Hector Martin

A great many men have been up in my mentions pointing out that men can easily search a hash of their OWN names to identify women who are posting. Guys. Bros. Dudes. Abusers are ALREADY aware of the people they've targeted.

And for the "but Rainbow tables!" crowd... What if I told you that the goal of women posting hashes of their abusers names actually has nothing to do with protecting men? It's about not having to be the first one to speak out.

You still don't get it. I know that's the goal. It doesn't matter what your goal is. If the hashes are reversible, *whatever your goal is* in using hashes can be subverted. You might as well just post plaintexts.

“Can” is *extremely* relative. It’s technically possible to invert a hash given given sufficient resources, but it’s definitely *not* the same as posting plaintext. There’s also some plausible deniability in that usually there are collisions.

I wonder if it might help for different posters to use different hash functions, so if one person has targeted multiple people, their name can be triangulated on because it will very likely be the only one in common between the possible plaintexts of different posters’ hashes.

If you wanted to make being targeted by some bizarre countermovement harder, you could post a salt with your hash, but that makes it SO much harder to use it to find others victimized by the same person that it mostly defeats the purpose.

If your goal is to be able to search Twitter for other victims with plausible deniability, then as I said a viable approach is to *deliberately* weaken the hash to ensure collisions. As for countermovements, "bizarre" is exactly what 4chan excels at.

Again, these are things you have to *consider* and analyze and model. You need to understand the risks. You need to *explain* those risks. You need to try to come up with the best possible solution. Not doing so is dangerous and a disservice to victims.