Oh! If its for geo-location purposes, ok, there's another way around. We'll let the container use the IP to tell the gadget where the user is from. So instead of passing the IP, the geo-location can be passed directly. Ofcourse, it proves financially expensive for the container site. But anyone who wants gadgets to get some geo-location data, might ofcourse try to give away geo-location data directly instead on the IP. There's no perfect method. But we need to protect the user's privacy too by not offering the IP directly.
On Tue, Feb 26, 2008 at 9:31 PM, Brian Eaton <[EMAIL PROTECTED]> wrote: > Two comments. > > - what use would a hashed IP address be to anyone? I think the > original request was for the IP address for geolocation purposes, and > then I chimed in saying we should have it to help respond to abuse > complaints. A hash of the IP is not useful for either purpose. > > - don't use straight md5 or sha1 to obfuscate something with low > entropy like an IP address. You need a salt, at least, or probably an > HMAC or even a one-time pad depending on your goals. If you use an > unsalted hash then building up a dictionary mapping from the hash to > the original IP is easy. > > On Tue, Feb 26, 2008 at 1:53 AM, Akash Xavier <[EMAIL PROTECTED]> > wrote: > > Hi everyone! > > Perhaps, we solve this by a different solution. I don't know whether I > am > > right but I think this can be done. > > The container can set a cookie which contains the value of the ip > address of > > the viewer in some encrypted form (like something md5 or sha1 value of > the > > IP), this can be done by the server side script (what ever language, > java or > > php). > > This value can then be passed to the app's server by the javascript > when > > making the call to the app's server for some data. > > > > IMO an an encrypted value is enough. I think server-side encryption is > the > > solution to protect the user's privacy (and also from gadget authors > > exploiting their IP data). > > > > On Tue, Feb 26, 2008 at 7:35 AM, Kevin Brown <[EMAIL PROTECTED]> wrot > > > > > > > > > Actually, you're right -- we won't be forcing images through a proxy > most > > > likely, so they could always use that vector if they really wanted to > > > steal > > > IPs. > > > > > > On Mon, Feb 25, 2008 at 5:57 PM, Brian Eaton <[EMAIL PROTECTED]> > wrote: > > > > > > > On Mon, Feb 25, 2008 at 5:47 PM, Kevin Brown <[EMAIL PROTECTED]> > wrote: > > > > > Caja will eliminate this in the long run (as well as my other > > > proposed > > > > way > > > > > to steal the IP). > > > > > > > > I'm not sure I believe this. In theory, sure. In practice I > suspect > > > > that a policy that prevented the IP address from leaking in any > > > > possible way would also make it very difficult to write cool > gadgets. > > > > > > > > I hope to be proved wrong, though. > > > > > > > > Cheers, > > > > Brian > > > > > > > > > > > > > > > > -- > > > ~Kevin > > > > > > If you received this email by mistake, please delete it, cancel your > mail > > > account, destroy your hard drive, silence any witnesses, and burn > down the > > > building that you're in. > > > > > > > > > > > -- > > Akash Xavier > > [EMAIL PROTECTED] > > > -- Akash Xavier [EMAIL PROTECTED]
