Traceability on the Internet is the process of determining who was using
a particular IP address at a particular time. In this talk I will show
how fuzzy this idea becomes at the edges of the network when users are
on an Ethernet a broadcast medium where the notion of identity
becomes a matter of agreement rather than immutable fact. The hacker
community has long known about ARP spoofing; but I've found a new trick.
As a part of my PhD work I built some hardware that permitted one
machine to borrow someone else's IP address and Ethernet MAC address and
thereby impersonate them, even when they were actively using their
machine. Then, by chance, I found that I'd taken far too complicated an
approach and modern software firewalls, that are supposed to make you
more secure permit others to impersonate you with impunity. This has
significant implications not only for traceability, but also for the
builders of NATs, and especially for the business models of those who
overcharge for their WiFi hotspots.