You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
People rely on arc4random being a cryptographically secure source of random numbers.
The implementation in CFMisc.mm is just calling rand() a few times which is pretty terrible.
It should instead use a real cryptographic PRNG algorithm and be seeded from some kind of reliable source of random data. Either implement it properly or at least call an equivalent windows API for some secure random numbers.
The text was updated successfully, but these errors were encountered:
People rely on arc4random being a cryptographically secure source of random numbers.
The implementation in CFMisc.mm is just calling rand() a few times which is pretty terrible.
It should instead use a real cryptographic PRNG algorithm and be seeded from some kind of reliable source of random data. Either implement it properly or at least call an equivalent windows API for some secure random numbers.
The text was updated successfully, but these errors were encountered: