Well, with regex searches, and enough hits to the host, you could use binary searching to figure out the exact text of the scratchpad. Presuming printables (and newline) only, it'd take only 6 or 7 hits per character you wanted to guess. Look for /^[a-m]/ and if that fails, look for /^[n-z]/, otherwise look for /^[a-h]/ and so on. As you get each letter, you add it to the beginning: /^v[a-m]/.
So, yes, this is a leak, but a slow leak.
Hmm. That'd be an interesting article about why not to allow regex searches
against text you can't eventually see. >>todo.
| [reply] [d/l] [select] |
| [reply] |
I have regex search options on my super-search. Maybe I got that by having a high-level monkness.
| [reply] |