Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

Re^5: to distinguish between [Anonymous Monk]s in a thread, brand 'em

by mr_mischief (Prior)
on Oct 07, 2011 at 02:43 UTC ( #930097=note: print w/ replies, xml ) Need Help??


in reply to Re^4: to distinguish between [Anonymous Monk]s in a thread, brand 'em
in thread to distinguish between [Anonymous Monk]s in a thread, brand 'em

I didn't see a random salt per user in the example. There really shouldn't need to be a random salt. The point is anonymity, so leave anything that ties it to the user at all out. There's no need to prevent sensitive information leaking if there's no sensitive information. A crypt on the session ID and the root node ID should be plenty to assure separation of credit for the thread, so why include anything else in a publicly displayed string?

This all kind of assumes the idea would be picked up anyway, which is not by any means a foregone conclusion. It's all just painting a bike shed that may never be assembled.

The level of information trusted to the site admins shouldn't by default be trusted to everyone. Don't assume that giving up IP information to the public would be okay with everyone just because it's okay with you. Apparently you're forgetting (or simply not aware, but that's doubtful) of the issues of stalking and harassment other people have had to deal with.


Comment on Re^5: to distinguish between [Anonymous Monk]s in a thread, brand 'em
Re^6: to distinguish between [Anonymous Monk]s in a thread, brand 'em
by Anonymous Monk on Oct 07, 2011 at 03:09 UTC

    I didn't see a random salt per user in the example

    That is why I said that it is another thing that could be done -- to alleviate your crypt breaking concerns

    There really shouldn't need to be a random salt. The point is anonymity, so leave anything that ties it to the user at all out. There's no need to prevent sensitive information leaking if there's no sensitive information. A crypt on the session ID and the root node ID should be plenty to assure separation of credit for the thread, so why include anything else in a publicly displayed string?

    Um, yeah, because of everything I already said in this thread -- the actual branding scheme is not that important

    This all kind of assumes the idea would be picked up anyway

    Yes, for purpose of discussion, that assumption has to be made, esp by the suggester, me :)

    The level of information trusted to the site admins shouldn't by default be trusted to everyone. Don't assume that giving up IP information to the public would be okay with everyone just because it's okay with you. Apparently you're forgetting (or simply not aware, but that's doubtful) of the issues of stalking and harassment other people have had to deal with.

    Why assume that IP information is made public? Because it isn't you know.

    And just how would a stalker/harasser know which Anonymous Monk posting is the person they're looking for?

    I get branded, not you mr_mischief, and I am legion, for I am many.

     

    But seriously, I would be more worried about WITCHES than stalker/harasser/goverment/godwin , they got magic :/

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://930097]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (3)
As of 2014-07-26 16:35 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (178 votes), past polls