zlacker

[return to "Justice Department withdraws FBI subpoena for USA Today records ID'ing readers"]
1. xvecto+W4[view] [source] 2021-06-05 22:32:49
>>lxm+(OP)
I wish services didn't store IPs at all.

If abuse is an issue, why not hash the IP with a nonce?

◧◩
2. gizmo6+m6[view] [source] 2021-06-05 22:47:23
>>xvecto+W4
There are only 2^32 possible IP addresses. You can brute-force that on a personal laptop.
◧◩◪
3. xvecto+Ee[view] [source] 2021-06-06 00:20:01
>>gizmo6+m6
If you use a hard hash function you cannot brute force that on a laptop - not even a tenth of that. You can, however, spin up compute instances to brute force it in a few days if you have $50k lying around.
◧◩◪◨
4. zeroim+fr[view] [source] 2021-06-06 02:47:25
>>xvecto+Ee
What are the odds that a website will run a computationally hard hash function on every single HTTP request just so it can log something less sensitive than an IP address?
[go to top]