Timwi <timwi(a)gmx.net> wrote:
Eric wrote:
The aim is to identity each anonymous edit with a
unique number. Right?
Well then, a different unique number can be coded using a special formula which
ends us up with a 1-to-1 relationship.
This means that the IP address can still be reconstructed from the
"unique number". What you are suggesting is called "security by
obscurity". Unfortunately, you are forgetting that the source code is
open, and so any formula - no matter how complex - can be seen by everybody.
I've actually thought about this sort of thing for a site I've been
planning with anonymous users. The trick is to assign a *meaningless*
number that nonetheless consistently maps to a particular IP address.
CREATE TABLE anonips (
anonid INTEGER NOT NULL AUTO_INCREMENT PRIMARY KEY,
ipaddr INTEGER NOT NULL
);
Then add a Special:Anonip, limited to sysops, that looks up an
anonymous user number in the table and returns the IP address.
Yes, if you happen to get the same IP as a previous user, you'll know
their old IP address. But it doesn't have to be perfect.
--
Brent 'Dax' Royal-Gordon <brent(a)brentdax.com>
Perl and Parrot hacker