#python - Fri 16 Mar 2007 between 12:17 and 12:24

NY Lost Funds



Wild_Catthat is, does it read from /dev/random, or does it just do some WH crap?
HabbieWild_Cat, python's default random.random is unsuitable for security purposes
Wild_Catshame.
Yhg1sWild_Cat: it's Mersenne Twister seeded by /dev/random (or other means, if you so wish.)
Habbieuse /dev/random if you need security
kbrooksum, use os.urandom
Yhg1sHabbie: what makes you think /dev/random is any more secure?
HabbieYhg1s, entropy
Wild_CatYhg1s: depending on your OS, yes.
Yhg1sHabbie: entropy schmentropy! it can still be snooped :)
Habbietrue
Wild_Catin Linux and OSX, it is remarkably so.
Habbiebut it's less predictable
Wild_Cat, freebsd too
CSWookiekbrooks: urandom != random.
Yhg1sif you only need a few bytes of info, /dev/random is fine. if you need more, you end up writing your own PRNG ontop of it anyway, and random's Mersenne Twister is most assuredly more secure than what 99.95% of the advanced programmers can manage.
HabbieYhg1s, true :)
kbrooks"secure"?
twbCSWookie: isn't the difference that when the kernel runs out of entropy, one will make stuff up and the other will block?
JafetIs the universe even random?
pbxkbrooks: Cryptographic-quality.
Habbietwb, depends on your OS :)
kbrookson linux, it does block
CSWookietwb: I believe it buffers somehow, actually. Making stuff up implies more creativity than the kernel has.
TFKylehmm
HabbieCSWookie, on linux /dev/random can block
Yhg1sit was my understanding /dev/urandom falls back to a PRNG.
TFKyleso it's good to use /dev/random as little as possible, so entropy doesn't run out
CSWookieHabbie: You'll have that when you've run out of entropy.
kbrooksrandom.SystemRandom().sample(...)
thats for whatever your OS has
CSWookieYhg1s: Your understanding is likely better than mine.
HabbieYhg1s, urandom does, yes
FossiletWild_Cat: Thank you!
Yhg1s: Thank you! random.sample is what I want. Very elegant!
twbHow do I parse an natural number out of a string like '2006'?
MFentwb: int('2006')
twbThank you.
MFenor float(), perhaps
Yhg1sHabbie: oh, and on FleaBSE, so does /dev/random.

Page: 4 11 18 25 32 39 46 53 60 67 

IrcArchive

NY Lost Funds