Tinkering about how to publish domain blacklists without immediately revealing the domains. Compressed bloom filters or Golomb-coded sets using hash functions whose complexity increases exponentially + a final memory hard hash?
-
Show this thread
-
Replying to @jedisct1
I believe Google uses Bloom filters for its domain blacklists in Chrome, which always seems like a sensible solution for this kind of scenario
2 replies 0 retweets 0 likes -
Replying to @martijn_grooten
At $previousjob, many employees could freely look at the logs and see what companies were infected, compromised, browsing porn during the day. Even though the relevant domains were blocked for them. This is not acceptable. These blocked lookup attempts should remain private.
1 reply 0 retweets 0 likes -
Replying to @jedisct1 @martijn_grooten
Sales persons took advantage of this. This is not acceptable.
3 replies 0 retweets 0 likes -
Replying to @jedisct1
Ouch. I think it's a valid requirement that you're asking for. The downside, from a security point of view, is that you're missing an important feedback loop to learn about new sites you may want to add to the blacklist.
2 replies 0 retweets 0 likes -
Replying to @martijn_grooten
That’s a different problem to solve, and I think it can be solved as well, using error correction. Full hashes can be reconstructed from partial hashes with errors, sent by different customers.
2 replies 0 retweets 0 likes
And what you get from a single customer is not enough to prove that they accessed a specific resource.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.