Message 267656 - Python tracker (original) (raw)
Message267656
| Author | dstufft |
|---|---|
| Recipients | Colm Buckley, Lukasa, alex, doko, dstufft, larry, lemburg, martin.panter, matejcik, ned.deily, python-dev, rhettinger, skrah, thomas-petazzoni, vstinner, ztane |
| Date | 2016-06-07.12:40:32 |
| SpamBayes Score | -1.0 |
| Marked as misclassified | Yes |
| Message-id | 1465303232.29.0.991986972079.issue26839@psf.upfronthosting.co.za |
| In-reply-to |
| Content |
|---|
| (Basically) nobody should ever use /dev/random (and cryptographers agree!). The thing you want to use is /dev/urandom and the fact that /dev/urandom on Linux doesn't block before the pool is initalized has long been considered by cryptographers to be a fairly large flaw. The ``getrandom()`` calls were added explicitly to allow programs to get the correct behavior out of the system random. For more information see http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/ or http://www.2uo.de/myths-about-urandom/. The /dev/urandom man page is wrong, and it's wrong for political reasons and because Ted T'so has bad opinions. |
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2016-06-07 12:40:32 | dstufft | set | recipients: + dstufft, lemburg, rhettinger, doko, vstinner, larry, matejcik, ned.deily, alex, skrah, python-dev, martin.panter, ztane, Lukasa, thomas-petazzoni, Colm Buckley |
| 2016-06-07 12:40:32 | dstufft | set | messageid: 1465303232.29.0.991986972079.issue26839@psf.upfronthosting.co.za |
| 2016-06-07 12:40:32 | dstufft | link | issue26839 messages |
| 2016-06-07 12:40:32 | dstufft | create |