Monthly Archives: February 2010

Random fail

By laurentb | Published: 2010-02-28

Yet another case of trying to be too clever with randomness!

Posted in Security | Tagged microsoft, random numbers, security | Leave a comment

Update: After a year, both plugins are finally updated with a better random key generator. Security is not easy. Programmers should leave things like random number and identifier generation to a library (or at least research the best way to do it). A lot of projects learned it the hard way. Let’s talk for instance […]

Posted in PHP, Security, Symfony | Tagged entropy, full disclosure, PHP, random numbers, security, Symfony | 8 Comments

Categories
- Development (2)
- Meta (6)
- Networking (1)
- PHP (16)
- Python (5)
- Security (5)
- Symfony (17)
- Sysadmin (10)
- Technology (3)
- Webdesign (1)
- Weboob (5)
- WordPress (1)

Blogroll
- AlastairC
- autonomo.us
- Dilbert
- flameyes
- Joel on Software
- Romain Bignon
- Ted Dziuba
- The Daily WTF
- xkcd
- Zed Shaw
Cool stuff
- Gentoo
- lighttpd
- Microformats
- Vim
- Weboob
Me elsewhere

Monthly Archives: February 2010

Random fail

Security is not easy

Categories

Blogroll

Cool stuff

Me elsewhere

RSS Links

Archives

Meta

Recent Posts

Recent Comments