@staatsgeheim @canadianbryan No, they weren't. rand() is for REPRODUCIBLE, DETERMINISTIC prng use. Anything using it for entropy is broken.
@staatsgeheim @dakami @canadianbryan "Secure by default" is a false narrative to get ppl to agree with you.
-
-
@RichFelker@staatsgeheim@canadianbryan Think numbers. N bugs are exploitable with old rand(). M bugs are exploitable with new rand(). N>M -
@dakami@staatsgeheim@canadianbryan The programs affected by your "new rand" don't have bugs. The implementation has bugs. -
Tweet unavailable
-
@staatsgeheim@dakami@canadianbryan Lots of gimp plugins/scripts that need reproducibility.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.