Potential successful social engineering attack?

>>1472746 (pb)

>>1473015 (pb)

/CM/BO/BV/anons/:

Request for comments.

Not a drill.

Why would Q request that their IP hash be published?

"IP hash release OK."

Think logically.

CM/BO/BV would have been more than sufficient to confirm IP hash history without publishing the IP hash.

Possible that this was in fact a TRIP crack + IP spoof in order to launch a social engineering attack on BV?

Not implausible.

Adversaries are nation-state actors.

Possible that #1421 is in fact a decoy to reduce suspicion/discussion surrounding above events?

Is salt being cycled frequently?

IP hash + Salt + Rainbow Table = OPSEC failure.

"Your IP hash could be leaked if the site was hacked again. There are ways to attack hashes [see: rainbow tables]" - CM

http://archive.is/5Dz2H#selection-795.0-803.100

"if you know the salt, you can construct a rainbow table. 8chan will switch salts every few months or so for that reason." - bin/sh

https://archive.is/o/5Dz2H/https://8ch.net/sudo/res/36710.html%23q36897

X

>>1475646

Publishing the IP hash wasn't necessary though.

Anons would have trusted you, BO, CM to, as you say, to "secure their line of integrity [of posts]."

With the IP hash now published an adversary now just needs the salt.

Especially if the salt hasn't been being cycled regularly.

It's hard to envision that Q would find this situation to be acceptable from an OPSEC perspective.

X

>>1475787

Even a partial IP hash is useful.

It allows for subsetting a rainbow table.

You don't think Q's IP address would be useful to any number of adversaries?

Why do you think this platform was selected?

X

>>1475917

Plausible.

X.

>>1475729

Message received.

Loud and clear.

X

>>1476018

>>1475729

>>1475917

I don't think further discussion is necessary.

Thank you for your service.

X