The Disadvantage of SEO ranking...
I could not recall how many hexadecimal digits were in a GUID to I did what every other geek would do. I asked Google. Top of the search results was this page.
While the answer I was looking for (32 if you strip out the '-' characters) was technically correct... Most of what is postulated on that page is utter bullshit of Trumpian proportions.
LESSON: If you're going to pay for high SEO ranking, be sure your site is not laughable in all other respects.
While the algorithm that generates a new GUID value 'guarantees' the value to be unique, it does not guarantee the value can not be guessed. The probability of guessing a GUID is dependent on the implementation. In some systems, the range of values generated on any particular day varies by only a few thousand while in others it "may" vary by trillions of trillions. The point of a GUID was a fast way of generating a unique value that was "Unlikely" to conflict with another value without resorting to a lookup of all other values generated so far ( a computationally expensive operation ) to make sure it is in fact unique. This makes them great for relational databases because you only have to look up all the other values once, when you do the insert. They should NEVER be used for security.
using one in a URL IS NOT SECURE! While the message of an HTTPS web request is encrypted, the request URL will be stored in browser cache, server logs, and cache servers as plain text. So the idea that URLs with GUID values embedded in them is secure is ludicrous. A hacker would not need to "Guess" the GUID, they only need to look them up on an unsecure storage device and strip out the GUID values from the URLs.
LESSON: If the sales pitch sounds like Donald Trump insisting that only he knows best and everyone else is lying... walk away.
While the answer I was looking for (32 if you strip out the '-' characters) was technically correct... Most of what is postulated on that page is utter bullshit of Trumpian proportions.
LESSON: If you're going to pay for high SEO ranking, be sure your site is not laughable in all other respects.
While the algorithm that generates a new GUID value 'guarantees' the value to be unique, it does not guarantee the value can not be guessed. The probability of guessing a GUID is dependent on the implementation. In some systems, the range of values generated on any particular day varies by only a few thousand while in others it "may" vary by trillions of trillions. The point of a GUID was a fast way of generating a unique value that was "Unlikely" to conflict with another value without resorting to a lookup of all other values generated so far ( a computationally expensive operation ) to make sure it is in fact unique. This makes them great for relational databases because you only have to look up all the other values once, when you do the insert. They should NEVER be used for security.
using one in a URL IS NOT SECURE! While the message of an HTTPS web request is encrypted, the request URL will be stored in browser cache, server logs, and cache servers as plain text. So the idea that URLs with GUID values embedded in them is secure is ludicrous. A hacker would not need to "Guess" the GUID, they only need to look them up on an unsecure storage device and strip out the GUID values from the URLs.
LESSON: If the sales pitch sounds like Donald Trump insisting that only he knows best and everyone else is lying... walk away.
Comments
Post a Comment
Your opinion matters to me. Just don't expect me to moderate it immediately cuz I've better things to do.