[wp-hackers] Encrypting comment_author_IP, comment_author_email and user_email

Chris Jean gaarai at gaarai.com
Fri Oct 23 20:40:45 UTC 2009


If you encrypt it in a way that can be reversed out, then the person who
gets ahold of the data can still reconstruct it.

Even if a certain one-way hashes are used, which more or less destroys
any value of having it in the first place, rainbow tables can be used to
reconstruct the data quickly and simply.

It is impossible to guarantee anything, especially security. So, it
sounds like the problem is your promise, not the technology.

Technically, if the data was stolen, it was neither published nor
shared, so you haven't violated your promise.

If this is truly a big concern for you, simply filter the email address
into a dummy address before it gets stored so even you don't have access
to it.

Chris Jean
http://gaarai.com/
@chrisjean



William Canino wrote:
> True but I can restore the site from backups. But once the emails are
> harvested, I cannot do anything about it.
>
> My blog's theme says, "Your email is <i>never</i> published or
> shared". This is why I want to do one step further.
>
> Can the plugin basically hook pre_comment_author_email (encrypt it)
> and hook get_comment_author_email, author_email and comment_email
> (decrypt it if conditions are met)?
>
> and the same with pre_comment_user_ip and get_comment_author_IP?
>
> For user_email, it seems I have to override get_userdatabylogin() to decrypt it.
>
> Matt mentioned get_avatar(). What else should I watch out for?
>
> W


More information about the wp-hackers mailing list