Guido van Rossum <gu...@python.org> wrote: > I just don't like the potentially blocking behavior, and experts' opinions > seem to widely vary on how insecure the fallback bits really are, how > likely you are to find yourself in that situation, and how probable an > exploit would be.
This is not just a theoretical problem being discussed by security experts that *could* be exploited, there have already been multiple real-life cases of devices (mostly embedded Linux machines) generating predicatable SSH keys because they read from an uninitialized /dev/urandom at first boot. Most recently in the Raspbian distribution for the Raspberry Pi: https://www.raspberrypi.org/forums/viewtopic.php?f=66&t=126892 At least in 3.6 there should be obvious way to get random data that *always* guarantees to be secure and either fails or blocks if it can't guarantee that. Sebastian _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
