SIN 20WEAK RANDOM NUMBERS

OVERVIEW OF THE SIN

Imagine you’re playing poker online. The computer shuffles and deals the cards. You get your cards, and then another program tells you what’s in everybody else’s hands. While it may sound far-fetched, this is a very real scenario that has happened before.

Random numbers are used to perform all sorts of important tasks. Beyond things like card shuffling, they’re often used to generate things like cryptographic keys and session identifiers. In many tasks requiring random numbers, an attacker who can predict numbers (even with only a slight probability of success) can often leverage this information to breach the security of a system, as was the case in an online Texas Hold ’em poker game referred ...

Get 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.