package: webkit severity: serious tags: security hello,
it has been discovered that all of the major web browsers use a predictable pseudo-random number generator (PRNG). please see reference [0]. the robust solution is to switch to a provably unpredictable PRNG such as Blum Blum Shub [1,2]. [0] http://www.trusteer.com/temporary-user-tracking-in-major-browsers [1] Lenore Blum, Manual Blum, and Michael Shub, "A Simple Unpredictable Pseudo-Random Number Generator," SIAM Journal on Computing, volume 15, pages 364-383, May 1986. [2] http://rng.doesntexist.org/gmpbbs -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
