How secure are URLs with random strings appended to a stem (generated as hashes of content?) and kept secret, but otherwise not secured? Is it like low probability hash collisions? Could a crawler brute-force sensitive content at a useful rate to be worth it to an attacker?
Conversation
Replying to
You might've noticed Google has somewhat embraced them (via "anyone with this link"). As long as full URLs are not visible when screen sharing, and the site is loaded over HTTPS, it can be secure. research.google/pubs/pub41892/
1
1
6
Oh also, of course the resource identifier needs to be cryptographically long. Roam's block tags are not, their cloudflare image links might be (need to be https too!).
1
2
To get a sense of what Roam-with-Macaroons could feel like, check out Workflowy: You can create sharable links for individual permissions PER BLOCK. It's awesome.
1
2
This Tweet was deleted by the Tweet author. Learn more
I mean there’s a niche place for a minimalist tool like WorkFlowy but ultimately the future tends to belong to the most ambitious and generative take on an idea capable of open-ended evolution.
1
1
Show replies

