[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Lynx-dev] predictable PRNG used

From: Michael S. Gilbert
Subject: Re: [Lynx-dev] predictable PRNG used
Date: Sun, 5 Jul 2009 14:02:44 -0400

On Sun, 5 Jul 2009 17:31:58 +0000 (UTC) Thorsten Glaser wrote:
> Some things are another issue actually. For example,
> OpenSSL is separate from this _again_. There is no
> JavaScipt(tm) in Lynx, luckily, so that one wouldn't
> be affected either. You'd really have to look where
> entropy is used in the source code.

right, like i said, lynx likely is not affected by any of the issues
in this paper, but using the precautionary principle, it's better to
harden for the future unknown attacks than to be caught off guardby an
attack that you could have nullified.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]