Tim Starling wrote:
For a while now, we've been releasing squid log
data, stripped of
personally identifying information such as IP addresses, to groups at
two universities: Vrije Universiteit and the University of Minnesota. We
now have a request pending from a third group, at Universidad Rey Juan
Carlos in Spain. They are asking if they can have the full data stream
including IP addresses, and they are prepared to sign a confidentiality
agreement to get it.
Why do they need the ips?
What is the purpose of the data?
I don't see why personally identifying information could be needed other
than to personally identify someone.
Given that you say ip's are not to be used as unique ids... Maybe
they're going to proxyscan hundreds of ips to find out if they're proxies??
I'd like to see the request reasons :P
PS: The intercepted data would surely be useless but would the data
stream with "personally identifying information" be vulnerable to a
man-in-the-middle attack?