Originally posted by wretched_dutchman
View Post
Originally posted by wretched_dutchman
View Post
Originally posted by wretched_dutchman
View Post
Existing OpenSSL is already guilty of the alleged "dumbness" by using gettimeofday and urandom on Linux as part of its PRNG seeding. For some platforms it optionally implements considerably worse things that the articles neglect to mention: seeding from RSA secret exponents, digests, a screenshot of the desktop even...
Comment