A home for my thoughts.

UUIDs Are A Valid Security Tool

UUIDs are a valid tool for solving problems when you have other constraints.

Assume you are working on a website that needs to make documents accessible without authentication but you want to protect the files from being guessed or enumerated by an attacker.

"The number of random version-4 UUIDs which need to be generated in order to have a 50% probability of at least one collision is 2.71 quintillion. This number is equivalent to generating 1 billion UUIDs per second for about 85 years." (Wikipedia - UUID)

Consider that an attacker would be constrained to making calls over the internet for each guess... they would be lucky to get 10,000 request per second which is 0.001% of a billion per second which would push the timeframe of an attack out to more than a few millenia.