[riskable]

Another aspect of IP addresses in court cases I never understood is in regards to copyright infringement. When someone shows up in court with a log showing your IP doing "something bad" how do you know the log wasn't entirely fabricated?

I mean, it's pretty easy to create a log showing any given IP doing whatever you want. I seriously doubt that prosecutors are demonstrating a chain of custody and immutability in regards to such digital evidence.

If it's the government doing it you at least have the sworn testimony of the investigating LEOs but in civil court it seems like it would be merely the word of the prosecution which is basically no different than, "it happened because I said it happened."

[rayiner]

To the contrary, prosecutors do (with various degrees of success) establish chain of custody for digital evidence. Moreover, no prosecutor is going to build a case on just an IP address in a log file. They will use that as evidence supporting a warrant to search a suspect's computer. At that point, law enforcement will usually collect a physical hard drive, which will be considered the "original evidence" and subject to the usual chain-of-custody protections.

[Freestyler_3]

Forensics is a way to do things (procedure) so that you can use your findings in court. It is up to the opponent to challenge certain methods, like "you used md5 hashing which is proven unreliable", or something like that.

"They will use that as evidence supporting a warrant to search a suspect's computer" Indeed, you won't be called to court just because your ip address in on a list. There will be further research which could result in: We found this video on the computer which was downloaded from [source] as shown in the logs from with this ip.

[dsfyu404ed]

The outcome is mostly irrelevant if the local news reports that "police raided the home of X.. blah, blah, blah... terrorism/pedophiles"

[CJefferson]

Almost nothing can be protected from that..

Witnesses can be wrong or just lie, paperwork and signatures can be forged.

We can't live in a world where every conviction is somehow "mathematically proved", we live in a world of "beyond reasonable doubt". It's messy and imperfect, but seems (to me) to be better than the alternatives.

[roblabla]

signatures are hard to fake. virtual logs, not so much. Planting evidence in there is so easy it hurts. And people might not know how easy it is to fake that evidence, whereas it's pretty obvious to anyone that a witness can lie...

I'm not saying we should disregard those kind of virtual evidence, I'm just saying we might need to educate more about the risks of falsifications more.

[ams6110]

So it's up to the defense to introduce resonable doubt then. Such as: a plausible motive to fake the log entries. A demonstration of how easy it is to do. A convincing argument that there was an opportunity to do it.