Ask HN: Does HN store IP addresses to identify users?
does HN store IP addresses for the purposes of identifying user accounts?
I wonder if HN was hacked if "anonymous" posts would be linked back to actual people even though no email address is on the account.
EDIT after comments: OK so maybe HN should be clear that anonymity is not likely if HN is hacked. HN sort of presents as being a "safe" place to post anonymously but it's an illusion. I believe they have mod tools to help with voter ring detection and similar problems. I would guess those rely on ip addresses for some of the functionality. I don't know whether to believe you or not. They should not have to tell you that there are risks to using online services, that should be a given... IP address is most definitely part of the voting ring algo. I'm almost positive about that much. Is there a safer alternative such as using salted hashed ip addresses? Certainly not before IPv6 is widely adopted. IPv4 address space is so small, any hashing can reversed with brute force. If you knew the hash being used you could just brute force them. > does HN store IP addresses for the purposes of identifying user accounts? They use cookies assuming you are logged in. I wish they do store IPs in order to prevent password brute-forcing attacks. > I wonder if HN was hacked if "anonymous" posts would be linked back to actual people even though no email address is on the account. You should be more concerned about your email account being linked to your HN username, fortunately you don't have to provide your email here. > OK so maybe HN should be clear that anonymity is not likely if HN is hacked. HN sort of presents as being a "safe" place to post anonymously but it's an illusion. It's pseudonymous forum, if you wish to be anon - head over to 4chan instead. Even if the DB were dumped and all users' IP addresses were revealed, the leaked IPs wouldn't be much of a security risk. For one, an attacker would not necessarily get your current IP address. But even if they did have your current IP address... so what?
The most someone could find from that is your general region; maybe your city or a city next to yours if they're lucky. There's no way they're doxing you from that unless they think they can successfully SE the ISP and don't mind risking jail for it. The real security risk would be the leaked password hashes. That would be much, much more likely to result in people being doxed (and worse). > Even if the DB were dumped and all users' IP addresses were revealed, the leaked IPs wouldn't be much of a security risk. There's no DB, the site has always been described as storing everything in memory using Lisp closures, and on flat files. I don't know whether that makes Hacker News more or less secure than average, though. Then replace DB with "data structure stored in a flat file". Doesn't really matter. You can use Tor to post to HN anonymously. > HN sort of presents as being a "safe" place to post anonymously but it's an illusion. I don't think I've seen that represented anywhere, and I don't think a news site really should be It does. Ok so in the event of an HN hack, real users will effectively be indirectly DOXed? It is best to assume that your IP address isn't private information.
Every single site you visit will see it because it's the 'address' to which the server's response is sent to. What is the utility of correlating someone's IP address?
General location? Whether users share IPs? This kind of thing is done by everyone. Social Networks and Ad Networks. Have a look at this:
https://panopticlick.eff.org
Your web browser is likely to have a fingerprint making it unique across websites.
Sign up to one site with your name, then that can be easily correlated to you. IP addresses (can) change all the time, so the attacker would also need to have a way to find out who had which address at the time of the post. Plus, I would expect any HN user to be smart enough to use a proxy for alt accounts. As ogdan mentioned, if you're posting something you need to be that concerned about, you just should be using TOR.