[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Facebook brute forcing hidden services

Hi - My name¹s Alec, I work for Facebook and am the team lead for Facebook
over Tor.

Long story short: details will come out later, but we just did the same
thing as everyone else: generated a bunch of keys with a fixed lead prefix
("facebook") and then went fishing looking for good ones.

I feel that we got tremendous lucky.

    - alec

On 10/31/14, 5:23 AM, "Mike Cardwell" <tor@xxxxxxxxxxxxxxxxxx> wrote:

>So Facebook have managed to brute force a hidden service key for:
>If they have the resources to do that, what's to stop them brute
>forcing a key for any other existing hidden service?
>Mike Cardwell  
>OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3   B0CF 70A5 F512 0018 461F
>XMPP OTR Key   8924 B06A 7917 AAF3 DBB1   BF1B 295C 3C78 3EF1 46B4

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to