Lena@gregtech.eu to Programmer Humor@programming.devEnglish · 24 hours agoI wonder if this was made by AI or a shit programmergregtech.euimagemessage-square113fedilinkarrow-up1672arrow-down16
arrow-up1666arrow-down1imageI wonder if this was made by AI or a shit programmergregtech.euLena@gregtech.eu to Programmer Humor@programming.devEnglish · 24 hours agomessage-square113fedilink
minus-squareGrendel84?@tiny.tilde.websitelinkfedilinkarrow-up6·8 hours ago@01189998819991197253 @ConstantPain Security isn’t binary, it’s a spectrum. You apply the level of security that is appropriate for each situation. Of course it’s *possible* to brute force it, but by the same logic you could brute force jwt tokens, or api keys, or even ssl certs. It’s literally *impossible* to apply “max security” to everything, so you have to prioritize. What happened was unconscionable, but insisting uuid are mathematically breakable isn’t helpful, and can make it worse.
@01189998819991197253 @ConstantPain
Security isn’t binary, it’s a spectrum. You apply the level of security that is appropriate for each situation.
Of course it’s *possible* to brute force it, but by the same logic you could brute force jwt tokens, or api keys, or even ssl certs.
It’s literally *impossible* to apply “max security” to everything, so you have to prioritize.
What happened was unconscionable, but insisting uuid are mathematically breakable isn’t helpful, and can make it worse.