Re: Noob dumb question (extending emacs)

help-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Noob dumb question (extending emacs)

From:	Emanuel Berg
Subject:	Re: Noob dumb question (extending emacs)
Date:	Sat, 23 Oct 2021 20:17:19 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (gnu/linux)

Michael Heerdegen wrote:

> If you use Emacs' `random' to generate a password, an
> attacker would need to have access to your system to predict
> the result. He would at least have to know exactly when you
> started your Emacs session (that time is used to generate
> the seed). Or he would need much more pseudo-random numbers
> from you.
>
> Without any of these, no chance to guess, because there are
> too many possible pseudo-random numbers when you don't know
> at which position in the sequence the generator started.
>
> But if the attacker already has access to your session, he
> can just steal the password out of your Emacs session or
> system clipboard or take a screenshot or whatever.
>
> So I don't see a problem here. Or am I missing something?

Well, obviously no one is cracking your account because
`random' isn't random enough :)

Well, if they do it at a industrial standard level (I didn't
see such a standard myself, but I trust Yuri has) there is no
reason we shouldn't be there as well ...

-- 
underground experts united
https://dataswamp.org/~incal

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Noob dumb question (extending emacs), (continued)

Prev by Date: Re: Noob dumb question (extending emacs)
Next by Date: Re: Noob dumb question (extending emacs)
Previous by thread: Re: Noob dumb question (extending emacs)
Next by thread: Re: Noob dumb question (extending emacs)
Index(es):
- Date
- Thread