Tinkering about how to publish domain blacklists without immediately revealing the domains. Compressed bloom filters or Golomb-coded sets using hash functions whose complexity increases exponentially + a final memory hard hash?
-
Show this thread
-
Replying to @jedisct1
I believe Google uses Bloom filters for its domain blacklists in Chrome, which always seems like a sensible solution for this kind of scenario
2 replies 0 retweets 0 likes -
Replying to @martijn_grooten
At $previousjob, many employees could freely look at the logs and see what companies were infected, compromised, browsing porn during the day. Even though the relevant domains were blocked for them. This is not acceptable. These blocked lookup attempts should remain private.
1 reply 0 retweets 0 likes -
Replying to @jedisct1 @martijn_grooten
Sales persons took advantage of this. This is not acceptable.
3 replies 0 retweets 0 likes -
Replying to @jedisct1
Ouch. I think it's a valid requirement that you're asking for. The downside, from a security point of view, is that you're missing an important feedback loop to learn about new sites you may want to add to the blacklist.
2 replies 0 retweets 0 likes -
Replying to @martijn_grooten
That’s a different problem to solve, and I think it can be solved as well, using error correction. Full hashes can be reconstructed from partial hashes with errors, sent by different customers.
2 replies 0 retweets 0 likes -
Replying to @jedisct1 @martijn_grooten
You could use Shamir's Secret Sharing for that
1 reply 0 retweets 1 like
Yes, totally. That part is not the problem.
-
-
Indeed. I was going to suggest doing what I saw a colleague of Bas's do once. :-)
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.