I finished an updated version of the rating page: The IP logging has been completely taken out, instead we agreed on a time limit in which rating for a new album is possible, which is 60 minutes for now. This is as far as I know the solution closest to the original idea of the album stream, where votes should be cast immediatly following the impression of hearing the album. There's also a page for creating new albums (in a protected directory), which will add a creation timestamp in the database, to which any rating for that album is compared.
While I was at it, I also changed the Apache Log format to not log client IPs, so if, for example, a sexy capitalist spy would try to seduce me and extract the IP adresses of our faithful listeners I leave my door open every night for that, just in case
it would be futile.>>43423
>Why not store a cryptographic hash of the IP to avoid storing the IP
Two reasons: The database (where the IP would have been stored) is only accessible from localhost, so any privacy discussion about IPs implies that the system has already been compromised. If it has been compromised, any key used for crypto is also compromised, so it would not really fix the problem. That is at least my non-security-expert-understanding of the situation. Also: I'd have to implement it, and implementing stuff is time-consuming, so I prefer to implement new or better functionality and try to keep the overhead as low as possible.
In case you meant a normal hash function instead of certificate-based encryption: In case of IP adresses, those can be forced because the possible inputs are few (at least few for computers). Also any salts used to obscure the inputs would also be compromised if the host system is compromised. Again, this is only my small brain-understanding of these topics. Since I'm obviously no expert on security issues, I'd like to avoid that topic altogether and not store sensitive data, so no one will have to worry about me screwing up the protection measures.