Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am managing a web application that uses Rackspace Cloud Hosting to store user images and files. Currently, when serving user pages, the real links to the files in the cloud are used. Potentially a user could view other users’ files by guessing the file names. The file names are obfuscated containing about 30 alphanumeric digits, bit still this does not feel good.
Is my concern valid, and if it is how can I best solve this?
I think it depends on the sensitivity of the information in the files.
To bruteforce a 30 character alphanum filename, assuming 36 values per char (only lowercase letter plus 0-9), possible combinations are 36 ** 30:
48,873,677,980,689,257,489,322,752,273,774,603,865,660,850,176
4.887368e+46 in scientific notation
Assuming someone really really wants to steal your files and they have a botnet with 200 computers just checking the http response codes for each file at say 1,000 filenames a second per bot .. to get say one tenth of the file names would take:
(((36**30) / 10) / (1000*200) / 60 / 60 / 24 / 365) = 774,887,081,124,576,000,274,650,435,593,838 years
(roughly)
Unless your attacker is a really determined and well equipped government or something, or really really really … lucky. I’d say don’t worry about it.
Number of possible combinations in scientific notation:
I know in your case you might have say 100,000 file names that you wouldn’t want people to guess, whereas with the encryption there’s only one answer, .. so even if you take 5 off of the exponent, you’re still up there above 128 bit encryption.
If you’re still worried:
You could use ‘/’ in the file names so that when they’re downloaded they still have a nice name. eg. /whgwg/4y345yh3hy/543hgwhb/nice_name.jpg
so if you download it, it gets saved as nice_name.jpg and not some garbled horrible thing.
Also watch out for the CDN cache. If you use the public cloud files, they’ll get pushed out to the CDN nodes and cached there. So suppose Mary uploads some country secrets by accident, they get pushed out the the CDN nodes, she deletes her upload, it’ll still be available on the CDN for whatever your cache time for the folder is set to. You can use the CDN api to wipe it, but I wouldn’t rely on that.
Finally .. make sure your numbers aren’t guessable, like not incrementing .. should be totally random.