I believe the concern is if your primary key in the database is a serial number it might be exposed to users unless you do extra work to hide that ID from any external APIs and if there are any flaws in your authorization checks it can allow enumeration attacks exposing private or semi-private info. With UUIDs being virtually unguessable that makes it less of a concern.

uuid7 is still guessable though, as the article says. The assumption is that these are internal only PKs.

There is a big difference though. Serial keys allow attackers to guess the rate at which data is being added.

UUID7 allows anyone to know the time of creation, but not how many records have been created (approximately) in a particular time frame. It leaks data about the record itself, but not about other records.

Far, far less than sequential Ids, and the random part is some pretty big values numerically... I mean there's billions of possible values for every MS on the generating server... you aren't going to practically "guess" at them.

Guessable with 80 bits of entropy?

I feel like there are probably cinematic film-making tricks you can use to imply a very dark scene without serving #111 pixels all over the screen.

Because HN is not really a forum geared towards sarcastic quips unless they are extraordinarily funny.

Farmland is approximately 2/3 of the country. Most is being used for animal feed and then the animals are exported. I think we’ll make due.

Those vehicles typically have many more axles and double-wide wheels to distribute the load.

It doesn’t help that much. Each tire of a fully loaded 18 wheeler carries 4.4x the weight of a typical car tire. 4.4 ^ 4 = 378x the damage per tire but there are also 4.5x the tires so your at 1,700x the damage.

That’s an oversimplification, but it doesn’t really matter if it’s 99.9% or 95% of the damage ware is still absolutely dominated by heavy vehicles.

And how many more SUVs go through that road? If there's a few hundred SUVs for every 18 wheeler, it's no longer negligible: it's 10 or 30% of the damage.

And it could be a lot more negligible, if that mostly drive alone, drove a car with half the weight.

Most SUV’s aren’t that heavy.

I used 4,000lb for the car, a 2024 Chevrolet Suburban which is huge only clocks in at a 5,824 lbs. Load another 1,000lb for passengers etc and (6,824/4000) ^ 4 = 8.5x a car or 0.5% what I calculated for a full 18 wheeler.

Sure there’s more cars than 18 wheelers but 7,000lb is a rather extreme outlier in terms of SUV weight.

Well, my 7 seater has a kerb weight of 2780 lbs (and it's a hybrid, the petrol is lighter); fully loaded it's under 4400 lbs.

And it's probably heavier than most cars around here, because most cars are not 7 seaters, but 4/5 seat hatches.

US SUVs and pickup trucks wouldn't fit most parking lots around here (to tall, to wide to even get in), but somehow the problem is never the size/weight of cars people got used to drive.

That statement is only true in aggregate. If you you're taxing individual vehicle owners SUVs will still get taxed way less than trucks.

You sort of get that if you're consistent in working on a separate branch, rebasing, and keeping the merge commit when you finally merge.

But you can also get it with much less discipline if just go wild merging and doing whatever. And then resolve your master PRs using squash.

It is proprietary, but it's not like it's difficult to decode or interpret.

Around 250GB, several terabytes once uncompressed I assume.

Thanks for posting. The rest of the blog is also short and sweet, I’m struggling a bit with self worth and self criticism so I found it very touching and relatable.

It’s kind of interesting how I’ve come to expect blog posts to be much longer since microblogging pretty much exists exclusively on social media.

How long before some court declares such practice equal to evidence tampering or obstruction?

Between now and if that happens. Works today though!

IANAL. But I believe it's not that easy. First it would have to be a foregone conclusion that you had contraband on your phone before merely locking it could be construed as obstruction. Then they'd have to demonstrate that you locked the phone at a time when you had reason to believe that you might be coerced to unlock it because it was a foregone conclusion that you had contraband. Are those likely circumstances? Probably not, though it will happen to someone, sometime, but when it does it will be because they did something stupid or because the cops overstepped their authority (in the latter case the process is the punishment, and it wouldn't be the cops getting punished).

iPhone periodically disables biometrics until you enter your passcode. They aren’t going to be able to prove that the reason the phone is asking now isn’t that.

That's probably why it's also triggered by shutting down/rebooting the iphone, which has plausible deniability.