You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
in the getReports method, the code is using the following snippet:
// Add some random packages to avoid trackingRandomrand = newRandom(Thread.currentThread().getId());
intalea = rand.nextInt(120) % 10 + 11;
for(inti = 0 ; i < alea; i++) {
intval = rand.nextInt(handles.size());
packages.add(handles.get(val));
}
This could lead, at some degrees, a rogue server to be able to do educated guess about what applications are installed or not. It would be cool to use SecureRandom instead.
This is a super-minor issue, feel free to close it with an E_DONTCARE :)
The text was updated successfully, but these errors were encountered:
Sure, but I think that some users will install exodus, run it, glance at the results, be horrified, remove some of their applications and then remove exodus because it fulfilled its purpose.
For this usecase, using a better PRNG will slightly improve privacy.
Hello,
in the
getReports
method, the code is using the following snippet:This could lead, at some degrees, a rogue server to be able to do educated guess about what applications are installed or not. It would be cool to use SecureRandom instead.
This is a super-minor issue, feel free to close it with an
E_DONTCARE
:)The text was updated successfully, but these errors were encountered: