Re: Noob dumb question (extending emacs)

[Jean Louis]

* Yuri Khan <yuri.v.khan@gmail.com> [2021-10-23 13:17]:
> An attacker might have access to one or more passwords you generate
> before and/or after the password the attacker is interested in, e.g.
> by being one of the entities you have an account with, or by
> possessing a leaked database of user information from a compromised
> service.
> 
> (It is also customary, when discussing security, to assume the
> attacker knows exactly the algorithms you use.)
> 
> 
> It is okay to generate your own passwords using a weak generator if
> you are aware of that and deem the risk insignificant.

I fully get this. Though ideology is a pleasant game for mind though
not useful if it cannot be practically implemented.

How I see it, it is very easy to set random seed by providing some
automatically generated, random string to `random', such as those from
the system's /proc directory.

random is a built-in function in ‘C source code’.

(random &optional LIMIT)

Return a pseudo-random integer.
By default, return a fixnum; all fixnums are equally likely.
With positive integer LIMIT, return random integer in interval [0,LIMIT).
With argument t, set the random number seed from the system’s entropy
pool if available, otherwise from less-random volatile data such as the time.
With a string argument, set the seed based on the string’s contents.


-- 
Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/