A Data Science Central Community
Using nothing more than the unique number assigned to every Internet connection, websites could determine whether you're logging on at home, at work, or a travel location like an airport or hotel, researchers at Microsoft have shown. They say the technique could target advertisements more precisely—or improve the security of Web services by identifying users as legitimate according to their location.
Websites commonly use the numbers known as Internet protocol (IP) addresses to approximate the physical location of visitors (visit this site to see the location guessed from your IP address). The method, which is typically accurate to the level of a city, lets advertisers target people with local deals.
Until now, though, IP addresses have not been used to determine what kind of place the person is connecting from. Researchers at Microsoft Research Silicon Valley used a data set of IP addresses collected from logs of updates to an unnamed widely used software package and from log-ins to an unnamed popular webmail service. Tracking user locations by IP address could help advertisers sidestep suggested features of the "do not track" option that Congress is considering as a way to let people opt out of tracking by advertisers.
They first identified the IP address or addresses where each user most frequently logged in. Then they tagged any addresses more than 250 miles away from those as "travel." Combining the logs for different users and looking at the timing of log-ins sharpened the labeling of IP addresses as either "home," or residential connections, "work" locations such as offices, or "travel" locations from which many different users logged in when away from home. To make the results more robust, IP addresses were assigned to a particular category only if the records of the majority of people that had logged in there led to the same conclusion.
Read more at http://www.technologyreview.com/computing/26914/
FaceBook has been using some sort of geolocation scheme for a while now. A friend of mine had his account frozen after he logged into his account from California shortly after someone logged into his account from Chicago.
The easiest geolocation system to use is to just run an IP through the ARIN whois database and find out what entity it was assigned to. (I'm sure a violation of their TOS to do so in an automated manner.) So if you want to target an ad to a Microsoft employee, you display ads to everyone that visits from an IP assigned to MS. Not very good for IPs assigned to national ISPs, but would be perfect for targeting ads to corporate users.
The site mentioned in the article wasn't very accurate for me. I accessed it from my office in San Diego and it said I was 65 miles away in the LA suburbs.
For a truly scary application of geolocation, this video of a Black Hat conference seminar is about as bad as it gets: