Kibana could replace in the code every UUIDv1 creation by a UUIDv4 creation.
UUIDv1 : Non-random, contain the timestamp plus some mac address
UUIDv4 : Totally random
Describe a specific use case for the feature:
Because they are used in URLs, and because URLs tend to be shared over a large number of third parties, there could be a confidentiality issue related to dashboard/views creation times. (Which are embedded in the UUIDv1 as 100-ns intervals since 1582-10-15)
Especially in threat hunting / incident response. Just in case, you know.
find . | xargs sed -i -e "s/uuid.v1/uuid.v4/g"
UUIDv4 don't have this issue as they are entirely random.
epixa
commented
6 years ago
Describe the feature:
Kibana could replace in the code every UUIDv1 creation by a UUIDv4 creation.
Describe a specific use case for the feature:
Because they are used in URLs, and because URLs tend to be shared over a large number of third parties, there could be a confidentiality issue related to dashboard/views creation times. (Which are embedded in the UUIDv1 as 100-ns intervals since 1582-10-15)
Especially in threat hunting / incident response. Just in case, you know.
find . | xargs sed -i -e "s/uuid.v1/uuid.v4/g"UUIDv4 don't have this issue as they are entirely random.