help-gnu-emacs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Noob dumb question (extending emacs)


From: Jean Louis
Subject: Re: Noob dumb question (extending emacs)
Date: Sat, 23 Oct 2021 00:22:03 +0300
User-agent: Mutt/2.0.7+183 (3d24855) (2021-05-28)

* Yuri Khan <yuri.v.khan@gmail.com> [2021-10-22 21:52]:
> On Sat, 23 Oct 2021 at 00:55, Jean Louis <bugs@gnu.support> wrote:
> 
> > For people interested, manual explains about randomity:
> > (info "(elisp) Random Numbers")
> >
> > How I understand it, than it may be that neither `pwgen' is generating
> > truly random numbers.
> 
> Inspecting the source shows pwgen uses /dev/urandom if available, and
> /dev/random otherwise, and all bytes of the password come from one of
> those sources. These are
> 
> On the other hand, the manual for Emacs ‘random’ says:
> 
>     A deterministic computer program cannot generate true random numbers.
>     For most purposes, “pseudo-random numbers” suffice.
> 
> Spoiler: secure password generation is not one of those purposes.

That only when looking from the viewpoint of perfection. 

We could even go further and say that computers were not meant
initially to store any data, and safe storage of data requires
professional engineering and safety. 

But people do store data on computers. And hard disks fail all the
time.

Absolutes are not attainable and practically any LISP can generate
passwords just as many other random outcomes.

What matters is practicality. Can a program generate a practical
random password? If answer is YES, it is useful.

For huge majority of users it does not matter neither they can know
that passwords have their seeds or that they are not truly random.


-- 
Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/



reply via email to

[Prev in Thread] Current Thread [Next in Thread]