[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random num
From: |
Eli Zaretskii |
Subject: |
bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems |
Date: |
Thu, 31 Dec 2015 21:20:08 +0200 |
> From: Demetrios Obenour <demetriobenour@gmail.com>
> Cc: David Engster <deng@randomsample.de>, 22202@debbugs.gnu.org
> Date: Thu, 31 Dec 2015 12:04:38 -0500
>
> It would also be nice to expose a CSPRNG to Lisp on all platforms. I
> know that SLIME could use it on Windows, and it would be nice if one
> could have a just-do-it API for this purpose. Speed does not matter
> much here.
Btw, for the record: my speed measurements were wrong: it turned out I
compared an optimized build with an unoptimized one. When compared
correctly, there's no perceptible performance difference between using
CRT's 'rand' and using the Windows Crypto API to generate random
numbers.
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems,
Eli Zaretskii <=