On Tue, 23 Feb 2016 06:22 am, Paul Rubin wrote:
> Chris Angelico <[email protected]> writes:
>>> I was under the impression that the point of UUIDs is that you can be
>>> *so* confident that there won't be a collision that for all practical
>>> purposes it's indistinguishable from being certain.
>> Maybe, if everyone's cooperating. I'm not sure how they fare in the
>> face of malice though.
>
> There are different UUID algorithms, some of which have useful syntax
> but are easy to spoof. Uuid4 is random and implemented properly, should
> be hard to spoof.
I'm not sure what you mean by "spoof" in this context. Do you mean generate
collisions?
Do you mean "pretend to generate a UUID, but without actually doing so"?
That's how I interpret "spoof", but I don't quite understand why that would
be difficult. Here's one I just made now:
{00010203-0405-0607-0809-0a0b0c0d0e0f}
And another:
{836313e2-3b8a-53f2-9b90-0c9ade199e5d}
They weren't hard to spoof :-)
--
Steven
--
https://mail.python.org/mailman/listinfo/python-list
