this post was submitted on 26 Jul 2025
884 points (99.0% liked)

Programmer Humor

25425 readers
1053 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
Feyter@programming.dev
anzo@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
884
I wonder if this was made by AI or a shit programmer (gregtech.eu)
submitted 1 week ago by lena@gregtech.eu to c/programmer_humor@programming.dev
178 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] 01189998819991197253@infosec.pub -5 points 1 week ago (15 children)

It taking a long time doesn't make it an impossibility. The fact that it has a limit of 122 bits, in and of itself, makes the possibility of a bruteforce a mathematical guarantee.

[–] ConstantPain@lemmy.world 9 points 1 week ago (9 children)

For all practical purposes, it's impossible.

[–] 01189998819991197253@infosec.pub -5 points 1 week ago (8 children)

It's not, though. And thinking that it is impossible is why DES, for example, was "translatable" by the NSA for decades. Never assume something is impossible just because it's difficult.

[–] grendel84@tiny.tilde.website 7 points 1 week ago

@01189998819991197253 @ConstantPain

Security isn't binary, it's a spectrum. You apply the level of security that is appropriate for each situation.

Of course it's *possible* to brute force it, but by the same logic you could brute force jwt tokens, or api keys, or even ssl certs.

It's literally *impossible* to apply "max security" to everything, so you have to prioritize.

What happened was unconscionable, but insisting uuid are mathematically breakable isn't helpful, and can make it worse.

load more comments (7 replies)
load more comments (7 replies)
load more comments (12 replies)