hashed user IDs redux [was: Re: Creating a key bearing no user ID]

MFPA expires2012 at rocketmail.com
Sun Jan 29 17:46:13 CET 2012

Hash: SHA512


On Friday 27 January 2012 at 1:29:07 AM, in
<mid:4F21FDE3.30903 at sixdemonbag.org>, Robert J. Hansen wrote:

> The use is correct.  Spamming is what someone does once
> they have your private information: harvesting is the
> act of collecting.

Far worse things than spamming can happen with your private

> One windmill at a time, my ingenious gentleman of La
> Mancha.

I see the two as just one issue: protecting a string of text.

> On 1/26/2012 6:41 PM, MFPA wrote:
>> Why would a spammer network bother to generate email
>> addresses and  submit them as keyserver queries,
>> rather than just sending spam out to them all?

> I have been waiting for you to realize this.

> *Even if you solve the key enumeration problem, you
> solve nothing.* It doesn't get you anything, because
> the email enumeration problem is just as bad.

Random spamming is quite another thing from actually knowing an
individual's personal contact details: their email addresses, the
names they use, which email address is used with which name.

> And yet, my two unlisted cell phones both routinely get
> robocalls and telemarketers.  They, too, work by
> enumeration.

At least they are calling random numbers rather than specifically
targeting you personally.

In the UK, these unsolicited calls are massively reduced by
registering the number with the telephone preference service. You
still get occasional calls from organisations not covered or not
complying, and you get some silent calls because some callers'
equipment checks the numbers they generate against the list only if
the call is answered. I believe you have something similar in the US

- --
Best regards

MFPA                    mailto:expires2012 at rocketmail.com

Pain is inevitable, but misery is optional.


More information about the Gnupg-users mailing list