On Thu, May 09, 2013 at 10:43:34AM -0500, Kevin Fenzi wrote:
> On Mon, 6 May 2013 08:32:40 +0200
> Lukas Zapletal <lzap@xxxxxxxxxx> wrote:
>
> > On Fri, May 03, 2013 at 03:30:39PM -0600, Kevin Fenzi wrote:
> > > Right, but then this information is security sensitive...
> > >
> > > User installed httpd-x.y-Z on YYYY-MM-DD, but on looking you don't
> > > see them installing the security update that was released after
> > > that -> target.
> > >
> > > Or even, user installs foo, foo is insecure and is dropped from
> > > fedora, you might know that they have it still installed and can
> > > leverage that.
> > >
> > > Or you see that user does security updates every friday, so you know
> > > they might be vulnerable thursdays.
> > >
> > > Also, you may see users install something, but we have no way of
> > > knowing if they try it and hate it and remove it right after.
> >
> > All true, that's the reason why IP address will never be available
> > from the data.
>
> Sure, if you can see the anonized logs you can still figure out your IP
> address hash easily, so that could allow you to see for example what
> other people behind your same NAT/company are installing.
>
> There's lots of weird corner cases here, which is why we decided it
> wouldn't work last time we visited it. ;(
We could create our own mapping of {IP address : complete random value},
and then hash those random values, and give out the info that way.
This solves the problem of reversing the the simple {IP address :
hash(IP address)} scheme.
It would require us to generate such a mapping, and keep it private, though.
--
Matt Domsch
Technology Strategist
Dell | Office of the CTO
_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure
