Re: [Lynx-dev] predictable PRNG used

[Thorsten Glaser]

Michael S. Gilbert dixit:

>i'm triaging this issue for linux, and i don't believe that it has an
>arc4random implementation.

There are several implementations; I wrote one based on
jrand48 but self-seeding from /proc/sys/kernel/random_uuid
for klibc (not really using aRC4, but sharing the API),
Debian libbsd has one (available in Lenny on all arches),
https://www.mirbsd.org/MirOS/dist/hosted/other/arc4random.c
contains another one, OpenSSH comes with one.

>so this would mean that lynx is using the
>very insecure linear congruential algorithm

lrand48 at least doesn't expose the entire seed, so
you'd still need quite some effort to find it out.

>affected

Some things are another issue actually. For example,
OpenSSL is separate from this _again_. There is no
JavaScipt(tm) in Lynx, luckily, so that one wouldn't
be affected either. You'd really have to look where
entropy is used in the source code.

bye,
//mirabilos
-- 
“It is inappropriate to require that a time represented as
 seconds since the Epoch precisely represent the number of
 seconds between the referenced time and the Epoch.”
        -- IEEE Std 1003.1b-1993 (POSIX) Section B.2.2.2