It's time to put an end to these attempts at geolocating Internet ussers. A website shouldn't know where I am connecting from unless I willingly provide that information. It's inevitably used against the user to track him, profile him, or restrict his freedom in some way.
> There have been persistent stories in a number of markets of Starlink resellers that set up a service in a country that has the necessary national regulatory approvals to use Starlink and then they ship the dish to a nearby location in a different country.
It's still baffling to me how Starlink is getting away with this.
It makes some sense for the old wide-beam geostationary services, like Inmarsat's legacy services, which are intrinsically hard to geolocate (the satellite beams for tehse cover huge areas and the operator has no technical reason to know where the client is located).
But for Starlink, which has a mandatory GPS receiver in every terminal and which uses spot beams smaller than some rural 5G cells?
Great for people in countries with authoritarian governments limiting their access to information, of course, but somehow I don't feel great about the broader implications on the credibility of international law.
When I lived in Iran as a foreigner almost 2 decades ago, it was common for foreigners to try to sneak a satellite TV box and receiver in their luggage. They'd arrange payment through someone in their original country, and obtain the dish locally (plus having a local electrician set it up for them).
It was illegal, but for the most part tolerated. Yes, it was just one-way geostationary communication rather than internet access, but it wasn't like people were doing anything special to hide the dishes on their roofs.
I think most authoritarian regimes tend to tolerate some low level violations of these kinds (VPNs were also illegal yet openly sold) in exchange for the public allowing them to stay in power.
With Starlink it probably helps that even the previous administration, despite their conflicts with Musk, turned a blind eye to Starlink being supplied to Iranians even given the Iranian government's protests (IIRC).
Autocratic regimes also do still have to care what the populace thinks, it's just that the thresholds are totally different. They can get torn apart by widespread revolt even if they cannot be voted out of power, and most autocratic regimes spend a lot of time in fear of just this sort of threat. In other words, they pick their battles, and some of these low level violations might not make sense to crack down on broadly, unless the regime really, really cares about the issue. (eg: the hijab in Iran)
It's also the case that if nearly everyone is breaking some minor law then nearly everyone is vulnerable, which could also be a more comfortable place for such a regime. Even if this is not the intent behind the current permissiveness, this fact might help keep it in place all the same.
Then maybe we should rewrite the international laws accordingly.
The whole idea of "a country owns its radio waves" hasn't held in practice for, basically, the entire history of radio waves.
And I don't think the tech companies are very trustworthy - but I'd trust many of them with power before I would trust a lot of the governments. Google is quite open about being evil now, but I'd still trust Google before I trust the governments of Saudi Arabia or Sudan.
Except you can't: countries exercise the monopoly on violence within their borders, and that specific detail delineates most other powers: e.g. if they want to setup and run high power jamming on their territory, then to stop them would take an act of war.
So in practice the agreements we make essentially cover making reasonable concessions so no one feels the need to start bombing things.
There are significant amounts of soft power between countries before it comes to physical force.
For example, how I'd have expected this to play out in an age that feels more and more a thing of the past:
- Country A's ingenious startup offers global satellite service, bypassing country B's telecom monopoly, without even fully registering it. (They employ more engineers than lawyers.)
- Country B complains to country A's government.
- Government A respects B's sovereignty, even though A is much larger and more powerful than B, and wants to reassure the world that the same rules apply to everybody. It slaps the startup on its wrist, under the (very implicit, never even hinted at) threat of further regulatory or legal action. (The startup pays taxes in A, and its executives live and can be arrested there.)
- The startup stops providing service on B's territory.
- The governments of A and B sit down together and negotiate, behind closed doors and without making it a big display of power, a deal that works for both of them, e.g. granting the startup access to the market of B, in exchange for complying with local regulations.
Obviously it has never worked like that between all countries and in all cases, but I'm just saying, this used to be seen as a desirable model by many.
I'm not exactly upset, but I have a somewhat uneasy feeling about how a foreign private company can seemingly walk all over national and international law like that and get away with it. (SpaceX isn't exactly an NGO or hacker/ham collective.)
Sure, it currently seems to lead to good outcomes in my eyes (democracy and access to information > most alternatives), but what if it one day does not? Trust in laws and international agreements is, like all trust, gained in drops and lost in buckets.
The company is not "walking all over national and international laws", the citizens are. The company is simply not enforcing those laws as strictly as it could.
In practice, laws are only as effective as a government's willingness to use its monopoly on violence to enforce them.
yeah, it's like exporting guns from US knowing it's going to locally-illegal hands. Maybe not as bad as guns, more like alcohol to a highly religious country, but still. The destination countries kind of has full rights to prosecute personnel involved, should they ever fly there.
They don't care because their employees are never going to fly to those [whatever series of expletives] countries, and that's not um ... not nice.
It's an arm of the US 'military industrial complex', i.e. one of many components of a genocidal narcoterrorist state apparatus.
This is why they "get away" with things. Concerns of ordinary people, like law, ethics or decorum, mean next to nothing to the people running projects under this umbrella. Achieving the objectives is all that matters, and the main objective in this case is to establish a world wide system for surveillance and control that is similar to the Internet but less accessible to democratic institutions, activists and private associations generally.
There's no leverage for the countries without Starlink business to use against Starlink other than blocking future approval (unlikely to start with in those blocking it because it can bypass their information filtering) so they can only go after the customers who are harder to track down than detecting the downlink signal.
IP and geo location can work up to the state (country), that's it... and that doesn't include the roaming. IP location for mobile phones is based on the data center.
Roaming (commonly) keeps the person in the original state, regardless where they are. I can travel through out Europe, or Thailand, or the Canary Islands. I will still proudly reside in the capital where I don't live anyways.
> IP and geo location can work up to the state (country), that's it... and that doesn't include the roaming.
IP location can work at the postal code level, if the ISP's assignment scheme is granular enough and they are either publishing a corresponding geofeed or somebody is just reverse engineering one based on data collection.
The latter works very similarly to Wi-Fi geo positioning: Devices that have a GPS position source report the observed location of a given IP address; devices without one make use of it.
> So just forget IP and geolocation.
Yes, for the <1% of people actively doing something against it (e.g. using VPNs), for some other edge cases, and importantly for mobile data roaming. Otherwise, it's surprisingly accurate these days.
How does that follow? The more densely populated an area is, the more accurate geo-IP usually is as well, just like with other infrastructure (postal code areas are smaller in cities etc.)
Regarding NAT, CG-NATs are usually still reasonably close to the first interconnection point to keep latency low. And as that stops being the case, IPv6 is getting more and more common in any case, precisely because CG-NAT doesn’t scale that well.
The inconsistency in the Starlink data would suggest that they make use of different options to determine to which country their devices get applied to.
As mentioned here Starlink could provide very precise location and limit access but as growing service it’s more valuable to break rules for wider adoption.
And who could punish Starlink? Only the US and they are interested to let this player getting big and regulate later.
> The telephone system's address plan embedded a certain amount of physical location information in the fixed line network, and a full E.164 telephone number indicated your location in terms of your country, and your area within that country.
Until quite recently (i.e. with the introduction of NGNs), it's my understanding that in the US, calls to mobile phones were (and probably often are) still routed to the geographic location of the phone number's rate center.
People don't usually think about it because intra-US latency is usually low enough to care (and lower than the latency to most outsourced call centers in any case), but during natural disasters such as Katrina, the ties between geography and network topology still make themselves known.
The US mixes up fixed line numbers with mobile numbers, so you can’t tell them apart based just on the number.
In Australia, mobile services are a separate area code-so a mobile number tells you that it is a mobile number, but nothing else-once upon a time, the first few digits told you the telco, but with number portability that is largely no longer true.
Unless it is the teachers at our kid’s school, who use Microsoft Teams to call parents on their mobile, so it looks like it is coming from a fixed line
Some of it is probably an artifact of mobile plan pricing being quite dependent on who you were calling when cell phones became widely available. I (still) have an area code that's the result of who I tended to be calling on my cell at the time. Hasn't been my "home" area code for many decades. (Not that I actually have a landline any longer.)
I think it's the other way around: Since calls were routed geographically, and it's not apparent to the caller whether they're calling a landline or mobile phone, it also made sense to price them geographically (at least before the marginal cost of the incremental call-mile went to zero).
I didn't actually even live in the area code any longer but had outdoor activities with people who did live in that area code who I might call from my cell. So that's what I chose at the time. And, by the time I switched carriers, phone number portability was a thing.
How about we just declare IPv4 addresses to be static as of ..yesterday. They are not unique of course, but at some level they are. Done. Solve a whole bunch of heart ache.
Check the charts for price since 2020. It looks like IPv4-block prices almost tripled 2020-2021. Then seem to have been in gradual decline since then. I'm rather surprised.
My ISP (KPN) actually does still give out static ipv4 addresses by default. I don't think it's technically static, since they don't make any claims about that, but mine hasn't changed in the 2 years since I moved to this address.
That is true now, but 4-5 years ago I was starting a small ISP and prices were almost triple that. $80-$100/address seemed somewhat common IIRC, and prices only seemed to be going up. So I can certainly see an ISP looking at that and making a plan for a future where IPs cost $200+ each.
Since then prices have come down. I can only speculate that high prices caused a bunch of organisations to decide to sell their unused IP blocks. I suppose the question is: Does the market now have enough spare capacity to see us through to IPv6-only adoption at reasonable IP costs, or will we be seeing high prices again in 5+ years?
The solution is already here. ISPs roll out CGNAT for IPv4, but their networks are dual stack, so the client devices have real IPv6 connectivity as well as IPv4 through a NAT.
It's not great, but for 99% of consumers, they can't tell the difference. The ISP only needs a small 28 or 29 allocation, and with that they serve tens to hundreds of thousands of clients.
I doubt we will see IPv6-only ISPs. Such provider will have to face complaints that some part of Internet is not working correctly. It can be written it in the offer, but for not technical people some services will be broken by ISP.
It is core of problem with IPv6 adoption - from ISP perspective it do not solve any problem because they still needs solution for connecting to IPv4. Opposite way it works - if you have IPv4 there are bridges to IPv6.
It's not uncommon that 'security solutions' in commerce and the like just refuses traffic from IPv6. Sometimes I switch to a rather dirty IPv4 address to feel something when I bypass it that way.
It's time to put an end to these attempts at geolocating Internet ussers. A website shouldn't know where I am connecting from unless I willingly provide that information. It's inevitably used against the user to track him, profile him, or restrict his freedom in some way.
> There have been persistent stories in a number of markets of Starlink resellers that set up a service in a country that has the necessary national regulatory approvals to use Starlink and then they ship the dish to a nearby location in a different country.
It's still baffling to me how Starlink is getting away with this.
It makes some sense for the old wide-beam geostationary services, like Inmarsat's legacy services, which are intrinsically hard to geolocate (the satellite beams for tehse cover huge areas and the operator has no technical reason to know where the client is located).
But for Starlink, which has a mandatory GPS receiver in every terminal and which uses spot beams smaller than some rural 5G cells?
Great for people in countries with authoritarian governments limiting their access to information, of course, but somehow I don't feel great about the broader implications on the credibility of international law.
When I lived in Iran as a foreigner almost 2 decades ago, it was common for foreigners to try to sneak a satellite TV box and receiver in their luggage. They'd arrange payment through someone in their original country, and obtain the dish locally (plus having a local electrician set it up for them).
It was illegal, but for the most part tolerated. Yes, it was just one-way geostationary communication rather than internet access, but it wasn't like people were doing anything special to hide the dishes on their roofs.
I think most authoritarian regimes tend to tolerate some low level violations of these kinds (VPNs were also illegal yet openly sold) in exchange for the public allowing them to stay in power.
With Starlink it probably helps that even the previous administration, despite their conflicts with Musk, turned a blind eye to Starlink being supplied to Iranians even given the Iranian government's protests (IIRC).
Autocratic regimes also do still have to care what the populace thinks, it's just that the thresholds are totally different. They can get torn apart by widespread revolt even if they cannot be voted out of power, and most autocratic regimes spend a lot of time in fear of just this sort of threat. In other words, they pick their battles, and some of these low level violations might not make sense to crack down on broadly, unless the regime really, really cares about the issue. (eg: the hijab in Iran)
It's also the case that if nearly everyone is breaking some minor law then nearly everyone is vulnerable, which could also be a more comfortable place for such a regime. Even if this is not the intent behind the current permissiveness, this fact might help keep it in place all the same.
The US was probably happy that such freer access to information annoyed the Iranian government.
Then maybe we should rewrite the international laws accordingly.
The whole idea of "a country owns its radio waves" hasn't held in practice for, basically, the entire history of radio waves.
And I don't think the tech companies are very trustworthy - but I'd trust many of them with power before I would trust a lot of the governments. Google is quite open about being evil now, but I'd still trust Google before I trust the governments of Saudi Arabia or Sudan.
Except you can't: countries exercise the monopoly on violence within their borders, and that specific detail delineates most other powers: e.g. if they want to setup and run high power jamming on their territory, then to stop them would take an act of war.
So in practice the agreements we make essentially cover making reasonable concessions so no one feels the need to start bombing things.
> then to stop them would take an act of war.
Or a covert act of war disguised as local domestic terrorism.
There are significant amounts of soft power between countries before it comes to physical force.
For example, how I'd have expected this to play out in an age that feels more and more a thing of the past:
- Country A's ingenious startup offers global satellite service, bypassing country B's telecom monopoly, without even fully registering it. (They employ more engineers than lawyers.)
- Country B complains to country A's government.
- Government A respects B's sovereignty, even though A is much larger and more powerful than B, and wants to reassure the world that the same rules apply to everybody. It slaps the startup on its wrist, under the (very implicit, never even hinted at) threat of further regulatory or legal action. (The startup pays taxes in A, and its executives live and can be arrested there.)
- The startup stops providing service on B's territory.
- The governments of A and B sit down together and negotiate, behind closed doors and without making it a big display of power, a deal that works for both of them, e.g. granting the startup access to the market of B, in exchange for complying with local regulations.
Obviously it has never worked like that between all countries and in all cases, but I'm just saying, this used to be seen as a desirable model by many.
Which part are you upset about? This all sounds positive.
I'm not exactly upset, but I have a somewhat uneasy feeling about how a foreign private company can seemingly walk all over national and international law like that and get away with it. (SpaceX isn't exactly an NGO or hacker/ham collective.)
Sure, it currently seems to lead to good outcomes in my eyes (democracy and access to information > most alternatives), but what if it one day does not? Trust in laws and international agreements is, like all trust, gained in drops and lost in buckets.
The company is not "walking all over national and international laws", the citizens are. The company is simply not enforcing those laws as strictly as it could.
In practice, laws are only as effective as a government's willingness to use its monopoly on violence to enforce them.
yeah, it's like exporting guns from US knowing it's going to locally-illegal hands. Maybe not as bad as guns, more like alcohol to a highly religious country, but still. The destination countries kind of has full rights to prosecute personnel involved, should they ever fly there.
They don't care because their employees are never going to fly to those [whatever series of expletives] countries, and that's not um ... not nice.
What if it's maybe not as bad as alcohol, more like dropping food into a country that tries to deprive its citizens of food?
It's an arm of the US 'military industrial complex', i.e. one of many components of a genocidal narcoterrorist state apparatus.
This is why they "get away" with things. Concerns of ordinary people, like law, ethics or decorum, mean next to nothing to the people running projects under this umbrella. Achieving the objectives is all that matters, and the main objective in this case is to establish a world wide system for surveillance and control that is similar to the Internet but less accessible to democratic institutions, activists and private associations generally.
You sound radicalized.
There's no leverage for the countries without Starlink business to use against Starlink other than blocking future approval (unlikely to start with in those blocking it because it can bypass their information filtering) so they can only go after the customers who are harder to track down than detecting the downlink signal.
There's also Starlink for Geolocation [1].
[1] https://www.technologyreview.com/2022/10/21/1062001/spacex-s...
IP and geo location can work up to the state (country), that's it... and that doesn't include the roaming. IP location for mobile phones is based on the data center.
Roaming (commonly) keeps the person in the original state, regardless where they are. I can travel through out Europe, or Thailand, or the Canary Islands. I will still proudly reside in the capital where I don't live anyways.
So just forget IP and geolocation.
> IP and geo location can work up to the state (country), that's it... and that doesn't include the roaming.
IP location can work at the postal code level, if the ISP's assignment scheme is granular enough and they are either publishing a corresponding geofeed or somebody is just reverse engineering one based on data collection.
The latter works very similarly to Wi-Fi geo positioning: Devices that have a GPS position source report the observed location of a given IP address; devices without one make use of it.
> So just forget IP and geolocation.
Yes, for the <1% of people actively doing something against it (e.g. using VPNs), for some other edge cases, and importantly for mobile data roaming. Otherwise, it's surprisingly accurate these days.
nope its not accurate, and why would you want it to be accurate anyway???
so You want an mass privacy breach????? it literally all downside from customer perspective
I wasn't expressing a preference or value judgement, only describing how the current world does look like.
And geolocation does work well enough for many purposes, for better or worse.
its not work in asia cuz there are billions people in single area + NAT really make it hard to track
How does that follow? The more densely populated an area is, the more accurate geo-IP usually is as well, just like with other infrastructure (postal code areas are smaller in cities etc.)
Regarding NAT, CG-NATs are usually still reasonably close to the first interconnection point to keep latency low. And as that stops being the case, IPv6 is getting more and more common in any case, precisely because CG-NAT doesn’t scale that well.
The inconsistency in the Starlink data would suggest that they make use of different options to determine to which country their devices get applied to.
As mentioned here Starlink could provide very precise location and limit access but as growing service it’s more valuable to break rules for wider adoption.
And who could punish Starlink? Only the US and they are interested to let this player getting big and regulate later.
i think it's really common. think of factory emissions, these also pass through borders and often violate international law.
> The telephone system's address plan embedded a certain amount of physical location information in the fixed line network, and a full E.164 telephone number indicated your location in terms of your country, and your area within that country.
vs. modern reality
https://xkcd.com/1129/
(And who hasn't experienced a Customer Support phone number that is answered in different parts of the world, based on the time of day?)
Until quite recently (i.e. with the introduction of NGNs), it's my understanding that in the US, calls to mobile phones were (and probably often are) still routed to the geographic location of the phone number's rate center.
People don't usually think about it because intra-US latency is usually low enough to care (and lower than the latency to most outsourced call centers in any case), but during natural disasters such as Katrina, the ties between geography and network topology still make themselves known.
The US mixes up fixed line numbers with mobile numbers, so you can’t tell them apart based just on the number.
In Australia, mobile services are a separate area code-so a mobile number tells you that it is a mobile number, but nothing else-once upon a time, the first few digits told you the telco, but with number portability that is largely no longer true.
Unless it is the teachers at our kid’s school, who use Microsoft Teams to call parents on their mobile, so it looks like it is coming from a fixed line
> The US mixes up fixed line numbers with mobile numbers
This is the case in all NANP countries (i.e. also Canada and many Caribbean nations), and I believe only there.
Some of it is probably an artifact of mobile plan pricing being quite dependent on who you were calling when cell phones became widely available. I (still) have an area code that's the result of who I tended to be calling on my cell at the time. Hasn't been my "home" area code for many decades. (Not that I actually have a landline any longer.)
I think it's the other way around: Since calls were routed geographically, and it's not apparent to the caller whether they're calling a landline or mobile phone, it also made sense to price them geographically (at least before the marginal cost of the incremental call-mile went to zero).
https://xkcd.com/1129/
I didn't actually even live in the area code any longer but had outdoor activities with people who did live in that area code who I might call from my cell. So that's what I chose at the time. And, by the time I switched carriers, phone number portability was a thing.
Once I used IP geolocation to track down a credit card fraudster to within 2 blocks of his residence in Quezon City, Philippines
He ran the whole thing from his home internet connection.
>to track down a credit card fraudster to within 2 blocks of his residence
Then what? You're going to send seal team six to arrest him? 2 blocks might as well be 200 miles.
How did you confirm that? Residential proxies are a thing.
How about we just declare IPv4 addresses to be static as of ..yesterday. They are not unique of course, but at some level they are. Done. Solve a whole bunch of heart ache.
Because there's markets where ip blocks sell for millions of dollars
That's why your ISP doesn't do statics for free anymore
This just spurred me to check recent sales prices: https://auctions.ipv4.global/prior-sales
Check the charts for price since 2020. It looks like IPv4-block prices almost tripled 2020-2021. Then seem to have been in gradual decline since then. I'm rather surprised.
My ISP (KPN) actually does still give out static ipv4 addresses by default. I don't think it's technically static, since they don't make any claims about that, but mine hasn't changed in the 2 years since I moved to this address.
Got my /29 on my DSL line for free :)
An IP address costs $20-30 to buy. $1 a month would fund it in 2 years.
Your ISP doesn't do statics, but not because of the cost.
That is true now, but 4-5 years ago I was starting a small ISP and prices were almost triple that. $80-$100/address seemed somewhat common IIRC, and prices only seemed to be going up. So I can certainly see an ISP looking at that and making a plan for a future where IPs cost $200+ each.
Since then prices have come down. I can only speculate that high prices caused a bunch of organisations to decide to sell their unused IP blocks. I suppose the question is: Does the market now have enough spare capacity to see us through to IPv6-only adoption at reasonable IP costs, or will we be seeing high prices again in 5+ years?
The solution is already here. ISPs roll out CGNAT for IPv4, but their networks are dual stack, so the client devices have real IPv6 connectivity as well as IPv4 through a NAT.
It's not great, but for 99% of consumers, they can't tell the difference. The ISP only needs a small 28 or 29 allocation, and with that they serve tens to hundreds of thousands of clients.
I suspect this is a bit like crude oil pricing.
As prices go up, previously impractical sources will satisfy demand just enough.
In other words, I think we’ll be stuck in IPv4 price limbo for a very long time.
I doubt we will see IPv6-only ISPs. Such provider will have to face complaints that some part of Internet is not working correctly. It can be written it in the offer, but for not technical people some services will be broken by ISP.
It is core of problem with IPv6 adoption - from ISP perspective it do not solve any problem because they still needs solution for connecting to IPv4. Opposite way it works - if you have IPv4 there are bridges to IPv6.
It's not uncommon that 'security solutions' in commerce and the like just refuses traffic from IPv6. Sometimes I switch to a rather dirty IPv4 address to feel something when I bypass it that way.
Auction prices went as high as $60. That's $5/month for a year and that covers it.
Of course prices have collapsed since then, and in real terms are back or below 2019 levels