> On 11 Apr 2016, at 02:17, Jens Alfke <j...@mooseyard.com> wrote:
>
> I’d argue that “random” is a broad concept with several possible
> implementations. Which RNG does `sample` use? Pick a cryptographic one and it
> might be too slow for some use cases; pick a fast one and it'd be
> insufficiently random, making it dangerous to use for anything related to
> security.
And yet we have `arc4random` family of functions which most people use in the
kind of scenarios I refer to. The security argument is important, but I feel we
sometimes reach for it too quickly. Just how will NOT implementing sampling on
collections prevent someone from basing their security strategy on arc4
algorithm. Consider how indicative of their work would that be; how many more
glaring security holes are they likely to leave! And are we saying that the
obscure path to this algorithm somewhere inside `Darwin` is a virtue?
Protecting the uninitiated from a dangerous technology?
I’m sorry we are spending so much time discussing why this may be difficult for
*someone* (because it likely won’t be us) to implement. The fact is that random
bits will have to come from the frameworks beyond Standard Library, but if
there is will, I cannot imagine it would be too difficult to bring them to bear
on the core datatypes and protocols. My question was always if there is such
will; if people would like the feature to be there competently implemented and
vetted by the community…
milos
_______________________________________________
swift-users mailing list
swift-users@swift.org
https://lists.swift.org/mailman/listinfo/swift-users
