[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Lynx-dev] predictable PRNG used
From: |
Thorsten Glaser |
Subject: |
Re: [Lynx-dev] predictable PRNG used |
Date: |
Sun, 5 Jul 2009 13:08:38 +0000 (UTC) |
Michael S. Gilbert dixit:
>it has been discovered that all of the major web browsers use a
>predictable pseudo-random number generator (PRNG). please see
>reference [0]. lynx is fairly basic, so it may not be affected, but it
>would be useful to check nontheless. thanks.
If arc4random(3) is available¹, lynx uses it. I sent in a patch
for that years ago. Otherwise, there is no good self-seeding SRNG
available in the standards, so it will use lrand48(3) instead²,
with a fallback to rand(3) like everyone else.
So, basically, lynx uses a good SRNG or PRNG if available from
the OS, and it’s not lynx’ fault if there is none. (After all,
lynx runs on DOS and VMS, too.)
① http://www.mirbsd.org/man3/arc4random
② http://www.mirbsd.org/man3/lrand48
//mirabilos
--
“It is inappropriate to require that a time represented as
seconds since the Epoch precisely represent the number of
seconds between the referenced time and the Epoch.”
-- IEEE Std 1003.1b-1993 (POSIX) Section B.2.2.2
- [Lynx-dev] predictable PRNG used, Michael S. Gilbert, 2009/07/05
- Re: [Lynx-dev] predictable PRNG used, Thomas Dickey, 2009/07/05
- Re: [Lynx-dev] predictable PRNG used,
Thorsten Glaser <=
- Re: [Lynx-dev] predictable PRNG used, Michael S. Gilbert, 2009/07/05
- Re: [Lynx-dev] predictable PRNG used, Thomas Dickey, 2009/07/05
- Re: [Lynx-dev] predictable PRNG used, Thorsten Glaser, 2009/07/05
- Re: [Lynx-dev] predictable PRNG used, Michael S. Gilbert, 2009/07/05
- Re: [Lynx-dev] predictable PRNG used, Thorsten Glaser, 2009/07/05
- Re: [Lynx-dev] predictable PRNG used, Thomas Dickey, 2009/07/05
- Re: [Lynx-dev] predictable PRNG used, David Woolley, 2009/07/05
- Re: [Lynx-dev] predictable PRNG used, Atsuhito Kohda, 2009/07/08
- Re: [Lynx-dev] predictable PRNG used, Thomas Dickey, 2009/07/08
- Re: [Lynx-dev] predictable PRNG used, Atsuhito Kohda, 2009/07/08