Hi, I'm developing a small multiplayer card game on OpenBSD (but also try to keep it at least compilable on Linux).
After 32 cards have been shuffled, each of 3 players gets 10 cards. At the moment I use the sum of time()s when any data has been received from a player as the seed value: typedef struct client_s { ..... time_t last; } client; ..... srandom((cp->last + prev->last + next->last) % UINT_MAX); I'm worried though, that someone will look at my source code and since those 3 time()s are probably contained in the last 10 minutes, then there aren't actually that many variants. So an attacker will prepare a list of possible variants, filter them by looking at the 10 cards at his own hand and then with each played trick will have a better idea, what cards do the other players have in their hands. Where could I get a better seed? Should I use the initstate() and srandomdev() routines and how to use them (in which order)? Regards Alex PS: Also I'm worried, if my naive code above overflows and maybe in few years it'll be equal to srandom(UINT_MAX % UINT_MAX); or similar...