm too sodding lazy to use a DOS or UNIX command line to do the same thing) and search for the owner of the IP. Turns out that belongs to CYBERZONE-LTD and it's assigned to www.cyberzone.co.uk (obviously not an actual dynamic IP, but I haven't much time to waste showing up the police for the network boneheads they appear to be).

One more mouse click in Sam Spade (personal version 1.14 for whatever that's worth - I find it faster than the Web version most of the time) shows me that CYBERZONE.CO.UK is registered by goodgem@uk.psi.com so we go look up UK.PSI.COM and find they are owned by PSI.COM in Herndon, VA, USA. Well, police budgets being what they are, a transatlantic call is out of the question, so let's look closer to home. Going to the Cyberzone Web page, we find them in Croydon, and the entire sordid story of their location, how to reach them by phone, fax, or email, and who's in charge, is right there on the "contact" link.

Took me, oh, 15 minutes, while answering the Hell Desk phone and wiping users' files off the server. Surely Cheshire's Finest could do that much? After all, they managed to find www.theregister.co.uk didn't they?

Rich Tietjens ®

The smart choice: opportunity from uncertainty

More from The Register

next story
NSA man: 'Tell me about your Turkish connections'
Spooks ask Dabbsy to suggest a nice hotel with pool
Russia sends SEX-CRAZED GECKOS to SPAAAAACE!
In space... no one can hear you're green...
Indian techies-in-training face down MAN-EATING LEOPARD - and WIN
Big cat causes big trouble at Mumbai college
Carlos: Slim your working week to just three days of toil
'Midas World' vision suggests you retire later, watch more tellie and buy more stuff
Yahoo! Japan! launches! service! for! the! dead!
If you're reading this email, I am no longer alive
Plucky Rockall podule man back on (proper) dry land
Bold, barmy Brit adventurer Nick Hancock escapes North Atlantic islet
Motorist 'thought car had caught fire' as Adele track came on stereo
'FIRE' caption on dashboard prompts dunderheaded hard shoulder halt
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.