Ryanair secures order to reveal details of anonymous web posters

rubberdiddies

from breakingnews.ie

Ryanair has secured a High Court order compelling eircom to disclose the identities of two anonymous parties who have been making posts about it on a pilot's website which the airline says is "highly defamatory".

The airline claims the false material that has been posted on the PPRuNe website, known as the Professional Pilots Rumour Network, by two anonymous parties using the pseudonyms 'ASFKAP' and 'Built4Speed' impugnes Ryanair's excellent safety record.

Ryanair sought the orders because it intends to sue the two parties, who investigations undertaken on the airline's behalf show have IP addresses from the eircom pool of subscribers, in order to vindicate its good name.

(IP addresses are individual numbers assigned to each device that uses the internet.)

The orders were granted today by Mr Justice Paul Gilligan.

Under the terms of the orders, eircom must disclose to Ryanair all information, excluding emails, which assists in identifying the parties assigned the IP addresses where the allegedly defamatory posts came from.

The disclosure of the IP address relates only to the relevant time, date and time zones of the allegedly defamatory posts.

oops!

Pilotdude5

Fup

Standard Toaster

Hehehe, diddies.

3ndahalfof6

Go go go Ryanair, budget travel, the best thing that was ever invented, fly my lovely fly.

Praetorian Saighdiuir

Mick just wants to charge them €3 per post.

ThreeLineWhip

Good thing I don't use eircom.

Fools should have routed their posts via Russia. Putin wouldn't be long telling Mick to fup off.

C.K Dexter Haven

No fly zone becomes a no lie zone

CreepingDeath

ThreeLineWhip wrote: »

Fools should have routed their posts via Russia. Putin wouldn't be long telling Mick to fup off.

Russia ?
Any good VPN would do it.

People have to realise that as a casual user you're rarely anonymous on the internet, unless the web site (and all it's third party advertisers and social network links) go out of their way to anonymize what you view and post.

ITS_A_BADGER

sucks for them

hatrickpatrick

Ryanair sought the orders because it intends to sue the two parties, who investigations undertaken on the airline's behalf show have IP addresses from the eircom pool of subscribers, in order to vindicate its good name.

Idiots. Everyone should know by now that freedom of speech online only arises when you properly hide your location. And it's not like there aren't a million and one perfectly easy, fast and efficient ways to do that.

btard

learn2tor

padd b1975

Poor fcukers couldn't even defend themselves.

TGi666

Would ryanair have been able to get the court order if these posts were true?

ITS_A_BADGER

btard wrote: »

learn2tor

Tor aint that great https://www.torproject.org/download/download-easy.html.en#warning

MadsL

You don't think boards.ie has been the subject of similar demands over the years. Tom Murphy has been very vocal that the principle of the individual having to account for posts on the internet is an important part of protecting service providers from court.

Part of the reason Sherlock's shit was so dumb was that it made the service provider guilty of defamation.

CreepingDeath

A decent web/J2EE developer would know (in theory) how to obtain the IP addresses of anyone who viewed a post in most forums on boards.

No server hacking required.

That should shake up your perceptions of anonymity on the net.

Iwannahurl

The two usernames mentioned in the news report -- Built4Speed and ASFKAP -- seem to have disappeared from the PPRuNe Forum.

http://www.pprune.org/spectators-balcony-spotters-corner/481883-three-examined-hospital-after-ryanair-emergency-descent.html

http://www.pprune.org/airlines-airports-routes/432261-ryanair-8-a-59.html

Funny that...

ThreeLineWhip

Standard procedure.

Gumbo

CreepingDeath wrote: »

A decent web/J2EE developer would know (in theory) how to obtain the IP addresses of anyone who viewed a post in most forums on boards.

No server hacking required.

That should shake up your perceptions of anonymity on the net.

I've heard that getting the IP address is the relatively easy bit. Can the average joe do anything with those IP address then?

ThreeLineWhip

kceire wrote: »

I've heard that getting the IP address is the relatively easy bit. Can the average joe do anything with those IP address then?

Nope.

That is why they need a court order to make the ISP cough the names and addresses.

Victor

TGi666 wrote: »

Would ryanair have been able to get the court order if these posts were true?

What Ryanair would need to do is show that they have a prima facie case - that is that it appears to be false and that it would do them harm.

If someone said "Ryanair are a good airline", I can't see a judge giving such an order.

CreepingDeath

kceire wrote: »

I've heard that getting the IP address is the relatively easy bit. Can the average joe do anything with those IP address then?

Depends...

If you post from home, or via a mobile phone, then an IP address will only get you something like "UPC", "Three" etc.
It might get you their local ISP node, which could be in a 10-20km radius of their home.
If you want real names and addresses, you'd have to pursue the ISP for details, usually via a court order.

But if someone uses their work computer to post, then you probably can get the company they work for from their IP address.
And any complaint made to the company they work for might be pursued internally by their HR and network administrators for an internal disciplinary action. So it all depends...

anhedonia

CreepingDeath wrote: »

A decent web/J2EE developer would know (in theory) how to obtain the IP addresses of anyone who viewed a post in most forums on boards.

No server hacking required.

Can you be more specific on that?

I cant see how this could be done without hacking the server db via SQL injection, for which there would need to be an exploit in the vbulletin software.

Edit: ok I suppose you could entice the poster to click a link making a request to your own server.

CreepingDeath

anhedonia wrote: »

Can you be more specific on that?

I cant see how this could be done without hacking the server db via SQL injection, for which there would need to be an exploit in the vbulletin software.

I could but I wouldn't.

If any boards mods/admins want details I'd provide them with my theory.
Something I haven't tried, but am fairly sure would work.

Antar Bolaeisk

anhedonia wrote: »

Can you be more specific on that?

I cant see how this could be done without hacking the server db via SQL injection, for which there would need to be an exploit in the vbulletin software.

Edit: ok I suppose you could entice the poster to click a link making a request to your own server.

You could do it via an image hosted in your signature and just track all pull requests on it.

anhedonia

Antar Bolaeisk wrote: »

You could do it via an image hosted in your signature and just track all pull requests on it.

Yeah that would work. nice.
I hadnt given this any thought until 2 mins ago.

ThreeLineWhip

Antar Bolaeisk wrote: »

You could do it via an image hosted in your signature and just track all pull requests on it.

It has been used before to great effect.

CreepingDeath

anhedonia wrote: »

Yeah that would work. nice.
I hadnt given this any thought until 2 mins ago.

Or hotlinking an image to be more specific to a forum.

kippy

anhedonia wrote: »

Can you be more specific on that?

I cant see how this could be done without hacking the server db via SQL injection, for which there would need to be an exploit in the vbulletin software.

Edit: ok I suppose you could entice the poster to click a link making a request to your own server.

I believe the vbulletin software itself allows the admins of the site to see what IP a post was posted from. But I dont think that is what you are asking

There was a thread in the security forum last year sometime which had a link to a site that logged IP's when an image was clicked.

Tis all irrelevant really. The admins of the site have access to the IP address posted from, which they would have had to provide to Ryanairs solicitors, eircom would then (I assume) have records of what routers belonging to what accounts had that IP address.

I amn't familiar with eircoms internal network but if there is DHCP involved in assigning the public IP's to their customers routers, there maybe a bit of a question around how "provable" this is. Although that would be a long long shot.

ThreeLineWhip

It could turn out that eircom does not have the info.

kippy

ThreeLineWhip wrote: »

It could turn out that eircom does not have the info.

It could, however that would depend on how they assign IP's, although even with DHCP there is usually a record of what device had what IP at what time.

Antar Bolaeisk

kippy wrote: »

It could, however that would depend on how they assign IP's, although even with DHCP there is usually a record of what device had what IP at what time.

I'd imagine they should have some way of associating it with the relevant demarc. Whenever you ring them up and give them the landline they're able to tell you the status of the router.

No idea how that end of things actually works, my knowledge of pstn lines is sadly lacking.

kippy

Antar Bolaeisk wrote: »

I'd imagine they should have some way of associating it with the relevant demarc. Whenever you ring them up and give them the landline they're able to tell you the status of the router.

No idea how that end of things actually works, my knowledge of pstn lines is sadly lacking.

There and then they may be able to associate a phone number/router with an IP address. Historicilly however, it would depend on whether the logged the history of DHCP leases (if the public side of the router had a DHCP address)
A static address on the other hand, would be almost game over.

Scruffles

hatrickpatrick wrote: »

Idiots. Everyone should know by now that freedom of speech online only arises when you properly hide your location. And it's not like there aren't a million and one perfectly easy, fast and efficient ways to do that.

so woud harasment,bullying,threatening,frauding,libel etc be our right under freespeech as long as we use a proxy to hide ourselves?
if people really give a damn about what they are saying to be true then they shoud be able to say it without hiding themselves.
good on ryan air for teaching these guys cause and effect,lacking care for consequences on others is a big problem these days with so many living full time online lives and the anonymity of the internet.


using a proxy isnt invincible,the po po can reverse trace on proxies and VPNs,proxy and VPN chaining is harder to break down but it slows down the internet a lot under free public ones,also the free accounts on VPNs keep logs.

also,tor is banned automaticaly from some sites and forums as it has been traditionaly used by trolls,and some sites have gone even further towards combatting sockpuppeting and serious trolling by banning all known VPNs and proxies,one forum was on that did this had a massive database of banned VPNs/proxies-both private and public,all contributed by the community.

It will probably take Eircom a couple of years to work out how to get the info. Then there will be problems because the ip is too far away from the exchange.
By then Mick O'Leary will be pope and the popemobile will have the ryanair logo splashed across it.

CreepingDeath

Scruffles wrote: »

if people really give a damn about what they are saying to be true then they shoud be able to say it without hiding themselves.

That's a very naive view.
What about valid whistleblowers who don't want to jeopardise their jobs/career/safety of their family?

Or in your argument, do you see no reason for a witness protection programme?

Scruffles wrote: »

good on ryan air for teaching these guys cause and effect,lacking care for consequences on others is a big problem these days with so many living full time online lives and the anonymity of the internet.

Before you go backslapping the commercial sector, it wasn't that long ago that 3 RyanAir flights had to technically declare a fuel emergency after delays.
I'm not in the airline industry at all, but if 3 flights had to declare an emergency under EU_OPS rules, and the Irish aviation authority said "The IAA said Ryanair should review its fuel policy" then maybe there's no smoke without fire.

Ryan Air Fuel Emergencies

AlekSmart

Scruffles wrote: »

Good on ryan air for teaching these guys cause and effect,lacking care for consequences on others is a big problem these days with so many living full time online lives and the anonymity of the internet.

I'm actually amazed that Ryanair are even fronting-up to considering this crazy strategy.

Think of it,the Pprune board is a very specific aviation related site with a wide variety of industry specific postings,some good,some bad,some off the wall.

The capability of Ryanair's campaign to bring their own company down is immense,all it takes is one real emergency or God forbid,accident,and Ryanair's desire to pursue these two suddenly seems less than innocious.

I don't actually see this as O'Learyism at all,as I believe he is far too capable an operator to give this thing oxygen at all.

However,it does indicate to me that his star has waned within the airline and his (on time) departure may be imminent !

CatFromHue

CreepingDeath wrote: »

Before you go backslapping the commercial sector, it wasn't that long ago that 3 RyanAir flights had to technically declare a fuel emergency after delays.
I'm not in the airline industry at all, but if 3 flights had to declare an emergency under EU_OPS rules, and the Irish aviation authority said "The IAA said Ryanair should review its fuel policy" then maybe there's no smoke without fire.

Ryan Air Fuel Emergencies

I can't remember the ins and outs of it but I don't think they did anything wrong here.

squod

I'd say theres some ridin' goes on in that job.

aN.Droid

How will the decide who was posting from that IP. Could be multiple people using that line especially if it turns out to be a business one.

Person blamed could go on to say that it was not them but some third party who has hacked into their network and posted from there. Happened before with eircom.

batistuta9

Limericks wrote: »

How will the decide who was posting from that IP. Could be multiple people using that line especially if it turns out to be a business one.

Person blamed could go on to say that it was not them but some third party who has hacked into their network and posted from there. Happened before with eircom.

A judge/jury

in the business/office scenario:

The MAC address & the internal IP would identify what computer it's posted from on the network & you could see which user's logged onto that computer at that time (if there's logs available)

they'd have to try to prove that either they left their account logged on, left the PC for some reason and someone else did it
or
someone else at work has their login info and done it

aN.Droid

batistuta9 wrote: »

A judge/jury

in the business/office scenario:

The MAC address & the internal IP would identify what computer it's posted from on the network & you could see which user's logged onto that computer at that time (if there's logs available)

they'd have to try to prove that either they left their account logged on, left the PC for some reason and someone else did it
or
someone else at work has their login info and done it

Would only work if the ISP locks the customer to their own hardware which they have setup to record each mac address used which eircom do not as you can use whatever router you wish (was the case last time I was an eircom customer about 6 years ago)

Even then I don't know if privacy law would allow for such recording of information.

They do not mention either that they do record mac adresses in their terms of service: http://www.eircom.ie/bveircom/pdf/Standard_Broadband_Terms_and_Conditions_April_2012.pdf

Also it would not be up to them to prove it was not them on the computer at the time of the crime. It is up to the accusers to prove it was them.

Best username ever

CatFromHue wrote: »

I can't remember the ins and outs of it but I don't think they did anything wrong here.

It's the fuel league for pilots is the issue, it's should be banned by authorities, it's playing with people's lives.

Iwannahurl

Deleted User wrote: »

By then Mick O'Leary will be pope and the popemobile will have the ryanair logo splashed across it.

With a taxi plate on it, for using the bus lanes.

seamus

Limericks wrote: »

Would only work if the ISP locks the customer to their own hardware which they have setup to record each mac address used which eircom do not as you can use whatever router you wish (was the case last time I was an eircom customer about 6 years ago)

A business would usually have a static IP, or least a dynamic IP which doesn't change very often. Eircom will have logs of what customer that IP was assigned to at the time.

Then you issue a discovery order on the business to go through their proxy logs to find out who made that post.

Or if all else fails, you walk in and seize the computers to find out which one was used and trace it back to that user.

Also it would not be up to them to prove it was not them on the computer at the time of the crime. It is up to the accusers to prove it was them.

In a civil case, the level of evidence required only hinges on the balance of probabilities.

So if Joe Soap's computer is found to have been used to make these posts, and Joe Soap is known to have a keen interest in aviation, then the balance of probabilities means that he probably did make those posts and the judge will find him liable.

In a civil case there's a far higher burden on the accused to provide evidence which contradicts the plaintiff's.

Procasinator

Limericks wrote: »

Would only work if the ISP locks the customer to their own hardware which they have setup to record each mac address used which eircom do not as you can use whatever router you wish (was the case last time I was an eircom customer about 6 years ago)

Even then I don't know if privacy law would allow for such recording of information.

They do not mention either that they do record mac adresses in their terms of service: http://www.eircom.ie/bveircom/pdf/Standard_Broadband_Terms_and_Conditions_April_2012.pdf

Also it would not be up to them to prove it was not them on the computer at the time of the crime. It is up to the accusers to prove it was them.

He is talking about the business/office scenario, who would have been exposed to MAC addresses. If they logged traffic, they maybe be able to identify which machine was used. Of course, Ryanair would probably have to take them to court to get this information unless they volunteered it.

Eircom themselves would not be aware of the MAC address of the client machine.

CreepingDeath

Limericks wrote: »

Would only work if the ISP locks the customer to their own hardware which they have setup to record each mac address used which eircom do not as you can use whatever router you wish (was the case last time I was an eircom customer about 6 years ago)

MAC addresses are only used locally on your LAN, within your home/work environment. (Ethernet).
They're not used on the internet.

IP addresses are used on the internet.

I can/do have multiple computers connected to my UPC router, both wired and wireless, but to the external observer (on the internet) all requests and responses go/come from the same IP address.

The router remembers what requests go out from the MAC address, to know how to route the responds back to your individual machines.

The point is... a single IP address on the internet does not resolve to a single machine. There could be 1 - 255 devices ( or more ) behind a single IP address.

If I were them, I might drop/weaken my wireless routers security and claim I was hacked/fraped.
They probably can't deny it came from their IP address at this stage.

Gosub

One can only hope they were posting from a public wifi connection, such as a pub or restaurant.

There is always the possibility that this could backfire on Ryanair. If it turns out that the posters were telling the truth, it could be embarrassing.

opti0nal

ThreeLineWhip wrote: »

It could turn out that eircom does not have the info.

They have to keep it under Data Retention laws originally intended to assist Gardai investigating terrorism and serious crime. For 18 months I think, including the names of all websitescyou visit and recipuents of all emails you send. Your cellphone location and call logs too.

end of the road

Scruffles wrote: »

if people really give a damn about what they are saying to be true then they shoud be able to say it without hiding themselves.

unless they live in china, or iran.

Scruffles wrote: »

good on ryan air for teaching these guys cause and effect

hahahahahahaha, you think their doing it to "teach these guys cause and effect" your obviously gullible if you believe that, not good on ryan air at all, hopefully their case will fail.

Scruffles wrote: »

lacking care for consequences on others is a big problem these days with so many living full time online lives and the anonymity of the internet.

its not a problem at all unless it comes to bullying, its not the courts job to teach people anything, its job is to enforce the law, its the schools job to teach cause and effect, after that its just get on with it.

hames

I can't say I disagree with Ryanair here.

An enterprise should have the right to uphold or promote its good name, safe from anonymous internet users who feel they can say whatever they want whilst hiding behind the barrier of a computer screen.

The internet is wonderful because it is the greatest new democratic force of our time. But all democracies, eventually, must be accountable.