Hacker News new | ask | show | jobs
by charleslmunger 832 days ago
I'm not sure your math checks out. With 1024 bits of entropy and, say, 1 trillion valid links, your chances of any one link being valid are 1/2^984

So test a million links - your probability of finding a real one is (1-1/2^984)^1000000. That's around 1/10^291 chance of hitting a valid URL with a million tries. Even if you avoid ever checking the same URL twice it will still take you an impractical amount of time.
1 comments
mbrumlow 832 days ago
All this is fine and dandy until your link shows up in a log at /logs.
link
ummonk 832 days ago
The same can almost as easily happen with user-submitted passwords.
link
1231232131231 831 days ago
Passwords usually don't show up in server logs if submitted correctly.
link
mbrumlow 828 days ago
Love your qualifier. “If submitted correctly”.
link