> Behind a long unique uuid looking url which provides some measure of security ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ahtihn 7 months ago \| parent \| context \| favorite \| on: Finding thousands of exposed Ollama instances usin... > Behind a long unique uuid looking url which provides some measure of security by obscurity That's not security by obscurity. If the "uuid looking" part is generated using a csprng and has enough entropy, it has the same security properties as any other secret. There's other issues with having the secret in the URL.

oceanplexian 7 months ago [–]

Not when the user leaks their DNS query it doesn't. Those endpoints must be one of the dumbest "vibe security" ideas I've literally ever heard of.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact