Originally posted by uid313
View Post
/dev/random - is the blocking one that will wait until there's enough entropy
/dev/urandom - is the non-blocking that will always return, no matter the quality.
And with regards with IO testing...
Originally posted by uid313
View Post
It might be a plain simple fast encryption stream with the seed used as a fixed password.
Or it might even be some mathematical pseaudorandom number generator.
Originally posted by uid313
View Post
"Easy to write": And equaly easy to screw up. My opinion is if you're not fluent in security matters, better not to roll your own. Colin Pierceval can very easily invent his own brand new password hasher. Aiden Junior straight out of Python Coding Bootcamp shouldn't touch security matters, unles everything is thoroughly reviewed and tested by a group of experts.
Comment