Combine paste ID with IP or salt when generating vizhash and other identifiers

[SoniEx2]

ZeroBin should combine the paste ID with IP or salt when generating the vizhash, so that while you can still identify a commenter on the same paste, you can't do it across pastes.

This would make ZeroBin more anonymous.

(TODO figure out a good way to implement this)

[Mikaela]

And how does this work in case of CGN with hundreds/thousands customers behind it?

[elrido]

AFAIK currently the vizhash is based on IP and server salt only. So by this design you get the same vizhash on the same server for the same IP (NATed folks get the same vizhash). The server salt is there, so that one can't reverse engineer the IP based on the image offline by brute force. If you add the paste ID you could not identify the IP even across pastes.

The Question is: What do you want to use the vizhash for?

My interpretation is, that since there is no login system, it is an indicator if the comment was sent by the same "user x" as the one of "user x" before. In that reading it is not a good idea to have different vizhash basis between pastes, as you will not be sure if the comment on a new paste from "user x" really is from the same user. The other use is to make it a bit more difficult to use sock puppets in a discussion.

On the other hand I can see the argument that a determined user can anyway use a proxy, TOR or whatever to mask his IP and therefore can, with low effort, use multiple vizhash "personas".

But then, this user could just comment anonymously and haven't worry about an "identifying" vizhash at all.

I have seen that some zerobin instances disable the vizhash in their comment templates. How about I'll make this and the option to have per paste vizhashs a configurable option in the fork?

Side note: CGN is IMO a horrible abomination and will anyway become unnecessary once IPv6 sees more widespread adoption. And since Asia in 2011 and North America since this year are out of IPv4s and have to recycle them, we should see some movement on that front soon.

[Mikaela]

Side note: CGN is IMO a horrible abomination and will anyway become unnecessary once IPv6 sees more widespread adoption.

but no one needs IPv6 as we can just add many layers of NAT 😢

Finland has finally woken up to IPv6 adoption this year, 2/3 (Elisa,DNA/Sonera) carriers have it and on physical network side one has native (DNA), second 6rd (Sonera) and third (Elisa) promises to try to bring it during this year.

[incorpusyehtee]

Would you be willing to look at implementing tripcode based vizhashes?

I tried preliminarily to redirect the data vizhash was interpreting to generate its hash. I added to the reply/comment box a field

+ '<input type="text" id="nickname" title="Optional nick" value="Optional nick" />' + '<input type="text" id="tripcode" title="Optional trip" value="Optional trip" />'

and to the index.php I changed:
$pngdata = $vz->generate($_POST['tripcode']);

But it did not work.

[elrido]

The comments are sent via Javascript, so you need to add your new input field content around here. Maybe also add a check in the PHP side if the content is "Optional trip" (meaning the trip was not set/changed) and fall back to using the IP address in those cases.

[incorpusyehtee]

Thank you for the swift reply. It looks like implementing the tripcode in the comment field is more difficult than I initially realised.

Suddenly there are lots of JSON error and whatnot. I will continue to look at how to get the JS to pass the input to PHP.

[elrido]

About the JSON errors: JS is very finicky about empty values, i.e. caused by a comma to much at the end of the JSON object.