> Behind a long unique uuid looking url which provides some measure of security ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ahtihn 27 days ago \| parent \| context \| favorite \| on: Finding thousands of exposed Ollama instances usin... > Behind a long unique uuid looking url which provides some measure of security by obscurity That's not security by obscurity. If the "uuid looking" part is generated using a csprng and has enough entropy, it has the same security properties as any other secret. There's other issues with having the secret in the URL.

oceanplexian 26 days ago [–]

Not when the user leaks their DNS query it doesn't. Those endpoints must be one of the dumbest "vibe security" ideas I've literally ever heard of.

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact