top | item 7510987

(no title)

oijaf888 | 12 years ago

Given it's easily parallelizable, assuming the cost of enumeration is significantly lower than other methods and the value of the data is high enough, how does that actually solve anything? All it does is requires someone to rent time on botnets or similar which doesn't seem like it would raise the cost a huge amount at scale.

discuss

jamesbrownuhh|12 years ago

Already a largely solved problem. If you try enumerating email addresses by running through queries at Hotmail or Yahoo, for example, they'll shut the doors on you in a matter of seconds. Think you can just use thousands of IPs instead? Go for it - they trust 'new' and rarely-seen IP addresses even less, and bring up the shutters all the faster. It's not a new problem, and there's lots of best practice to learn from, for anyone who wants to do it right.