Wednesday, March 25, 2009

How to Safely Anonymize Users

You want to allow Anon to post messages; you want to block their IP address if
they don’t follow your terms; but you don’t want them to be traceable.  The solution to this is
excessively simple.  One-way encrypt their IP address.

This can be done in PHP
simply by grabbing the MD5 of their IP address.

The last note is; this still isn’t
completely anonymous.  Anyone could easily compile a rainbow table for IP address MD5 results. 
Try mixing it up.  Apply a secret key to the MD5 before, after, or even between the numbers. 
Encrypt the numbers to letters before throwing it through an MD5.  Either way, you gain the ability
to identify anonymous users through a Unique ID without having anything of use to a hacker or federal
employee.

src="http://digg.com/tools/diggthis.js" type="text/javascript"> type="text/javascript">digg_url = undefined;digg_title = undefined;digg_bgcolor = undefined;digg_skin =
undefined;