Pretoria man accused of stealing iPads and kidnapping children due to incorrect IP address database

A Pretoria man has been on the receiving end of angry locals wanting their Apple iPads returned, private investigators demanding to search his house for kidnap victims, and complete strangers accusing him of crimes.

This is according to a Gizmodo report, which looked into the bizarre case.

The strange occurrences started in 2013, when people began banging on the man’s gate to his home and demanding to be let in.

Sometimes they came with police officers, stating that their stolen smart device was in the house. Others came with maps on their smartphones showing that the house was the place were abusive online comments against them had originated.

Matters became worse when government officials arrived at the home looking for wanted fugitives, and business started sending legal letters to the man claiming that he had written defamatory comments about them online.

The man, who is a property rights lawyer and whose identity was withheld in the report, said his mother initially blamed him for “bringing the Internet into the house” – which she said had caused the problem.

IP database

Following years of being targeted by individuals and organisations, the man reached out to local ISPs asking for help – and for answers as to why his home was a point of interest when it came to the online tracking of online comments, stolen devices, and missing people.

He even contacted the maker of his home modem, and Apple, asking for help.

After not receiving any feedback, he found a story online about a couple in the US who had experienced a similar set of events to him and contacted the journalist who had written the piece. This journalist is the person who wrote the Gizmodo report this piece references.

In both the Pretoria man’s case and that of the US couple, the cause of the problem was incorrect IP address mapping.

When a device connects to the Internet, it receives a unique identifier called an Internet Protocol address – referred to as an IP address.

Businesses like MaxMind, which was responsible for similar incidents taking place in the US, provides location information for IP addresses. It plots a point on a map essentially showing where an IP address is located.

This mapping is not always accurate, however, and often there are times when an IP address can only be tracked to a country or city level.

When this happens, companies assign a specific latitude and longitude to IP address so their location is more precise. This coordinate assignment can be done at random, and a “central point” on a map is selected. This is then provided to users along with an accuracy radius, showing how accurate the map pin is.

For example, if the IP address is seen as in Pretoria, but no detailed location can be obtained, the address will be assigned to predetermined coordinates.

In the case of a US woman who was on the wrong end of this assignment by MaxMind, her front garden at her home in Kansas had 90 million IP addresses assigned to it.

Geolocation

This IP address geolocation error was suspected in the case of the Pretoria man after he contacted the Gizmodo journalist and a University of Pretoria computer science lecturer.

It was then discovered that the man’s home was at a set of coordinates used as a location point for Pretoria as a whole.

Following further investigation, it was found that the coordinates where the house was located were used to identify Pretoria as a whole in a database run by the National Geospatial-Intelligence Agency.

This is a US intelligence agency and part of the US Department of Defence, and delivers “world-class geospatial intelligence”.

The coordinates used to locate Pretoria in this database were also used by MaxMind – and provided in its database to users.

The company stated that over 1 million IP addresses had been assigned to entities in Pretoria – including Telkom SA – and it geolocated the IP addresses to the coordinates supplied by the National Geospatial-Intelligence Agency.

The reason the coordinates were placed on the man’s home was that he lived near Pretoria city and was close to the centre of a populated area, said the National Geospatial-Intelligence Agency.

“There was absolutely no intent to place the coordinates on his residence,” it added.

The intent did not change the fact that when IP addresses were traced to Pretoria, however, and their geolocation cross referenced using the IP database, that the man’s home was the destination.

After the Pretoria man contacted the US agency and shared his story, the coordinates for Pretoria in its database were changed to Church Square.

“This is the first request from a private citizen to reassess coordinates that NGA’s GeoNames team has received in at least seven years,” it said.

With the coordinates changed, it is now hoped that when stolen iPads or missing people are traced using a device’s IP address, and the IP address is found to be in Pretoria, it will not send investigators to the man’s home.

Law enforcement

The use of IP address tracking to find a physical location does serve a purpose, however.

In South Africa in 2016, a Port Shepstone man was arrested for creating child pornography after his IP address was traced following a similar case in Greece three years earlier.

The man arrested in Greece in 2013 was using an app called Giga Tribe to distribute child porn.

Through the app police were able to get the IP addresses of users from 32 countries who were downloading the material. One of those IP addresses led to South African man’s arrest in 2016.

Now read: Google wins round in fight against global right to be forgotten

Latest news

Partner Content

Show comments

Recommended

Share this article
Pretoria man accused of stealing iPads and kidnapping children due to incorrect IP address database