>>
|
2563d4.jpg
Cherry Milk
2563d4
>Ergo even brute-forcing it won't get someone's IP.
To put some numbers to this, I just brute-forced my ID using a couple of cores (with a VM in the way), but nothing fancy like SIMD on the GPU, in a shade under half an hour (58m22.920s CPU time, UNIX nerd fans). For my efforts, I got 243 IPs, 51 of which had DNS entries pointing to them. You can eliminate a further few by eyeballing (it's pretty unlikely I'm posting from a .mil or an .invalid, which knocks out four, although if you try to find a .uk you'll be out of luck), or really go to town with whois info instead of DNS, but by this point isn't it easier to just privmsg me a tinyurl on IRC and rely on good ol' fashioned social engineering and curiosity?
(Incidentally, this is similar to how you can break weak passwords without tripping any kind of "too many wrong tries" protection if you can steal the hashes. Change your Steam passwords, people.)
|