[deedubaya]

What should be the default?

[stouset]

AES-128-GCM (or ChaCha20-Poly1305 if you're feeling particularly hipster) with a new, random IV every time data is encrypted.

[technion]

It only addresses half the problem, but Ruby's own man page has a bolded warning:

http://ruby-doc.org/stdlib-2.4.0/libdoc/openssl/rdoc/OpenSSL...

    Always create a secure random IV for every encryption of your Cipher