Lena@gregtech.eu to Programmer Humor@programming.devEnglish · 15 days agoI wonder if this was made by AI or a shit programmerimagemessage-square177linkfedilinkarrow-up1896arrow-down19
arrow-up1887arrow-down1imageI wonder if this was made by AI or a shit programmerLena@gregtech.eu to Programmer Humor@programming.devEnglish · 15 days agomessage-square177linkfedilink
minus-squareGrendel84?@tiny.tilde.websitelinkfedilinkarrow-up7·15 days ago@01189998819991197253 @ConstantPain Security isn’t binary, it’s a spectrum. You apply the level of security that is appropriate for each situation. Of course it’s *possible* to brute force it, but by the same logic you could brute force jwt tokens, or api keys, or even ssl certs. It’s literally *impossible* to apply “max security” to everything, so you have to prioritize. What happened was unconscionable, but insisting uuid are mathematically breakable isn’t helpful, and can make it worse.
@01189998819991197253 @ConstantPain
Security isn’t binary, it’s a spectrum. You apply the level of security that is appropriate for each situation.
Of course it’s *possible* to brute force it, but by the same logic you could brute force jwt tokens, or api keys, or even ssl certs.
It’s literally *impossible* to apply “max security” to everything, so you have to prioritize.
What happened was unconscionable, but insisting uuid are mathematically breakable isn’t helpful, and can make it worse.