Re: de-identification text for Wednesday's call

On 04/02/2013 08:50 AM, Shane Wiley wrote:
> once the one-way hash function has been applied the data is never
> again able to be accessed in real-time to modify the user's experience.
I think I'm confused, can you explain this more? How is this possible?
If you are just hashing a cookie string, your web server receives a
request that includes a cookie string, you hash that cookie string
(which is in incredibly fast operation), match the hashed cookie against
the stored data, and return personalized results.

Or are you salting the hash differently for every request, or combining
the cookie with an ephemeral piece of data (the timestamp) before
hashing and then throwing away the timestamp?

Thanks for clarifying, apologies if I'm just being dense.


Dan Auerbach
Staff Technologist
Electronic Frontier Foundation
415 436 9333 x134

Received on Tuesday, 2 April 2013 17:59:02 UTC