[Development] What to do with qrand/qsrand?

Thiago Macieira thiago.macieira at intel.com
Wed Jun 14 17:45:01 CEST 2017

On quarta-feira, 14 de junho de 2017 08:26:50 PDT Jason H wrote:
> Given the number of softwares that are compromised by bad random number
> generation practices, I'd suggest we invert the normal behavior - random by
> default. If they need predictability then make them seed with a constant
> seed.

That is why I added QRandomGenerator, which has a (reasonably) secure default 
behaviour. But it will degrade if you abuse it.

The question though is what to do with qrand. Code using it is not secure at 
all, so does it matter if we change it?

Thiago Macieira - thiago.macieira (AT) intel.com
  Software Architect - Intel Open Source Technology Center

More information about the Development mailing list