NSA granted Net location-tracking patent

The National Security Agency has obtained a patent on a method of figuring out an Internet user's geographic location.

Patent 6,947,978, granted Tuesday, describes a way to discover someone's physical location by comparing it to a "map" of Internet addresses with known locations.

The NSA did not respond Wednesday to an interview request, and the patent description talks only generally about the technology's potential uses. It says the geographic location of Internet users could be used to "measure the effectiveness of advertising across geographic regions" or flag a password that "could be noted or disabled if not used from or near the appropriate location."

Other applications of the geo-location patent, invented by Stephen Huffman and Michael Reifer of Maryland, could relate to the NSA's signals intelligence mission--which is, bluntly put, spying on the communications of non-U.S. citizens.

"If someone's engaged in a dialogue or frequenting a 'bad' Web site, the NSA might want to know where they are," said Mike Liebhold, a senior researcher at the Institute for the Future who has studied geo-location technology. "It wouldn't give them precision, but it would give them a clue that they could use to narrow down the location with other intelligence methods."

The NSA's patent relies on measuring the latency, meaning the time lag between computers exchanging data, of "numerous" locations on the Internet and building a "network latency topology map." Then, at least in theory, the Internet address to be identified can be looked up on the map by measuring how long it takes known computers to connect to the unknown one.

The technique isn't foolproof. People using a dial-up connection can't be traced beyond their Internet service provider--which could be in an different area of the country--and it doesn't account for proxy services like Anonymizer.

Geo-location, sometimes called "geo-targeting" when used to deliver advertising, is an increasingly attractive area for Internet businesses. DoubleClick has licensed geo-location technology to deliver location-dependent advertising, and Visa has signed a deal to use the concept to identify possible credit card fraud in online orders.

Digital Envoy holds a patent on geo-location, and Quova, a privately held firm in Mountain View, Calif., holds three more, one shared with Microsoft.

"It's honestly not clear that there's anything special or technically advanced about what they're describing," Quova Vice President Gary Jackson said, referring to the NSA's patent. "I'd have to have our technical guys read it, but I don't think it impacts us in any way."

[Razzl]

Why tip their hand?

I thought the mission of the NSA was to use these technologies to accomplish their information-gathering misssion, not to apply for patents. Why tip off the bad guys that you know how to do this, or that it's even possible? Knowing how to do this and keeping that capability secret may have allowed them to gather intelligence with it for a decade before someone else developed the concept. Now everyone knows they can do it and the bad guys will take measures to stay off the net (or go back to dialup). It's another example of the careless approach to intelligence that's characterized our government from about the day after Bush indicated he wouldn't tolerate government leaks in the war on terror. Nobody in this government seems to appreciate the value of witholding information from the enemy...

NSA

What the NSA say in public, and what they really do is quite different.

[Steven N]

No news there for the bad guys

Everybody with a little bit of knowledge of the Internet knows that you are not anonymous on it without proper precautions.

So they will only catch small crooks with this...

[Razzl]

Why tip their hand?

I thought the mission of the NSA was to use these technologies to accomplish their information-gathering misssion, not to apply for patents. Why tip off the bad guys that you know how to do this, or that it's even possible? Knowing how to do this and keeping that capability secret may have allowed them to gather intelligence with it for a decade before someone else developed the concept. Now everyone knows they can do it and the bad guys will take measures to stay off the net (or go back to dialup). It's another example of the careless approach to intelligence that's characterized our government from about the day after Bush indicated he wouldn't tolerate government leaks in the war on terror. Nobody in this government seems to appreciate the value of witholding information from the enemy...

NSA

What the NSA say in public, and what they really do is quite different.

[Steven N]

No news there for the bad guys

Everybody with a little bit of knowledge of the Internet knows that you are not anonymous on it without proper precautions.

So they will only catch small crooks with this...

[Razzl]

Why tip their hand?

I thought the mission of the NSA was to use these technologies to accomplish their information-gathering misssion, not to apply for patents. Why tip off the bad guys that you know how to do this, or that it's even possible? Knowing how to do this and keeping that capability secret may have allowed them to gather intelligence with it for a decade before someone else developed the concept. Now everyone knows they can do it and the bad guys will take measures to stay off the net (or go back to dialup). It's another example of the careless approach to intelligence that's characterized our government from about the day after Bush indicated he wouldn't tolerate government leaks in the war on terror. Nobody in this government seems to appreciate the value of witholding information from the enemy...

NSA

What the NSA say in public, and what they really do is quite different.

[Steven N]

No news there for the bad guys

Everybody with a little bit of knowledge of the Internet knows that you are not anonymous on it without proper precautions.

So they will only catch small crooks with this...

[Razzl]

Why tip their hand?

I thought the mission of the NSA was to use these technologies to accomplish their information-gathering misssion, not to apply for patents. Why tip off the bad guys that you know how to do this, or that it's even possible? Knowing how to do this and keeping that capability secret may have allowed them to gather intelligence with it for a decade before someone else developed the concept. Now everyone knows they can do it and the bad guys will take measures to stay off the net (or go back to dialup). It's another example of the careless approach to intelligence that's characterized our government from about the day after Bush indicated he wouldn't tolerate government leaks in the war on terror. Nobody in this government seems to appreciate the value of witholding information from the enemy...

NSA

What the NSA say in public, and what they really do is quite different.

[Steven N]

No news there for the bad guys

Everybody with a little bit of knowledge of the Internet knows that you are not anonymous on it without proper precautions.

So they will only catch small crooks with this...

[Marcus Westrup]

They patented this?

This is like patenting the numbers you find in a phone book! There is no new technique involved here.

Perhaps these people should hire someone with network experience, then they would realize how silly this is.

[Andrew J Glina]

Very true

It is done on CNET. I am from Australia and I recieve ads releated to Australian companies. It isn't that hard to do.

I am trying to write a small program to do the same, but the problem is that the databases are 10MB plus. What I have to do is summarise these to sub 100KB which I have not got around to doing. But there is nothing new in what they are doing.

[Marcus Westrup]

They patented this?

This is like patenting the numbers you find in a phone book! There is no new technique involved here.

Perhaps these people should hire someone with network experience, then they would realize how silly this is.

[Andrew J Glina]

Very true

It is done on CNET. I am from Australia and I recieve ads releated to Australian companies. It isn't that hard to do.

I am trying to write a small program to do the same, but the problem is that the databases are 10MB plus. What I have to do is summarise these to sub 100KB which I have not got around to doing. But there is nothing new in what they are doing.

[Marcus Westrup]

They patented this?

This is like patenting the numbers you find in a phone book! There is no new technique involved here.

Perhaps these people should hire someone with network experience, then they would realize how silly this is.

[Andrew J Glina]

Very true

It is done on CNET. I am from Australia and I recieve ads releated to Australian companies. It isn't that hard to do.

I am trying to write a small program to do the same, but the problem is that the databases are 10MB plus. What I have to do is summarise these to sub 100KB which I have not got around to doing. But there is nothing new in what they are doing.

[Marcus Westrup]

They patented this?

This is like patenting the numbers you find in a phone book! There is no new technique involved here.

Perhaps these people should hire someone with network experience, then they would realize how silly this is.

[Andrew J Glina]

Very true

It is done on CNET. I am from Australia and I recieve ads releated to Australian companies. It isn't that hard to do.

I am trying to write a small program to do the same, but the problem is that the databases are 10MB plus. What I have to do is summarise these to sub 100KB which I have not got around to doing. But there is nothing new in what they are doing.

[Gayle Edwards]

This was done years ago, ...for fun, ...by students...

UNIX-era Internet-students used to trace the physical-paths of packets, from end-point to end-point, years ago. Later, we discovered this really cool little free-program, which actually displayed a world-map, with the backbone-paths and server-IPs all the way from the students computers, to virtually any destination-host. And, it really wasnt rocket-science, if you knew how to "PING" and where to look-up basic "Internet" information.

So, I am also a little puzzled by this "patent" story.

[davearonson]

Problem: clueless PTO

Long story short, the main problem is the utter cluelessness of the Patent and Trademark Office, when it comes to anything dealing with computers. See also the recent articles re their new online patent application process.

Their job ads (at least as of summer 2004) specifically prohibit applying by email, or even fax, and there is no way to apply via a web form, even for IT positions. That explains a lot.

[John Kuzak]

UNIX-era

http://www.analogstereo.com/hyundai_santa_fe_owners_manual.htm

[Gayle Edwards]

This was done years ago, ...for fun, ...by students...

UNIX-era Internet-students used to trace the physical-paths of packets, from end-point to end-point, years ago. Later, we discovered this really cool little free-program, which actually displayed a world-map, with the backbone-paths and server-IPs all the way from the students computers, to virtually any destination-host. And, it really wasnt rocket-science, if you knew how to "PING" and where to look-up basic "Internet" information.

So, I am also a little puzzled by this "patent" story.

[davearonson]

Problem: clueless PTO

Long story short, the main problem is the utter cluelessness of the Patent and Trademark Office, when it comes to anything dealing with computers. See also the recent articles re their new online patent application process.

Their job ads (at least as of summer 2004) specifically prohibit applying by email, or even fax, and there is no way to apply via a web form, even for IT positions. That explains a lot.

[John Kuzak]

UNIX-era

http://www.analogstereo.com/hyundai_santa_fe_owners_manual.htm

[Gayle Edwards]

This was done years ago, ...for fun, ...by students...

UNIX-era Internet-students used to trace the physical-paths of packets, from end-point to end-point, years ago. Later, we discovered this really cool little free-program, which actually displayed a world-map, with the backbone-paths and server-IPs all the way from the students computers, to virtually any destination-host. And, it really wasnt rocket-science, if you knew how to "PING" and where to look-up basic "Internet" information.

So, I am also a little puzzled by this "patent" story.

[davearonson]

Problem: clueless PTO

Long story short, the main problem is the utter cluelessness of the Patent and Trademark Office, when it comes to anything dealing with computers. See also the recent articles re their new online patent application process.

Their job ads (at least as of summer 2004) specifically prohibit applying by email, or even fax, and there is no way to apply via a web form, even for IT positions. That explains a lot.

[John Kuzak]

UNIX-era

http://www.analogstereo.com/hyundai_santa_fe_owners_manual.htm

[Gayle Edwards]

This was done years ago, ...for fun, ...by students...

UNIX-era Internet-students used to trace the physical-paths of packets, from end-point to end-point, years ago. Later, we discovered this really cool little free-program, which actually displayed a world-map, with the backbone-paths and server-IPs all the way from the students computers, to virtually any destination-host. And, it really wasnt rocket-science, if you knew how to "PING" and where to look-up basic "Internet" information.

So, I am also a little puzzled by this "patent" story.

[davearonson]

Problem: clueless PTO

Long story short, the main problem is the utter cluelessness of the Patent and Trademark Office, when it comes to anything dealing with computers. See also the recent articles re their new online patent application process.

Their job ads (at least as of summer 2004) specifically prohibit applying by email, or even fax, and there is no way to apply via a web form, even for IT positions. That explains a lot.

[John Kuzak]

UNIX-era

http://www.analogstereo.com/hyundai_santa_fe_owners_manual.htm

who you gonna call?

call 911.. boo

who you gonna call?

call 911.. boo

who you gonna call?

call 911.. boo

who you gonna call?

call 911.. boo

[screename0900]

Dunno

The news about this is *sensational* yet what they describe this to be- a 'latency' built map, yeah, that is part of ping, but what the point would be is to have a realtime map of machines online at any given time.

Since this would simply be a mass list of ip's as close to physical locations as they could be, I could see a purpose in having such a map that would identify machines 'on the network' but this hasn't identified the users.

Not sure what all this *news* is about, and each story seems to be missing a point. My guess is that the patent is probably happening so this can then be in an application to do what's suggested they want to do. They might not be able to get around it being public and the news agencies picked up the story.

So this is a visual traceroute that pings every network and subnet works but then keeps the info. How new is this really? Whatever, fact is if things are on the way to mapping out the inet to machines online, this would eventually happen anyway.

I can just see all the 'critics' coming up without actual knowledge of what this is/means debating this/that getting the public and everybody else in an uproar. Still- they have to request a user name from an isp from their logs to identify anyone at an ip. Dhcp people will always be changing for thier 'static' map, etc.

Dunno what all the news is about, there is so many ways to already identify a machine and then 'whom' is on it, I see no shortcuts with this news story.


sc

[screename0900]

Dunno

The news about this is *sensational* yet what they describe this to be- a 'latency' built map, yeah, that is part of ping, but what the point would be is to have a realtime map of machines online at any given time.

Since this would simply be a mass list of ip's as close to physical locations as they could be, I could see a purpose in having such a map that would identify machines 'on the network' but this hasn't identified the users.

Not sure what all this *news* is about, and each story seems to be missing a point. My guess is that the patent is probably happening so this can then be in an application to do what's suggested they want to do. They might not be able to get around it being public and the news agencies picked up the story.

So this is a visual traceroute that pings every network and subnet works but then keeps the info. How new is this really? Whatever, fact is if things are on the way to mapping out the inet to machines online, this would eventually happen anyway.

I can just see all the 'critics' coming up without actual knowledge of what this is/means debating this/that getting the public and everybody else in an uproar. Still- they have to request a user name from an isp from their logs to identify anyone at an ip. Dhcp people will always be changing for thier 'static' map, etc.

Dunno what all the news is about, there is so many ways to already identify a machine and then 'whom' is on it, I see no shortcuts with this news story.


sc

[screename0900]

Dunno

The news about this is *sensational* yet what they describe this to be- a 'latency' built map, yeah, that is part of ping, but what the point would be is to have a realtime map of machines online at any given time.

Since this would simply be a mass list of ip's as close to physical locations as they could be, I could see a purpose in having such a map that would identify machines 'on the network' but this hasn't identified the users.

Not sure what all this *news* is about, and each story seems to be missing a point. My guess is that the patent is probably happening so this can then be in an application to do what's suggested they want to do. They might not be able to get around it being public and the news agencies picked up the story.

So this is a visual traceroute that pings every network and subnet works but then keeps the info. How new is this really? Whatever, fact is if things are on the way to mapping out the inet to machines online, this would eventually happen anyway.

I can just see all the 'critics' coming up without actual knowledge of what this is/means debating this/that getting the public and everybody else in an uproar. Still- they have to request a user name from an isp from their logs to identify anyone at an ip. Dhcp people will always be changing for thier 'static' map, etc.

Dunno what all the news is about, there is so many ways to already identify a machine and then 'whom' is on it, I see no shortcuts with this news story.


sc

[screename0900]

Dunno

The news about this is *sensational* yet what they describe this to be- a 'latency' built map, yeah, that is part of ping, but what the point would be is to have a realtime map of machines online at any given time.

Since this would simply be a mass list of ip's as close to physical locations as they could be, I could see a purpose in having such a map that would identify machines 'on the network' but this hasn't identified the users.

Not sure what all this *news* is about, and each story seems to be missing a point. My guess is that the patent is probably happening so this can then be in an application to do what's suggested they want to do. They might not be able to get around it being public and the news agencies picked up the story.

So this is a visual traceroute that pings every network and subnet works but then keeps the info. How new is this really? Whatever, fact is if things are on the way to mapping out the inet to machines online, this would eventually happen anyway.

I can just see all the 'critics' coming up without actual knowledge of what this is/means debating this/that getting the public and everybody else in an uproar. Still- they have to request a user name from an isp from their logs to identify anyone at an ip. Dhcp people will always be changing for thier 'static' map, etc.

Dunno what all the news is about, there is so many ways to already identify a machine and then 'whom' is on it, I see no shortcuts with this news story.


sc