There are a lot of tools out there that generate vanity hidden service addresses. Facebook merely used something like Shallot [1], or they purchased the hidden service address off of one of the domain brokers that are hosted as a hidden service. Generating an address does not mean cracking an address.
[1] https://github.com/katmagic/Shallot On Fri, Oct 31, 2014 at 8:23 AM, Mike Cardwell <t...@lists.grepular.com> wrote: > > https://www.facebook.com/notes/protect-the-graph/making-connections-to-facebook-more-secure/1526085754298237 > > So Facebook have managed to brute force a hidden service key for: > > http://facebookcorewwwi.onion/ > > If they have the resources to do that, what's to stop them brute > forcing a key for any other existing hidden service? > > -- > Mike Cardwell https://grepular.com https://emailprivacytester.com > OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F > XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
