There have been a couple of quick updates I posted on the linked page. First, SDF does accept Bitcoin for validation.
Second, SMJ is personally upping the prize to $100. See the link for details.
I am very happy with the result of this stunt. So far this page has gotten over 100,000 which works nicely towards the goal of driving more users towards Tor and SDF.
To give some context, I did this as a publicity stunt for SDF and the Tor project. I have no affiliation with either of these, other than being a grateful user. SDF especially can always use more money and users. As opposed to pastebin, SDF lets you have an email account, message other SDF users, use IRC, etc.
As for the $10 reward, yes it is small, but the point is to see whether people can breach any of security, not to offer lots of cash (which I don't have anyway).
Just in case someone finds $10 too little, I will add 1 bitcoin to the pot for anyone who finds the identity.
Of course the details are a bit tricky. I will accept voidnull's judgement as to whether the reward is due (which begs the question of which identity is voidnull in a philosophically interesting way). Also voidnull could claim this reward, but then I would have unmasked her by simply buying her off (a perfectly valid offensive security technique).
No, because it's a new account only associated with this thing. Granted, access logs on HN could be used to crack the problem, but getting to those is non-trivial.
I'm not sure about that. I mean, he can register with HN with just about any anonymous e-mail address, no money needs to change hands so as far as I can tell it's perfectly anonymous.
Of course we have no way of telling that the voidnull website is by the same person as the voidnull HN account used to start this thread.
Thats one problem with being anonymous, anyone can impersonate you, I can't think of any way to have a 'verified' account which is also anonymous.
a challenge based on public key crypto, user has a known public key and can sign a specified message with his private key to prove he owns that public key while remaining anonymous.
This also allows for password recovery in the opposite direction, site can publish passwords signed with users public keys and then users can decrypt their own using their private keys.
There have been a couple of quick updates I posted on the linked page. First, SDF does accept Bitcoin for validation.
Second, SMJ is personally upping the prize to $100. See the link for details.
I am very happy with the result of this stunt. So far this page has gotten over 100,000 which works nicely towards the goal of driving more users towards Tor and SDF.