Comment

Comment on A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account

Casually rotating 18,446,744,073,709,551,616 IP addresses to bypass rate limits.

I am not in IT security, but find it fascinating what clever tricks people use to break (into) stuff.

In a better world, we might use this energy for advancing humanity instead of looking how we can hurt each other. (Not saying the author is doing that, just lamenting that ITS is necessary due to hostile actors in this world. )

source

Sort:hotnew top

dan@upvote.au ⁨10⁩ ⁨months⁩ ago
This doesn’t really work in real life since IPv6 rate limiting is done per /64 block, not per individual IP address. This is because /64 is the smallest subnet allowed by the IPv6 spec, especially if you want to use features like SLAAC and privacy extensions (which most home users would be using)

source
Tinidril@midwest.social ⁨10⁩ ⁨months⁩ ago
Those are IPv6 addresses that work a bit differently than IPv4. Most customers only get assigned a single IPv4 address, and even a lot of big data centers only have one or two blocks of 256 addresses. The smallest allocation of IPv6 for a single residential customer is typically a contiguous block of the 18,446,744,073,709,551,616 addresses mentioned.

If Google’s security team is even marginally competent, they will recognize those contiguous blocks and treat them as they would a single IPv4 address. Every address in that block has the same prefix, and it’s actually easier to track on those prefixes than on the entire address.

source
Kolanaki@pawb.social ⁨10⁩ ⁨months⁩ ago
If you know how to hurt others, you can learn how to prevent that way of hurting others.

source
- TheReturnOfPEB@reddthat.com ⁨10⁩ ⁨months⁩ ago
  is that how guns work ?
  
  source
  - untakenusername@sh.itjust.works ⁨10⁩ ⁨months⁩ ago
    theoretically speaking, if ur a govt, and you get everyone else to stop using guns, and you don’t, then people wont get hurt from guns
    
    source
  - Attacker94@lemmy.world ⁨10⁩ ⁨months⁩ ago
    I would say so, in my opinion the US has an education problem when it comes to fire arms. People are rightfully scared of what they don’t know, but culturally, the people who don’t know that much about them are adamant against learning about them. This coupled with the lack of respect given to them by people who do know how to handle them leads to the position we find ourselves in today.
    
    source