On Fri, Jun 19, 2009 at 01:46:22AM -0500, Rob Landley wrote: > On Thursday 18 June 2009 17:53:35 Colin Watson wrote: > > On Thu, Jun 18, 2009 at 05:24:04PM -0500, Rob Landley wrote: > > > The probability that a 128 bit random number will not be unique is 2^128. > > > I _guarantee_ you have no conception of how _big_ that is or you > > > wouldn't be worrying about it. > > > > I used to work for a cryptography company; I actually do understand this > > kind of scale just fine. I just don't trust rand(). :-) > > Neither do I, that's why I used the system random number generator built into > the Linux kernel.
You did. Denys, whom I was replying to, didn't. I make no apology for not having read your mail before you sent it. > (Insert long discussion here about embedded systems with insufficient entropy > sources that don't preserve entropy across reboots, and how you can use > /dev/random instead so people get hangs and their system randomly fails in > the > field instead. By the way, did you _read_ old_e2fsprogs/gen_uuid.c? Look at > the function on the bottom and trace your way back up, it uses > "uuid_generate_random" in _preference_ to the "assemble various system > information and hope it's unique" method.) Yes, I did read it (before reading this message) and I have no quarrel with its behaviour. Using /dev/urandom for preference makes perfect sense here, as sane kernels already take care to stir whatever entropy they can find in there. I think you're arguing with things I never said ... -- Colin Watson [[email protected]] _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
