He adds that email providers have been known to leak IP addresses to advertisers, market researchers, and other such agencies and some emails (like those from mailing lists) are indexed by Google. "Thus, the IP becomes searchable," Lee says. "Programs such as skypegrab.info (now inactive), which reveals users' personal data are developed every day by programmers across the globe. Extreme tracking sites link IPs to Google searches and make them public. And business websites including, but not limited to, Facebook, Twitter, Google, and others-in addition to ad targeting companies-already have your personal info linked to your IP address in their databases. Anyone with access to those databases, including those with legitimate or illegitimate access (such as hackers), can obtain any and all of that information."
David Gorodyansky, CEO of AnchorFree's HotspotShield (an Internet security solution that includes anonymous browsing) agrees the IP address can be linked to a specific individual's name, address, and other personally identifiable information. According to Gorodyansky, hackers and malware programs attempt to compromise user identities by gaining access to their IP address and then tracking them on the web.
"An IP is like your digital address," Gorodyansky says. "It provides intel on the city and state of the ISP location, which can be linked back to a residential address if accessing a Wi-Fi hotspot from home. Based on the IP address, companies and hackers collect information about individuals without knowing specific details such as their name. Third party websites and hackers can collect this data and, for example, use it to identify your name and steal or resell your identity and/or track your web browsing habits."
John Kindervag, a security and risk analyst at Forrester, says that the IP address can be tracked, but with some limitations. The IP header should not have any personal information in it. The mapping of the IP address is performed at the ISP level and, since there is no real user information in the headers, the assumption is that since person A lives at the location where the IP address is assigned, then person A created the traffic.
"This is a flawed assumption," Kindervag says. "Person A's network could be compromised, especially if it's wireless, to hide the identity of an attacker. Attackers always spoof their IP address, sometimes by using someone else's network and sometimes by going through a proxy server located in some other country. The attacker could live next door, but make his/her traffic look like it came from Eastern Europe."
According to Andrew Lewman, executive director at the Tor Project (a free anonymity online service), lots of companies use GeoIP databases to determine where a potential or actual customer is located in the world and then directs the marketing pitches appropriately. "Criminals also use GeoIP databases to target geographic areas for various malware attacks (English vs. French vs. Spanish languages, donation scams based on localized events). Child molesters and kidnappers can also use the IP address to track where a potential victim is located and further convince the victim that they are local and friendly," Lewman says.
Sign up for Computerworld eNewsletters.