[Noisebridge-discuss] Access control & Safety, both personal and general space.
2 at 0x2c.org
Thu Feb 9 00:08:57 UTC 2012
On 02/09/2012 12:49 AM, Daniel Pitts wrote:
> On 2/8/12 1:39 PM, Jonathan Lassoff wrote:
>> On Wed, Feb 8, 2012 at 1:31 PM, Casey Callendrello<c1 at caseyc.net> wrote:
>>> I like this classification, with one caveat: Only the Treasurer + Board
>>> should be able to define Consensed Members. If this is enshrined in some
>>> sort of system running on Pony, then anyone with sudo will be able to
>>> l33t h4x0r it, but that's probably okay.
>>> One possible issue: if this is somehow stored programatically and used
>>> for Caller-ID access, then there *will* be, on disk, a list of member
>>> pseudonyms and their phone numbers (opt-in, of course). I think the
>>> presence of such a list is okay, and I'm comfortable with my own number
>>> being there, but if someone is offended by the mere presence of such a
>>> list *and* has a better suggestion, I'm all ears.
>> Perhaps bcrypt the phone number and store that instead? That way, you
>> can verify that something's in there, but it can't be easily figured
>> out what it is.
> There isn't much point in encrypting a phone number, the number of bits
> of entropy is so low that a brute-force attack would be *extremely* easy
> to execute.
I assumed the hash is to protect the privacy of the user, not to make
external brute-forcing impossible (that seemed to be even encouraged).
For this case you could use a simple hash that gets truncated and
therefore can not be reversed to a definite answer (phone number). The
objective is to lose information, not to make brute-forcing
I guess you could populate the trust tree into a bloom filter, and the
more numbers you add, the more anonymous it gets. However, you won't be
able to just purge branches; you'll have to hot tub it.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 900 bytes
Desc: OpenPGP digital signature
More information about the Noisebridge-discuss