Oh, don't get me wrong, for certain things, IP blocks are usefull, but for most things, they're not. Why, you might ask, and the answer is simple. If you wanted to read the news site The Register, you would go to www.theregister.co.uk, you wouldn't go to 184.108.40.206, which is its IP. Or rather, which is currently its IP. And there we have it. IPs CHANGE, that's why we have domain names. Certainly, some places will have fixed domain names, but only those who've actually bought their groups of IP addresses. Home users are not what we'd call fixed IP.
Well, what does this mean? It means that anyone can use a home connection pretty safe in the idea that these blocklists won't affect them at all. This might not seem like a big deal, but its their major weakness. There is absolutely nothing at all, stopping the head of anti-piracy for some company going home, and using the DSL connection he has there. he can log there as easily as he could at work. There is, after all, no rule saying copyright enforcement can only be done on a corporate network. Heck, he could even then charge the ISP costs to the company, citing it for work. Doesn't grab you? Why don't they then use the other common resource in a busy office building - telephone lines. They can easily get some dialup modems and use them in the office. A free AOL CD or two, and they have a connection. Doesn't matter that dialup is slow, its not the transfer of data they're interested in, its who's doing it.
Think I'm joking - take a look at the people connected to you next time you are using your favourite P2P app.
It may well say 220.127.116.11 on port 6356 (an IP picked at random from a knoppix DVD torrent) - that comes out to be a BTcentral.com user, but who is that person, and who do they work for? Can you be sure that the AOL peer in your list is not an investigator for the BPI, MPAA or any other such body? They all know the tricks and the limitations of such software as well as anyone, if not better (it is their job, after all, to know about them). Don't be mislead by the actions, and press releases, their technicians and loggers are very competant, and advanced - its the lawyers and PR people that give the impression of a eunoch running a family planning clinic.
Indeed, in some cases using lists can work against you. After all, who uses such lists, is it the kid downloading the very occasional song, or the hardcore downloaders? Why, the latter of course, the slight/casual user doesn't know, or worry about it that much. So, the ones that download heavily are the ones to target. Alas, theres no way to tell from a torrents userlist which group, light or heavy, they are in, since every torrent is seperate from each other. Solutions? Well, you could scan every torrent out there, and look for recuring IP addresses, but that has two drawbacks.
1) its very time consuming, and resource intensive. and
2) we're back to the dynamic IPs again - without a court order to the ISP, theres no way to tell if the same person was using the same IP on both monday and thursday. They might have had a power cut on tuesday night, and their modem obtained another IP.
Thankfully, blocklists to the rescue!. The easiest method is use the blocklists themselves to identify the heavy users. Its very simple and uses two groups of systems (doesn't have to be a group, can be just one system in each). One group uses IPs on the blocklist, the other doesn't. Collect peer data from both, and after a while, compare lists. the major differences will be the blocklist computers will be on only one list. Voila, IP addresses obtained. Your 'protection' has been turned into identification.
Of course, that's just the main disadvantage of the system. There is a second one, and thats best described with the old computing acronym - GIGO. In other words, the quality of the list is only as good as the person thats compiled it. Any personal bias, or other skew will similarly skew the list into ineffectiveness. I wrote about a fine example of this just over 2 months ago.
Well, thats the big minus points in such a system, there are some advantages however. Such lists, used as a hosts file, for instance, can stop annoying and irritating popup ads. They can also prevent some of the torrent poisoning that goes on, although most torrent clients should manage to deal with that on their own. These are only minor pluses, however, and not really much of a benefit.
There is one simple thing to remember in general. If something is publicly downloadable, like a blocklist, it's effectively useless. Can you see, use and edit the blocklists? What stops copyright enforcement people getting the same lists and altering their strategies to work with these lists? Absolutely nothing. A high speed connection might be usefull for downloading, but a dialup connection is all that's needed to log people infringing copyright. The only way a blocklist can be effective, is if it blocks all potential 'snitch' IPs. Alas, that means blocking every single ISP in the world, and then you've blocked yourself from any sort of transfer anyway.
Just as a side note - I remember discussing the merits of the comparative method back in 98, when I was a copyright enforcer. That was 8 years ago, if you still think blocklists are a good idea, and worthwhile, you go right ahead, and can I also interest you in this fine bridge?
[Editors note: Thanks to kdsde for pointing out some of the typos in this piece]