| ▲ | VladVladikoff a day ago | ||||||||||||||||||||||
> The site’s only input fields accept license plate numbers (which are hashed client-side before transmission and cannot be harvested) License plates are trivially short, hashing them accomplishes no additional level of privacy if the hashes could be bruted in seconds on an antique GPU. | |||||||||||||||||||||||
| ▲ | creatonez 3 hours ago | parent | next [-] | ||||||||||||||||||||||
This might be referring to k-anonymity where you truncate the hash so that it matches about 1000 hashes, then the client matches against that list. Which makes it so the operator can't really narrow down what exact license plates correspond to which searches. | |||||||||||||||||||||||
| ▲ | croes 21 hours ago | parent | prev | next [-] | ||||||||||||||||||||||
They have indexed publicly available data. The privacy was long gone before you even entered a license plate number. Or do you think other actors didn’t have the same data but without a frontend to show it to you? | |||||||||||||||||||||||
| |||||||||||||||||||||||
| ▲ | hibf a day ago | parent | prev | next [-] | ||||||||||||||||||||||
Technically true. Flock could present an unfounded argument that I might be brute-forcing my own security and privacy measures. I think it'd sound pretty dumb. | |||||||||||||||||||||||
| |||||||||||||||||||||||
| ▲ | TheDong a day ago | parent | prev | next [-] | ||||||||||||||||||||||
Being able to say "Our server never sees user-input license plate numbers", even though from a technical perspective the hash is just as identifiable, does have value. Even though it offers no additional privacy, it does let non-technically-minded users and so on feel safer, and that's valuable. | |||||||||||||||||||||||
| |||||||||||||||||||||||
| ▲ | mceachen 16 hours ago | parent | prev [-] | ||||||||||||||||||||||
https://en.wikipedia.org/wiki/Salt_(cryptography) (Or https://en.wikipedia.org/wiki/Pepper_(cryptography) off you want to be fancy) | |||||||||||||||||||||||
| |||||||||||||||||||||||