Skip to main content

Stop leaking information by obscuring sequential ID numbers

Project description

[![build status](]( ![version]( ![license]( ![coverage]( ![downloads](

# Obscure

Showing a steadly increasing sequence of integer IDs leaks information to customers, competitors, or malicious entities about the number and frequency of customers, inventory, or orders. Some example include:

/customer/123 /order/308

From these, I would conclude that I am only your 123rd customer with the 308th order. How a customer or competitor would feel about this would differ. However, the point is do I really want others to know this information? In addition, by creating another account or order, I can estimate the rate of change within your systems.

This class will help obscure your sequential order by providing a reverseable transformation to your numbers. By using different salts your transformations will be unique. In addition, the class gives some output helpers for hex, base32, and base64. There is one I call ‘tame’ as it removes the letters i and u to elimination some common offensive words.

# Install

By far the simplest method is to use pip:

`console $ pip install obscure `

# Example

`python >>> from obscure import Obscure >>> customer_id = 123 >>> num = Obscure(0x1234) >>> num.transform(customer_id) 249699227 >>> num.transform(249699227) 123 >>> num.encode_hex(customer_id) '0ee21b9b' >>> num.encode_base32(customer_id) 'B3RBXGY' >>> num.decode_base32(num.encode_base32(customer_id)) 123 >>> num.encode_base64(customer_id) 'DuIbmw' >>> num.encode_tame(customer_id) 'JB4XFK5' >>> num.decode_tame(num.encode_tame(customer_id)) 123 `

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for obscure, version 1.0.1
Filename, size & hash File type Python version Upload date
obscure-1.0.1-py3-none-any.whl (5.9 kB) View hashes Wheel 3.5
obscure-1.0.1.tar.gz (4.6 kB) View hashes Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page