travis+ml-cryptogra...@subspacefield.org writes: > https://media.blackhat.com/bh-us-10/whitepapers/Kamkar/BlackHat-USA-2010-Kamkar-How-I-Met-Your-Girlfriend-wp.pdf
He doesn't mention the php.ini variables session.entropy_length and session.entropy_file. Last I checked, their default settings were unsafe, but setting them to 16 and /dev/urandom should solve the problem he describes in the paper. Unless not. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com