[ale] random numbers on different operating systems

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Sep 26 13:50:08 EDT 2007


On Tue 2007-09-25 15:00:17 -0400, David Tomaschik wrote:

> That being said, if there was a KNOWN flaw in the windows RNG
> implementation, I would fault anyone writing security software that
> depends on that.  (I'm not saying there was, but it seems like the
> PuTTY people were aware of SOME problem).

Totally agreed, which is why i said "If there was *later*
discovered..."  Anyone building a security-conscious tool that uses
libraries or resources with known outstanding flaws is just as
responsible for those flaws in their tool as the groups who made the
flawed resource in the first place.

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available




More information about the Ale mailing list