this post was submitted on 26 May 2025
560 points (96.2% liked)

Cybersecurity - Memes

2916 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 2 years ago
MODERATORS
Sam1232188@lemmy.world
neurohost@lemmy.world
Sam1232188@lemmy.fmhy.ml
Alphadef@programming.dev
CannaVet@lemmy.world
560
Uh oh, somebody's not following best practices, that's a paddlin (infosec.pub)
submitted 1 month ago by cm0002@lemmy.world to c/cybersecuritymemes@lemmy.world
103 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] tiramichu@lemm.ee 2 points 1 month ago* (last edited 1 month ago)

Right, so the hashing and comparison of hashes also can happen in the back end, and the API response can just be true/false whether it's a match or not. That way the hashes and the hashing algorithm could all stay private.

The comparison API would of course also need its own rate limits and backoff etc to ensure it cannot be used to bruteforce attempts until you get a 'true' back.

All in all it's a terrible idea though and nobody should actually do this.