It’s not security through obscurity in this case. The filenames can’t be obtained or guessed through brute force. At least not with current technology or processing power…
Security through obscurity is when you hide implementation details.
Saying that my suggestion is security through obscurity is the same as telling that ASLR is security through obscurity…
Security through obscurity never works.
It’s not security through obscurity in this case. The filenames can’t be obtained or guessed through brute force. At least not with current technology or processing power…
Security through obscurity is when you hide implementation details.
Saying that my suggestion is security through obscurity is the same as telling that ASLR is security through obscurity…
Until the psuedo random UUID generator can be reverse engineered. Makes me think of this video: https://youtu.be/o5IySpAkThg
Anyway, I think we’re on the same wavelength and both agree that the implementation as is isn’t production-ready to say the least ;)