Visual Security: 9-block IP Identification


I’ve just added preliminary 9-block IP identification feature to Daily, my blog server to enhance commenter identity beyond name and website. Basically, what I am doing is using a privacy protecting derivative of each commenter’s IP address to build a 9-block image and displaying it next the commenter’s name. To see this in action, you’ll have to drill into the post view to see the comments.

The derivative is currently first four bytes of SHA1(IP + salt). Since dynamic IPs change, you’ll see 9-blocks change over time for a particular user. But it doesn’t seem to change often enough to affect IP identification within typical comment activity clusters. I could reduce this problem by changing the derivative to SHA1(CIDR(IP) + salt) but CIDR blocks could get pretty big. I am looking into ways (i.e. identify router-level blocks) to solve this problem.

Anyway, you can see your 9-block by commenting to this or other posts. I’ll add a couple of test comments to start with.


Anything new needs a good name so one can refer to it easily. My first choice was identicon but I’ve decided to go with identiglyph or idglyph because identicon was used elsewhere. I am back to being undecided. Identicon is just too perfect. I hate being wishywashy.

Update 2:

Source has been released.

Update 3:

The number of comments to this post is getting rather unusually large which interferes with user experience. How about giving my other posts, like Identicon Explained, Application Ideas for Identicons, Identicon-based Anti-Phishing Protection, Canvas-based Identicon, or Third Party Identicons some of your identicon love? 🙂