|
|
|
|
|
|
by nimbs
4424 days ago
|
|
|
> Using poor sources of entropy like /dev/urandom on Linux, or worse, gettimeofday(), and using them to generate long-lived keys. He missed the point, people complained because he claimed urandom was a poor source of entropy. That post is about using urandom securely, and he even shows that he doesn't know the difference between random and urandom. |
|
|
He was complaining about a particular usage he was seeing in the wild, not random and urandom, as he explicitly says a few times.