15

I got a notice due to vandalism in Wikipedia and the perpetrator is someone with the same IP as mine.

I looked up the notice and it seems that the vandalism happened last year and the person behind it lives in the same city as me but in a different location. We both seem to have the same ISP as well. I am very worried because this person seems to write offensive things about sensitive political subjects on Wikipedia.

  • Is this the ISP's fault for giving two households the same IP?
  • Could I be blamed for anything they do online?
  • What is the best course of action at this point? Should I just change my ISP and get a new IP address?

I'm at a loss here.

schroeder
  • 123,438
  • 55
  • 284
  • 319
Anna
  • 151
  • 1
  • 6
  • 9
    Apparently, due to vandalizing, Wikipedia once blocked an IP address for a Qatari perpetrator. Since the country has *1* public IP for the whole country, the whole nation was blocked from editing Wikipedia. :) EDiT: Apparently, not entirely true.. https://superuser.com/questions/1013630/why-does-qatar-use-a-single-ip-address-when-800-000-ip-addresses-are-allocated-t#:~:text=In%20discussions%20about%20IP%20address,the%20entire%20nation%20of%20Qatar%22. – JamesPD Mar 01 '21 at 11:32
  • 2
    We can't comment on legal issues – schroeder Mar 01 '21 at 17:22
  • 2
    the ISP knows the "what and when" of the IP, wiki just knows the "what". Thus, they can't prove it was you, and you need not worry. – dandavis Mar 01 '21 at 18:04
  • 7
    Have you looked up what the warning means: https://en.wikipedia.org/wiki/Wikipedia:Vandalism#Tracing_IP_addresses They are not blaming you and they know that the IP is not a conclusive identifier. You don't need to do anything. – schroeder Mar 01 '21 at 18:29
  • Anna - were you connected to any kind of VPN at the time ? – Criggie Mar 01 '21 at 21:41
  • There are some legal concerns here that we aren't really in a position to address, but the underlying question of whether multiple locations can have the same IP seems reasonable. Although perhaps it's a bit beyond the scope of Security and maybe belongs on [su] or somewhere (not that I'm an expert on the scope of these sites). – NotThatGuy Mar 02 '21 at 10:13
  • I apologize if the question is off topic here. This is my first time using this website for advice and even though i tried to put my question in the correct category, it seems i have failed. Concerning your question, I was not using a VPN. Thank you all for your helpful advice. – Anna Apr 03 '21 at 20:58

3 Answers3

30

Details here depend on your specific ISP setup, but it might well be that multiple customers share the same public IP address. This is called NAT or in case of ISP CG-NAT (carrier grade NAT). It is pretty common for ISP in mobile networks but is also not uncommon with cable or DSL. The main reason is that there is a shortage of public IPv4 addresses so ISP often own less public IPv4 addresses than they have customers. If this is the case in your specific situation depends on your ISP - thus ask the ISP.

Note that even with one public IP per customer it might well be that these change over time and thus a different customer is assigned an IP one had before. If the ISP assigns a fixed public IP to a customer is again specific to ISP and kind of contract - thus check with your ISP or read the contract.

Should I just change my ISP and get a new IP adress?

Each ISP has a pool of IPv4 they can use and different ISP use different pools. It does not change the general problem though, i.e. that it might be that the IPv4 is shared with others. Ask the new ISP for details.

Is this the ISP's fault for giving two households the same IP?

Unless a fixed public IP address is explicitly mentioned in the contract their is usually no obligation to assign a fixed IP address to a customer.

Could I be blamed for anything they do online?

Blaming somebody is often done without fully understanding things. This does not mean that they are right nor does this mean that this can result in legal actions against you.

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
10

Contrary to what some moderators in some communities believe, IP addresses are not a reliable personal identifier.

  • Some ISPs use carrier-grade NAT, which means that a large number of users share the same IP address
  • Many ISPs use dynamic IP allocation, which means that customers receive a new IP address every time they restart their router, and often even in between sessions for no reason at all. Even though two users can not have the same IP at the same time, they can receive the same IP in short succession.
  • Even those ISPs which tend to leave end-customers with the same IP for long periods of time can suddenly change the IP assignments without prior notice.

Why do moderators still use IP bans to get rid of trolls? Because there is usually no more reliable way to identify unwelcome people who try to join the community with a new identity. And false-positive IP matches are far rarer than false-negatives.

Philipp
  • 48,867
  • 8
  • 127
  • 157
  • 5
    I think most moderators/admins understand IP addresses are not good personal identifiers. It's just when problematic activity is coming from an anonymous user (or the same anonymous user is creating tons of new accounts to do the activity), and they note the IP address is the same, an IP ban makes some sense. – dr jimbob Mar 01 '21 at 18:35
  • 1
    I'd be curious (and sceptical) about how much analysis, testing and validation typically goes into IP bans. If a user comes to your site for the first time, only to be told they're banned, I suspect in most cases they'll just go away or go somewhere else rather than complain about it (and complaining about it may also be more difficult if you're banned). If someone who doesn't know how to analyse data looks at that, they may think that's just another true positive. Or maybe they just think IP bans are worth the cost either way, even if/when false positives aren't that uncommon. – NotThatGuy Mar 02 '21 at 10:43
  • Yes, I have to agree that it's mostly an inaccurate way to identify a perpetrator on wikipedia. If the problem is just minor vendalism or adding incorrect information , then an incorrect ban is innocuous but when it comes to vendalism concerning serious or sensitive topics on wikipedia that may cause legal issues in some countries, then i think identifiying the perpetrator based on their IP is problematic.. – Anna Apr 03 '21 at 21:40
1

If the IP address revealed is from behind a firewall, it is ordinarily a private IP therefore multiple end-user's can have the same IP address. This occurs all the time. If the culprit was able to have a functioning duplicate public IP address that was originally assigned to you, he or she would be breaking the law. This is definitely an issue I would bring to your internet service provider's attention. They would have the tools to scan the internet to see if one of their IP addresses are being deceived.

Furthermore, public ip addresses that are actively distributed can be one consumer's address one day, and a different consumers address 24 hours later (however long the IP address lease period). Therefore, raising the possibilities that you could be blamed by providing some category of technical evidence.

If you have been violated and the situation doesn't get attention or audited, you should consider going to a more reputable ISP.

It may or may not be the fault of the ISP, but in this case it looks to me like it's the fault of the perpetrator who compromised yours and the ISP's network.

I've heard of horror stories about innocent users blamed for another's actions by use of technology. Albeit rare, anything can happen.

schroeder
  • 123,438
  • 55
  • 284
  • 319
Stereomac
  • 21
  • 1
  • Why would the perpetrator have a functionning duplicate IP of my specific IP address? Is it just a coinsidence? and would you further explain, please, why you think it's probably the perpetrator's fault here and not the ISP's? – Anna Mar 01 '21 at 17:12
  • 3
    @Anna you won't have the same IP at the same time ... – schroeder Mar 01 '21 at 17:22
  • Anna, if you're trying to say it's not the perpetrator's fault or the ISP's fault unless they get caught, then all I could be able to tell you is it's not my fault. What I can tell you is that if the culprit purposely breaks the law and is in violation of the ISP policy, the or in violation with the FCC's -- he or she is at fault. If the ISP has reluctantly violated – Stereomac Mar 06 '21 at 07:06