September 21, 2005 1:49 PM PDT

NSA granted Net location-tracking patent

The National Security Agency has obtained a patent on a method of figuring out an Internet user's geographic location.

Patent 6,947,978, granted Tuesday, describes a way to discover someone's physical location by comparing it to a "map" of Internet addresses with known locations.

The NSA did not respond Wednesday to an interview request, and the patent description talks only generally about the technology's potential uses. It says the geographic location of Internet users could be used to "measure the effectiveness of advertising across geographic regions" or flag a password that "could be noted or disabled if not used from or near the appropriate location."

Other applications of the geo-location patent, invented by Stephen Huffman and Michael Reifer of Maryland, could relate to the NSA's signals intelligence mission--which is, bluntly put, spying on the communications of non-U.S. citizens.

"If someone's engaged in a dialogue or frequenting a 'bad' Web site, the NSA might want to know where they are," said Mike Liebhold, a senior researcher at the Institute for the Future who has studied geo-location technology. "It wouldn't give them precision, but it would give them a clue that they could use to narrow down the location with other intelligence methods."

The NSA's patent relies on measuring the latency, meaning the time lag between computers exchanging data, of "numerous" locations on the Internet and building a "network latency topology map." Then, at least in theory, the Internet address to be identified can be looked up on the map by measuring how long it takes known computers to connect to the unknown one.

The technique isn't foolproof. People using a dial-up connection can't be traced beyond their Internet service provider--which could be in an different area of the country--and it doesn't account for proxy services like Anonymizer.

Geo-location, sometimes called "geo-targeting" when used to deliver advertising, is an increasingly attractive area for Internet businesses. DoubleClick has licensed geo-location technology to deliver location-dependent advertising, and Visa has signed a deal to use the concept to identify possible credit card fraud in online orders.

Digital Envoy holds a patent on geo-location, and Quova, a privately held firm in Mountain View, Calif., holds three more, one shared with Microsoft.

"It's honestly not clear that there's anything special or technically advanced about what they're describing," Quova Vice President Gary Jackson said, referring to the NSA's patent. "I'd have to have our technical guys read it, but I don't think it impacts us in any way."

44 comments

Join the conversation!
Add your comment
Why tip their hand?
I thought the mission of the NSA was to use these technologies to accomplish their information-gathering misssion, not to apply for patents. Why tip off the bad guys that you know how to do this, or that it's even possible? Knowing how to do this and keeping that capability secret may have allowed them to gather intelligence with it for a decade before someone else developed the concept. Now everyone knows they can do it and the bad guys will take measures to stay off the net (or go back to dialup). It's another example of the careless approach to intelligence that's characterized our government from about the day after Bush indicated he wouldn't tolerate government leaks in the war on terror. Nobody in this government seems to appreciate the value of witholding information from the enemy...
Posted by Razzl (1318 comments )
Reply Link Flag
NSA
What the NSA say in public, and what they really do is quite different.
Posted by (32 comments )
Link Flag
No news there for the bad guys
Everybody with a little bit of knowledge of the Internet knows that you are not anonymous on it without proper precautions.

So they will only catch small crooks with this...
Posted by Steven N (487 comments )
Link Flag
Why tip their hand?
I thought the mission of the NSA was to use these technologies to accomplish their information-gathering misssion, not to apply for patents. Why tip off the bad guys that you know how to do this, or that it's even possible? Knowing how to do this and keeping that capability secret may have allowed them to gather intelligence with it for a decade before someone else developed the concept. Now everyone knows they can do it and the bad guys will take measures to stay off the net (or go back to dialup). It's another example of the careless approach to intelligence that's characterized our government from about the day after Bush indicated he wouldn't tolerate government leaks in the war on terror. Nobody in this government seems to appreciate the value of witholding information from the enemy...
Posted by Razzl (1318 comments )
Reply Link Flag
NSA
What the NSA say in public, and what they really do is quite different.
Posted by (32 comments )
Link Flag
No news there for the bad guys
Everybody with a little bit of knowledge of the Internet knows that you are not anonymous on it without proper precautions.

So they will only catch small crooks with this...
Posted by Steven N (487 comments )
Link Flag
Why tip their hand?
I thought the mission of the NSA was to use these technologies to accomplish their information-gathering misssion, not to apply for patents. Why tip off the bad guys that you know how to do this, or that it's even possible? Knowing how to do this and keeping that capability secret may have allowed them to gather intelligence with it for a decade before someone else developed the concept. Now everyone knows they can do it and the bad guys will take measures to stay off the net (or go back to dialup). It's another example of the careless approach to intelligence that's characterized our government from about the day after Bush indicated he wouldn't tolerate government leaks in the war on terror. Nobody in this government seems to appreciate the value of witholding information from the enemy...
Posted by Razzl (1318 comments )
Reply Link Flag
NSA
What the NSA say in public, and what they really do is quite different.
Posted by (32 comments )
Link Flag
No news there for the bad guys
Everybody with a little bit of knowledge of the Internet knows that you are not anonymous on it without proper precautions.

So they will only catch small crooks with this...
Posted by Steven N (487 comments )
Link Flag
Why tip their hand?
I thought the mission of the NSA was to use these technologies to accomplish their information-gathering misssion, not to apply for patents. Why tip off the bad guys that you know how to do this, or that it's even possible? Knowing how to do this and keeping that capability secret may have allowed them to gather intelligence with it for a decade before someone else developed the concept. Now everyone knows they can do it and the bad guys will take measures to stay off the net (or go back to dialup). It's another example of the careless approach to intelligence that's characterized our government from about the day after Bush indicated he wouldn't tolerate government leaks in the war on terror. Nobody in this government seems to appreciate the value of witholding information from the enemy...
Posted by Razzl (1318 comments )
Reply Link Flag
NSA
What the NSA say in public, and what they really do is quite different.
Posted by (32 comments )
Link Flag
No news there for the bad guys
Everybody with a little bit of knowledge of the Internet knows that you are not anonymous on it without proper precautions.

So they will only catch small crooks with this...
Posted by Steven N (487 comments )
Link Flag
They patented this?
This is like patenting the numbers you find in a phone book! There is no new technique involved here.

Perhaps these people should hire someone with network experience, then they would realize how silly this is.
Posted by Marcus Westrup (630 comments )
Reply Link Flag
Very true
It is done on CNET. I am from Australia and I recieve ads releated to Australian companies. It isn't that hard to do.

I am trying to write a small program to do the same, but the problem is that the databases are 10MB plus. What I have to do is summarise these to sub 100KB which I have not got around to doing. But there is nothing new in what they are doing.
Posted by Andrew J Glina (1673 comments )
Link Flag
They patented this?
This is like patenting the numbers you find in a phone book! There is no new technique involved here.

Perhaps these people should hire someone with network experience, then they would realize how silly this is.
Posted by Marcus Westrup (630 comments )
Reply Link Flag
Very true
It is done on CNET. I am from Australia and I recieve ads releated to Australian companies. It isn't that hard to do.

I am trying to write a small program to do the same, but the problem is that the databases are 10MB plus. What I have to do is summarise these to sub 100KB which I have not got around to doing. But there is nothing new in what they are doing.
Posted by Andrew J Glina (1673 comments )
Link Flag
They patented this?
This is like patenting the numbers you find in a phone book! There is no new technique involved here.

Perhaps these people should hire someone with network experience, then they would realize how silly this is.
Posted by Marcus Westrup (630 comments )
Reply Link Flag
Very true
It is done on CNET. I am from Australia and I recieve ads releated to Australian companies. It isn't that hard to do.

I am trying to write a small program to do the same, but the problem is that the databases are 10MB plus. What I have to do is summarise these to sub 100KB which I have not got around to doing. But there is nothing new in what they are doing.
Posted by Andrew J Glina (1673 comments )
Link Flag
They patented this?
This is like patenting the numbers you find in a phone book! There is no new technique involved here.

Perhaps these people should hire someone with network experience, then they would realize how silly this is.
Posted by Marcus Westrup (630 comments )
Reply Link Flag
Very true
It is done on CNET. I am from Australia and I recieve ads releated to Australian companies. It isn't that hard to do.

I am trying to write a small program to do the same, but the problem is that the databases are 10MB plus. What I have to do is summarise these to sub 100KB which I have not got around to doing. But there is nothing new in what they are doing.
Posted by Andrew J Glina (1673 comments )
Link Flag
This was done years ago, ...for fun, ...by students...
UNIX-era Internet-students used to trace the physical-paths of packets, from end-point to end-point, years ago. Later, we discovered this really cool little free-program, which actually displayed a world-map, with the backbone-paths and server-IPs all the way from the students computers, to virtually any destination-host. And, it really wasnt rocket-science, if you knew how to "PING" and where to look-up basic "Internet" information.

So, I am also a little puzzled by this "patent" story.
Posted by Gayle Edwards (262 comments )
Reply Link Flag
Problem: clueless PTO
Long story short, the main problem is the utter cluelessness of the Patent and Trademark Office, when it comes to anything dealing with computers. See also the recent articles re their new online patent application process.

Their job ads (at least as of summer 2004) specifically prohibit applying by email, or even fax, and there is no way to apply via a web form, even for IT positions. That explains a lot.
Posted by davearonson (35 comments )
Link Flag
This was done years ago, ...for fun, ...by students...
UNIX-era Internet-students used to trace the physical-paths of packets, from end-point to end-point, years ago. Later, we discovered this really cool little free-program, which actually displayed a world-map, with the backbone-paths and server-IPs all the way from the students computers, to virtually any destination-host. And, it really wasnt rocket-science, if you knew how to "PING" and where to look-up basic "Internet" information.

So, I am also a little puzzled by this "patent" story.
Posted by Gayle Edwards (262 comments )
Reply Link Flag
Problem: clueless PTO
Long story short, the main problem is the utter cluelessness of the Patent and Trademark Office, when it comes to anything dealing with computers. See also the recent articles re their new online patent application process.

Their job ads (at least as of summer 2004) specifically prohibit applying by email, or even fax, and there is no way to apply via a web form, even for IT positions. That explains a lot.
Posted by davearonson (35 comments )
Link Flag
This was done years ago, ...for fun, ...by students...
UNIX-era Internet-students used to trace the physical-paths of packets, from end-point to end-point, years ago. Later, we discovered this really cool little free-program, which actually displayed a world-map, with the backbone-paths and server-IPs all the way from the students computers, to virtually any destination-host. And, it really wasnt rocket-science, if you knew how to "PING" and where to look-up basic "Internet" information.

So, I am also a little puzzled by this "patent" story.
Posted by Gayle Edwards (262 comments )
Reply Link Flag
Problem: clueless PTO
Long story short, the main problem is the utter cluelessness of the Patent and Trademark Office, when it comes to anything dealing with computers. See also the recent articles re their new online patent application process.

Their job ads (at least as of summer 2004) specifically prohibit applying by email, or even fax, and there is no way to apply via a web form, even for IT positions. That explains a lot.
Posted by davearonson (35 comments )
Link Flag
This was done years ago, ...for fun, ...by students...
UNIX-era Internet-students used to trace the physical-paths of packets, from end-point to end-point, years ago. Later, we discovered this really cool little free-program, which actually displayed a world-map, with the backbone-paths and server-IPs all the way from the students computers, to virtually any destination-host. And, it really wasnt rocket-science, if you knew how to "PING" and where to look-up basic "Internet" information.

So, I am also a little puzzled by this "patent" story.
Posted by Gayle Edwards (262 comments )
Reply Link Flag
Problem: clueless PTO
Long story short, the main problem is the utter cluelessness of the Patent and Trademark Office, when it comes to anything dealing with computers. See also the recent articles re their new online patent application process.

Their job ads (at least as of summer 2004) specifically prohibit applying by email, or even fax, and there is no way to apply via a web form, even for IT positions. That explains a lot.
Posted by davearonson (35 comments )
Link Flag
who you gonna call?
call 911.. boo
Posted by (187 comments )
Reply Link Flag
who you gonna call?
call 911.. boo
Posted by (187 comments )
Reply Link Flag
who you gonna call?
call 911.. boo
Posted by (187 comments )
Reply Link Flag
who you gonna call?
call 911.. boo
Posted by (187 comments )
Reply Link Flag
Dunno
The news about this is *sensational* yet what they describe this to be- a 'latency' built map, yeah, that is part of ping, but what the point would be is to have a realtime map of machines online at any given time.

Since this would simply be a mass list of ip's as close to physical locations as they could be, I could see a purpose in having such a map that would identify machines 'on the network' but this hasn't identified the users.

Not sure what all this *news* is about, and each story seems to be missing a point. My guess is that the patent is probably happening so this can then be in an application to do what's suggested they want to do. They might not be able to get around it being public and the news agencies picked up the story.

So this is a visual traceroute that pings every network and subnet works but then keeps the info. How new is this really? Whatever, fact is if things are on the way to mapping out the inet to machines online, this would eventually happen anyway.

I can just see all the 'critics' coming up without actual knowledge of what this is/means debating this/that getting the public and everybody else in an uproar. Still- they have to request a user name from an isp from their logs to identify anyone at an ip. Dhcp people will always be changing for thier 'static' map, etc.

Dunno what all the news is about, there is so many ways to already identify a machine and then 'whom' is on it, I see no shortcuts with this news story.


sc
Posted by screename0900 (4 comments )
Reply Link Flag
Dunno
The news about this is *sensational* yet what they describe this to be- a 'latency' built map, yeah, that is part of ping, but what the point would be is to have a realtime map of machines online at any given time.

Since this would simply be a mass list of ip's as close to physical locations as they could be, I could see a purpose in having such a map that would identify machines 'on the network' but this hasn't identified the users.

Not sure what all this *news* is about, and each story seems to be missing a point. My guess is that the patent is probably happening so this can then be in an application to do what's suggested they want to do. They might not be able to get around it being public and the news agencies picked up the story.

So this is a visual traceroute that pings every network and subnet works but then keeps the info. How new is this really? Whatever, fact is if things are on the way to mapping out the inet to machines online, this would eventually happen anyway.

I can just see all the 'critics' coming up without actual knowledge of what this is/means debating this/that getting the public and everybody else in an uproar. Still- they have to request a user name from an isp from their logs to identify anyone at an ip. Dhcp people will always be changing for thier 'static' map, etc.

Dunno what all the news is about, there is so many ways to already identify a machine and then 'whom' is on it, I see no shortcuts with this news story.


sc
Posted by screename0900 (4 comments )
Reply Link Flag
Dunno
The news about this is *sensational* yet what they describe this to be- a 'latency' built map, yeah, that is part of ping, but what the point would be is to have a realtime map of machines online at any given time.

Since this would simply be a mass list of ip's as close to physical locations as they could be, I could see a purpose in having such a map that would identify machines 'on the network' but this hasn't identified the users.

Not sure what all this *news* is about, and each story seems to be missing a point. My guess is that the patent is probably happening so this can then be in an application to do what's suggested they want to do. They might not be able to get around it being public and the news agencies picked up the story.

So this is a visual traceroute that pings every network and subnet works but then keeps the info. How new is this really? Whatever, fact is if things are on the way to mapping out the inet to machines online, this would eventually happen anyway.

I can just see all the 'critics' coming up without actual knowledge of what this is/means debating this/that getting the public and everybody else in an uproar. Still- they have to request a user name from an isp from their logs to identify anyone at an ip. Dhcp people will always be changing for thier 'static' map, etc.

Dunno what all the news is about, there is so many ways to already identify a machine and then 'whom' is on it, I see no shortcuts with this news story.


sc
Posted by screename0900 (4 comments )
Reply Link Flag
Dunno
The news about this is *sensational* yet what they describe this to be- a 'latency' built map, yeah, that is part of ping, but what the point would be is to have a realtime map of machines online at any given time.

Since this would simply be a mass list of ip's as close to physical locations as they could be, I could see a purpose in having such a map that would identify machines 'on the network' but this hasn't identified the users.

Not sure what all this *news* is about, and each story seems to be missing a point. My guess is that the patent is probably happening so this can then be in an application to do what's suggested they want to do. They might not be able to get around it being public and the news agencies picked up the story.

So this is a visual traceroute that pings every network and subnet works but then keeps the info. How new is this really? Whatever, fact is if things are on the way to mapping out the inet to machines online, this would eventually happen anyway.

I can just see all the 'critics' coming up without actual knowledge of what this is/means debating this/that getting the public and everybody else in an uproar. Still- they have to request a user name from an isp from their logs to identify anyone at an ip. Dhcp people will always be changing for thier 'static' map, etc.

Dunno what all the news is about, there is so many ways to already identify a machine and then 'whom' is on it, I see no shortcuts with this news story.


sc
Posted by screename0900 (4 comments )
Reply Link Flag
Mis-spelling
The technique isn't foolproof. People using a dial-up connection can't be traced beyond their Internet service provider--which could be in an different area of the country--and it doesn't account for proxy services like Anonymizer.

I thought it should read, "which could be in a different area. I thought "an" was only used when the beginning letter of the next word was a vowel
Posted by (75 comments )
Reply Link Flag
Mis-spelling
The technique isn't foolproof. People using a dial-up connection can't be traced beyond their Internet service provider--which could be in an different area of the country--and it doesn't account for proxy services like Anonymizer.

I thought it should read, "which could be in a different area. I thought "an" was only used when the beginning letter of the next word was a vowel
Posted by (75 comments )
Reply Link Flag
Mis-spelling
The technique isn't foolproof. People using a dial-up connection can't be traced beyond their Internet service provider--which could be in an different area of the country--and it doesn't account for proxy services like Anonymizer.

I thought it should read, "which could be in a different area. I thought "an" was only used when the beginning letter of the next word was a vowel
Posted by (75 comments )
Reply Link Flag
Mis-spelling
The technique isn't foolproof. People using a dial-up connection can't be traced beyond their Internet service provider--which could be in an different area of the country--and it doesn't account for proxy services like Anonymizer.

I thought it should read, "which could be in a different area. I thought "an" was only used when the beginning letter of the next word was a vowel
Posted by (75 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.