|
|
|
|
|
|
by tatersolid
1952 days ago
|
|
|
But you probably care about collisions in that case. The small state of a language-default insecure PRNG will make collisions much more likely. Especially if seeded by a clock. I have seen temp file name collisions cause data corruption in a real system because the default language RNG was used. Also infinite loops in a production system because random() was called in the same clock tick by two separate threads generating a handle value. Both wasted weeks of effort to pin down. random() should default to the system CSPRNG. Provide insecureFastRandom() for those who know they need it and it is safe for their use. |
|
|