On Thu, Jan 7, 2010 at 11:13 AM, Adam Barth <[email protected]> wrote:
> On Thu, Jan 7, 2010 at 10:02 AM, Brady Eidson <[email protected]> wrote: > > Are random() and randomblob() security risks? Could you point us to a > > source explaining this? > > They're fairly low risk, but you tend to leak a surprising amount of > information when you expose non-cryptographic random sources to > attackers. We've already gotten a rather detailed report of the leaks > from Math.random, for example. If these functions are useful, we can > keep them, but it does cost some amount of attack surface. > [reposting with my @chromium.org address] I'd prefer to have JavaScript going to just one source of random. For now, Math.random(). It makes a lot of things simpler in the future. Perhaps one day all the browsers will adopt a standard secure random API. I think Apple Safari was the only browser to adjust their Math.random() implementation based on this report? http://www.trusteer.com/files/Temporary_User_Tracking_in_Major_Browsers.pdf It's not serious at all, but is interesting. Anyway, I think we get better options for the future by not randomly adding more sources of randomness available to JavaScript. Cheers Chris > > Adam >
_______________________________________________ webkit-dev mailing list [email protected] http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
