[Noisebridge-discuss] door stats
Adrian Chadd
adrian.chadd at gmail.com
Fri Jun 21 20:08:56 UTC 2013
Right, but mine maintains security in the stored format -too-...
Adrian
Sent from my Palm Pre on AT&T
On Jun 21, 2013 11:58 AM, Shannon Lee <shannon at scatter.com> wrote:
No, if you generate a one-time pad of random hashes, such that...
1 -> foo2 -> bargain basement3 -> mickey mouse4 -> jet plane
...et cetera, then we maintain frequency counts and timing while anonymizing specific codes, and you can't brute force it because there's no hash function. You can even throw away the one-time pad, because the timing data makes it easy to map "mickey mouse" back to specific entries if you have the original dataset.
I think Curtis' suggestion actually has the same properties.
--S
On Fri, Jun 21, 2013 at 11:42 AM, Adrian Chadd <adrian.chadd at gmail.com> wrote:
Since it's numeric only, any human memorisable password will be easily brute forced.
You'd need to store it with a biiiiiiiiig salt in order to avoid being easily hacked.
Adrian
Sent from my Palm Pre on AT&T
On Jun 21, 2013 11:16 AM, Andy Isaacson <adi at hexapodia.org> wrote:
Simply SHAing isn't sufficient, since I can just brute-force the
mapping to figure out which PIN gives which SHA. There's a few standard
schemes for doing this, but I haven't researched which ones are
appropriate here...
-andy
On Fri, Jun 21, 2013 at 10:52:47AM -0700, Shannon Lee wrote:
> Hey,
>
> Thanks! I was hoping for an anonymization scheme that preserves the
> uniqueness of PINs used? So instead of XXX you'd see a sha2 hash of the
> door code?
>
> Thanks,
>
> --S
>
>
> On Fri, Jun 21, 2013 at 10:46 AM, Alex Buie <alex.buie at frozenfeline.net>wrote:
>
> > Here are the stats for June, with the actual codes anonymized:
> > https://minotaur.noisebridge.net/baron_anon.txt
> >
> >
> >
> > This lives in /var/www/baron_anon.txt on minotaur if someone decides it
> > should go away.
> >
> >
> > On Fri, Jun 21, 2013 at 10:29 AM, Shannon Lee <shannon at scatter.com> wrote:
> >
> >> Is it possible to get hash-anonymized raw log data? It looks like a fun
> >> data set.
> >> On Jun 21, 2013 10:07 AM, "Dana" <dana-lists at sonic.net> wrote:
> >>
> >>> I was curious about usage of noisebridge by time of day, so I pulled
> >>> together some high level stats on door codes (hour of day, date, day of
> >>> week for 5/23-6/20), thought others might find it interesting.
> >>>
> >>> No actual codes nor user details are included.
> >>>
> >>> CHART: http://oi39.tinypic.com/2uibxqs.jpg
> >>> DATA: https://pad.riseup.net/p/doorstats
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> _______________________________________________
> >>> Noisebridge-discuss mailing list
> >>> Noisebridge-discuss at lists.noisebridge.net
> >>> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
> >>>
> >>
> >> _______________________________________________
> >> Noisebridge-discuss mailing list
> >> Noisebridge-discuss at lists.noisebridge.net
> >> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
> >>
> >>
> >
>
>
> --
> Shannon Lee
> (503) 539-3700
>
> "Any sufficiently analyzed magic is indistinguishable from science."
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
_______________________________________________
Noisebridge-discuss mailing list
Noisebridge-discuss at lists.noisebridge.net
https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
--
Shannon Lee
(503) 539-3700
"Any sufficiently analyzed magic is indistinguishable from science."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20130621/fb780327/attachment.html>
More information about the Noisebridge-discuss
mailing list