[webkit-dev] Blacklisting some sqlite functions
Chris Evans
cevans at chromium.org
Thu Jan 7 15:48:28 PST 2010
On Thu, Jan 7, 2010 at 11:13 AM, Adam Barth <abarth at webkit.org> wrote:
> On Thu, Jan 7, 2010 at 10:02 AM, Brady Eidson <beidson at apple.com> wrote:
> > Are random() and randomblob() security risks? Could you point us to a
> > source explaining this?
>
> They're fairly low risk, but you tend to leak a surprising amount of
> information when you expose non-cryptographic random sources to
> attackers. We've already gotten a rather detailed report of the leaks
> from Math.random, for example. If these functions are useful, we can
> keep them, but it does cost some amount of attack surface.
>
[reposting with my @chromium.org address]
I'd prefer to have JavaScript going to just one source of random. For now,
Math.random(). It makes a lot of things simpler in the future. Perhaps one
day all the browsers will adopt a standard secure random API.
I think Apple Safari was the only browser to adjust their Math.random()
implementation based on this report?
http://www.trusteer.com/files/Temporary_User_Tracking_in_Major_Browsers.pdf
It's not serious at all, but is interesting.
Anyway, I think we get better options for the future by not randomly adding
more sources of randomness available to JavaScript.
Cheers
Chris
>
> Adam
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20100107/747f0086/attachment.html>
More information about the webkit-dev
mailing list