Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
robertlagrant
3 days ago
|
parent
|
context
|
favorite
| on:
Avoid UUID Version 4 Primary Keys in Postgres
Depends on the data. If you use a primary key in data about a person that shouldn't include their age (e.g. to remove age-based discrimination) then you are leaking an imperfect proxy to their age.
lwhi
3 days ago
[–]
So the UUID could be used as an imperfect indicator of a records created time?
reply
benterix
3 days ago
|
parent
[–]
UUIDv7 but not UUIDv4.
reply
lwhi
3 days ago
|
root
|
parent
[–]
I suppose timing attacks become an issue too.
reply
wongarsu
3 days ago
|
root
|
parent
[–]
UUIDv7 still have a lot of random bits. Most attacks around creating lots of ids are foiled by that
reply
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
