When random isn't so random
A very humorous report came into customer service today, though I can imagine it wasn't nearly so funny for the user who reported it.
They had received an email from LinkedIn which included a URL intended just for them. The URL includes a 8-character key which is randomly generated. Here it is:
https://www.linkedin.com/e/isd/NN/F3cunt7G/
What are the odds of this? Turns out it's about 1 in 2 million for a given 4-letter word like this. And if you assume there a few dozen possible words and you ignore case, the odds can fall all the way to like 1 in 100,000. (thanks to Leo for the math!)
So be careful when you're randomly generating strings. With over 2.9 million people in LinkedIn, we just might have done this more than once.
Guess it's time to write the bad-word-filter :)
(note: I replaced a valid number with NN to prevent the link from working. But I didn't change the random key)
They had received an email from LinkedIn which included a URL intended just for them. The URL includes a 8-character key which is randomly generated. Here it is:
https://www.linkedin.com/e/isd/NN/F3cunt7G/
What are the odds of this? Turns out it's about 1 in 2 million for a given 4-letter word like this. And if you assume there a few dozen possible words and you ignore case, the odds can fall all the way to like 1 in 100,000. (thanks to Leo for the math!)
So be careful when you're randomly generating strings. With over 2.9 million people in LinkedIn, we just might have done this more than once.
Guess it's time to write the bad-word-filter :)
(note: I replaced a valid number with NN to prevent the link from working. But I didn't change the random key)
posted by jelman at 11:22 PM
0 Comments:
Post a Comment
<< Home