Hacker News new | ask | show | jobs
by thaumasiotes 2527 days ago
This is actually a pretty common type of report to public bug bounty programs. ("Anyone can see your private data if they can guess the GUID in the URL".)

Barring something extraordinary, it would be acknowledged as intentional behavior and classified wontfix. For most purposes, no, this is not an actual risk.
1 comments
jeffk_teh_haxor 2527 days ago
The Earth will be swallowed by the sun before you guess that GUID.
link
thaumasiotes 2527 days ago
Ah, but if you network a bunch of cloud computing resources to guess in parallel...

Sorry, bad bug bounty memories. ;)

link
jeffk_teh_haxor 2525 days ago
What if, like, you had a quantum computer that could guess every password simultaneously? Checkmate, nerd. Give me my bounty.
link