You might not know it, but your IP address is a valuable piece of information. When people combine your IP address with other types of information, they can get a surprisingly close understanding of who you are and what you spend your time and energy on. Here’s exactly what your IP address is, and why you should care.
IP address image from Shutterstock
What is an IP (Internet Protocol)?
The Internet Protocol (IP) forms the very basis of every computer network. It was first described by Vint Cerf and Bob Kahn in a paper published by the Institute of Electrical and Electronic Engineers (IEEE) in 1974.
That’s really boring, but what you really need to know is that it allows every computer in a network to communicate directly with any other computer, without a single central server managing this communication.
This protocol allows for the Internet to be decentralized, making it easy for anybody to extend its range and connect to it. It works by assigning a unique IP address to each device within the network.
What are IP addresses, and how do they work?
IP addresses are 32 bits in length, transmitted in four blocks of 8 bits (1 byte), which are usually visually separated by a dot.
The largest number you can express with 8 bits is 11111111 (that’s 255 in decimal form). As computers start counting at 0, this theoretically gives us 255 x 255 x 255 x 255 or 4.3 billion possible unique IP addresses. Not all devices need their own IP address, though. A single IP address might cover an entire home network, office network, university-wide Wi-Fi network, or public Wi-Fi network.
This single public IP address is assigned to the router, which in return gives a private IP address to each of the devices on its network. This address usually starts with 192.168, meaning 65,536 devices could be theoretically connected to this private network before it runs out of addresses.
The router then forwards every request made by a device on its private network to the public network, and makes sure that the response reaches the correct device later.
A virtual private network (VPN) functions very similarly, except that it does not have its own infrastructure from the router to your device. Instead you “tunnel” through the public Internet to the VPN server. Just like your device on a Wi-Fi network at home, when you use a VPN, your device has a private IP inside the private network, but you use the public IP address of the router (in this case the VPN server) to browse the web. Some mobile phone networks give each SIM card its own IP address, while others rotate a stack of IP addresses around the active devices on the network. In some cases, multiple smartphones might also share a single IP address.
Every website sees your IP address
When you visit a website on the Internet, you enter its domain name, such as https://www.expressvpn.com. Using the Domain Name System, your browser will look up the corresponding IP address for that website, and your computer will then find a route to this server to carry your request.
Once your request has reached the server, your browser needs to transmit its IP address. This is necessary so that the server can send the requested content back, but it also means that every website you visit gets to see your IP address.
How you can be identified by your IP address
In almost all legal jurisdictions around the world a consumer IP address easily linked to an identity. To sign up for a mobile phone contract or to get Internet at home, you need to show some kind of identification. This means you can’t surf the web in private on your mobile phone or at home without first masking your IP address in some way.
The IANA allocates the addresses in blocks to regional entities, which hand them down to national governing bodies, which assign them to telecommunication providers, which then pass them on to you.
Without masking your IP address, you can be de-anonymized through two different ways:
1. De-anonymization through databases
As IP addresses are given out in a hierarchical way, each authority keeps detailed records of IP address allotment. Some of these records are public and can become quite detailed (for example, this is a list of who controls each of the top blocks).
The most useful such database is called WHOIS. To search this database, you can install a program on your computer or simply use a search engine like who.is. You can enter any IP address into it and find out who owns it. The WHOIS databases are often directly administered by Regional Internet registries (RIRs).
Some private databases might be more accurate, mapping IP addresses directly to individual services, websites, or locations. Private databases can be compiled with a variety of proprietary and open tools and need to be constantly up to date.
Most of these database management companies charge a fee for access. These databases can be used by banks to mitigate fraud, by law enforcement to investigate crime, or by copyright owners to find the identities of services infringing on their copyright. For courts and some police jurisdictions, it’s very easy to resolve the assignee of an IP address.
Traceroute (called Tracert on Windows) is a program that measures the path between your device and any IP address. It sends a series of data pieces called packets to the destination IP address, each with an expiration date that is slightly later than the previous one.
A packet is dropped when it exceeds its expiration date, which can happen at any point along the route. Usually the routers along the way will inform your device that a packet has been dropped, identifying itself in the process.
As the process is repeated multiple times, eventually most hops along the way between your machine and the target machine will identify themselves. You will be able to look up the physical locations of some of the points that the data travels through by their IP address via WHOIS, depending on the transparency of the providers of the points that your travels through.
In some cases a clever combination of traceroute, WHOIS, and other freely available tools can narrow the location of destination IP down to a single block, although this rarely works for residential addresses due to privacy concerns, because the points will not identify themselves.
Other bits of information make your IP address valuable
Together with your IP address, your browsing activity data becomes even more valuable, especially over a sustained period of time. Throughout the day, you probably use the same service across several devices and locations. You check the weather report in the morning from your home IP address, then you check the traffic report from an IP associated with your mobile provider, and shortly afterwards your phone automatically logs into the Wi-Fi of the coffee shop chain you regularly visit.
That information alone reveals when you get up, the length of your commute, and that you are a customer of a particular coffee chain. If you log into Wi-Fi at work too, your phone reveals how much you work, when you work overtime, and when you are sick at home.
Simply by knowing your IP address, it’s possible to identify your co-workers, the people in your rideshare, and your friends, because all of you are logging into your online accounts from the same IP addresses at your home, workplace, or coffee shop. Facebook, for example, might suggest you add somebody as a friend who previously logged into your home Wi-Fi network.
This data helps companies find out if you’ve lost your job, cheated on your partner, or been on holidays. And chances are they know why you lost your job (e.g., that Facebook post from when you faked being sick), who you cheated on your partner with (e.g., you asked for their Wi-Fi password on the second date), and where you went for your holiday (e.g., booking confirmation in your inbox).
Why advertisers want to know you better
Advertisers love to know when you are breaking a habit. When you move apartments, find a new partner or job, or start a new degree, you’re most likely to also break consuming habits. The idea is that you’d probably be more willing to try out a new supermarket or coffee chain when you also have a new commute.
Breaking an old habit is the moment corporations are waiting for. They are willing to spend much more to persuade you to switch brands when they know you are more likely to do so. Identifying and observing the patterns of your daily life is key to finding out when you are ready to switch.
Even if you’re not logged in, you’re not anonymous: Wikipedia edits
On the project page “IPs are human too”, Wikipedia encourages anonymous users to contribute to Wikipedia, and reminds that their IP addresses will be logged by the system.
This has led to the identification of many vandals and pranksters, but also parliaments, governments, and celebrities who edited Wikipedia to serve their own interests. Check out these examples:
In 2013 somebody used a computer in the US Senate to label Snowden a ‘traitor’.
US Congressional Staff have edited Wikipedia so much, the topic now has its own Wikipedia article. A Twitter account (@CongressEdits) tracking their edits, has racked up more than a thousand tweets since May 2014.
A similar account, @parliamentedits, tracks similar changes for the parliament of the United Kingdom.
But Wikipedia editors aren’t just editing political, controversial articles. Government employees are just like us, with varied interests, like The Beatles, The Simpsons, and Betty White.
In fact, maybe politicians and their staff should edit Wikipedia more. Equipped with a good understanding of current and upcoming legislation, these people could use spare time to educate the public.
IP addresses in action: the David Petraeus affair
IP Address pic via Shutterstock David Petraeus is a retired US military officer who, as a four-star general, oversaw the US forces in Iraq and Afghanistan. He later served as director of the CIA from 2011 to 2012.
For a few years before taking up the role of CIA director, Petraeus had an affair with his biographer, Paula Broadwell. Petraeus and Broadwell communicated with each other using email accounts they both had access to. They wrote messages, saved them as drafts, and deleted them after reading.
Petraeus was the CIA director, and the pair did not use encryption techniques or anonymization tools although Petraeus knew it would be easy to retrieve the deleted emails and trace the IP addresses of those logging into the account.
Unfortunately, Broadwell used the same email account to send threatening letters to socialite Jill Kelley, with whom she assumed Petraeus also had an affair. Kelley used her connections in the
FBI to start an investigation into the email account, which quickly revealed Petraeus and Broadwell as its owners through the IP addresses of their work and home places.
The scandal led to Petraeus’ resignation as CIA director and the revocation of Broadwell’s United States government security clearance. The irony of the whole affair is that Petraeus should have known about the need and benefits of encryption and anonymization techniques.
How you can protect your IP address
There are many ways to hide and mask your IP address. You could connect to an access point not associated with your name or credit card. You could also use paid anonymization services such as proxies and VPNs, or use tools like the Tor network.
These services can also help in environments where access to sites and services is censored and blocked, either by the provider themselves via the IP address of the user, or by a network administrator or government via the IP address of the service.
The Internet Protocol was not built with strong considerations for security and privacy. It is inherently vulnerable to snooping, interception, and, to some extent, alteration (i.e., getting sent fake data), making it difficult to verify the integrity of the data in transit. But the Internet Protocol has proven incredibly efficient at routing data around the globe. It has scaled to billions of devices, and will likely scale beyond that. The IETF’s 1994 April Fool’s joke “IPv9” talks about routing on a molecular level to each galaxy getting its own IP block.
The next level of the Internet Protocol: IPv6
IPv6 is the next iteration of the Internet Protocol. It functions similarly to IPv4 as described above, but provides over 10 Octillion times as many addresses. That’s a number with 28 zeroes. That’s larger than the number of atoms in the human body!
IPv6 has only been sporadically rolled out. Only some providers have adopted IPv6, and we will likely only feel its implications after support for IPv4 has been dropped by a large number of providers sometime in the next ten years.
Due to the large number of possible IPv6 addresses, it will become possible for every device to directly communicate with every other device, rather than having to congregate behind routers and private networks. It may no longer be necessary (or even possible) to route a large amount of traffic through a single IP address, diminishing the privacy advantages of shared access points such as public Wi-Fi.
It is also possible that we will be able to remove the current notion of assigning IP addresses by geo-location, and rather issue them by device. This would make blocking content based on location more difficult, but potentially further diminish anonymity on the Internet.