On May 26, 2011, at 10:32 PM, Jens Alfke wrote: > > On May 26, 2011, at 7:15 PM, Kevin Bracey wrote: > >> srandom(time(NULL)); > > It’s never a good idea to seed a RNG with something guessable like this. (An > old exploit against the Netscape browser’s SSL implementation was made > possible in part by doing exactly that.) > > All you have to do is call srandomdev() once; that will seed the generator > used by random() with some extremely random (“high-entropy”) data read from > /dev/random, which is generated by the kernel through all kinds of black > magic.
It lacks 'good' confusion. http://en.wikipedia.org/wiki/Confusion_and_diffusion Sort of like the OP's seed multiply, which just led to 'bad' confusion. _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
