Closed Bug 502420 Opened 14 years ago Closed 14 years ago

predictable random number generator used in web browsers

Tracking

()

Status:

RESOLVED DUPLICATE of bug 322529

People

(Reporter: michael.s.gilbert, Unassigned)

References

(
URL
)

Details

Michael Gilbert

Reporter

Description

•

14 years ago

User-Agent:       Midori/0.1.6 (X11; Linux; U; en-us) WebKit/532+
Build Identifier: 

hello,

it has been discovered that all of the major web browsers use a
predictable pseudo-random number generator (PRNG).  please see
reference [0]. the robust solution is to switch to a provably
unpredictable PRNG such as Blum Blum Shub [1,2].

[0] http://www.trusteer.com/temporary-user-tracking-in-major-browsers
[1] Lenore Blum, Manual Blum, and Michael Shub, "A Simple Unpredictable
Pseudo-Random Number Generator," SIAM Journal on Computing, volume 15,
pages 364-383, May 1986.
[2] http://rng.doesntexist.org/gmpbbs

Reproducible: Always

Kevin Brosnan

Updated

•

14 years ago

Status: UNCONFIRMED → RESOLVED

Closed: 14 years ago

Resolution: --- → DUPLICATE

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

predictable random number generator used in web browsers

Categories

(Firefox :: Security, defect)

Tracking

()

People

(Reporter: michael.s.gilbert, Unassigned)

References

(
URL
)

Details

Crash Data

Security

(public)

User Story

Description

Updated