For instance, take the IP address of "215.54.387.9"...if I simply use "215.54.387" and leave out the last "9" is that enough so that the IP address cannot be traced back to the user? My understanding is that a government entity, etc needs to match the HTTP referer in combination w/ the full IP address to track down the user's information, or am I wrong? Also, how would I deal with IPV6 addresses?
<i>"I simply use '215.54.387' and leave out the last '9' is that enough so that the IP address cannot be traced back to the user?"</i><p>A single company could easily own all 256 IP addresses in 215.54.87.*. (Larger companies can own even larger blocks of IP addresses.) So just dropping the last number doesn't offer much anonymity. For example, once somebody traced the address down to XYZ Company, that company might be able to give them a log of all outgoing traffic tied to specific employees' machines. Even an ISP might be able to link a partial IP address to a specific user if they can search their logs for a specific date/time/destination.<p>(Note: '387' could never be a component of an IPv4 address, since each component is 8 bits, or 0-255.)
a) please do not delete & repost, it's against HNs rules<p>b) You can't maintain a 1:1 mapping and anonymity, if I know your algorithm it's trivial to try all IP addresses and get a mapping to do a reverse look up. You need to throw away data to make it ambiguous, e.g. in probabilistic data structures like bloom filters.<p>I don't know what a snooper would want with the HTTP referrer information.
You can use HMAC:<p><a href="https://en.wikipedia.org/wiki/Hash-based_message_authentication_code" rel="nofollow">https://en.wikipedia.org/wiki/Hash-based_message_authenticat...</a>