If you used a per-user-list salt, then it would be about as useful as obfuscatin... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ryan-c on June 12, 2023 \| parent \| context \| favorite \| on: Why are blocks on Bluesky public? If you used a per-user-list salt, then it would be about as useful as obfuscating phone numbers by hashing them. The list must then be enumerable in N*x time, where x is the time to hash one user, and N is the cardinality of the search space. One second per legitimate hash check? You can enumerate the list in a few hours by doing a parallel search...

anamexis on June 12, 2023 [–]

Right, but isn't this inherent in the hypothetical requirements here? Being able to query individual usernames for block status?

ryan-c on June 13, 2023 | [–]

Yes. Hashing would therefore accomplish little other than wasting energy.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact