[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Facebook brute forcing hidden services

Thank you for doing this! I'm glad to see a site as huge as facebook has decided to start implementing a HS for their users. 


On October 31, 2014 8:35:50 AM EDT, Alec Muffett <alecm@xxxxxx> wrote:
>Hi - My nameÂs Alec, I work for Facebook and am the team lead for
>over Tor.
>Long story short: details will come out later, but we just did the same
>thing as everyone else: generated a bunch of keys with a fixed lead
>("facebook") and then went fishing looking for good ones.
>I feel that we got tremendous lucky.
>    - alec
>On 10/31/14, 5:23 AM, "Mike Cardwell" <tor@xxxxxxxxxxxxxxxxxx> wrote:
>>So Facebook have managed to brute force a hidden service key for:
>>If they have the resources to do that, what's to stop them brute
>>forcing a key for any other existing hidden service?
>>Mike Cardwell  
>>OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3   B0CF 70A5 F512 0018 461F
>>XMPP OTR Key   8924 B06A 7917 AAF3 DBB1   BF1B 295C 3C78 3EF1 46B4
>tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
>To unsubscribe or change other settings go to
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to