Agreed considering I know someone who web scraped a entire dataset because they ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

cdevs on June 7, 2016 | parent | context | favorite | on: Obscurity Is a Valid Security Layer

Agreed considering I know someone who web scraped a entire dataset because they were selling 2500 sources for $15,000 a year and the API request were sequential ids 0-2500....so just curl 2500 request and call it a day because you didn't hash your ids

majewsky on June 8, 2016 [–]

By the way, hashing IDs would be a perfect example of security by obscurity if the hash was not salted. You just have to notice that you were given sha256("1234") instead of "1234".

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact