in reply to Re^3: monastery mark-upedness (trolling)
in thread monastery mark-upedness

Actually, I had been considering doing exactly that. I hadn't seen it elsewhere (I don't read blogs much) but my plan was to make the hash so that, for example, if the first three octets of the IP match, then the first three chunks of the hash would match since many have dynamic IPs (but the hashing of each octet would depend on the previous octets so the hashing wouldn't be trivial to reverse).

I suspect even a hash of the source IP being displayed on non-anonymous nodes here would be greeted by complaints from some people. But I'd also like to discourage the "registered user pretending to be anonymous" sham. But I've also posted anonymously for good reason several times. Perhaps the ability to see the hash of the IP of non-anonymous nodes could be a level power or there could be a level power that allows comparing the source IPs of two specific nodes?

In the end, it didn't make it to the top of my to-do list in part because we've banned the IPs of the two most persistent anonymous trolls so the benefit was limited for now. I somewhat envy wikipedia's position of noting IPs of anonymous contributors from the beginning.

- tye        

  • Comment on Re^4: monastery mark-upedness (display IPs)

Replies are listed 'Best First'.
Re^5: monastery mark-upedness (brute force)
by kyle (Abbot) on Mar 21, 2008 at 16:05 UTC

    ...my plan was to make the hash so that, for example, if the first three octets of the IP match, then the first three chunks of the hash would match

    That sounds like a nice goal, but one thing to be wary of is making brute force attacks too easy. If you publish a hash of only the first three octets of an IP address, that's a somewhat smaller range of numbers I have to plough through to guess what the original numbers are. I get an even bigger advantage if I check only the blocks that I know are registered to some organization and look first at blocks from English speaking countries, etc.

    Just a thought.

[reply]

      Quite right; at worst a naive dictionary of md5s for the entire 32 bit IPv4 range would be 64G ( ( 16 * 2**32 ) / ( 2**30 ) ) which would fit on a keychain these days (not to mention winnowing out multicast and unroutable addresses would shrink it from there). You'd want to toss in some sort of not-public salt so Eve can't do a dictionary attack (and maybe the salt used for anonomonks could move periodically so that it's constant over the life of a thread but varies unpredictably month-to-month).

      The cake is a lie.
      The cake is a lie.
      The cake is a lie.

[reply]
[d/l]

        Who said I was going to announce the hashing algorithm used?

        Yes, that is right, I'm talking about security through obscurity!

        I was going to obscure the hashing algorithm used just like Fletch proposes obscuring the "not-public salt". But I considered that too obvious to mention since using a known hash on something as tiny as an IP address would be silly to the point of being stupid, no?

        Thanks for mentioning that, Fletch. That interpretation would have likely never occurred to me. :)

        - tye        

[reply]

      I wasn't going to only display the first 3 octets. And if you have the resources to post anonymous nodes from any IP address you want to, then I probably have more to fear from you than you figuring out what IP addresses anonymous postings to PerlMonks come from.

      - tye        

[reply]

        I'm not concerned about someone forging an IP address. I'm talking about just figuring out where it is. Some of our monks my want to retain the privacy of not having their IP address available to others. If the scheme for hiding IP addresses is vulnerable to a brute force attack, we might as well just publish them in the clear.

        Admittedly, my thoughts on this are based on a design that's not completely defined, so this may all be gnashing for nothing.

[reply]

In Section Perl Monks Discussion