16 Sep
2015
16 Sep
'15
8:29 a.m.
On 16 September 2015 at 08:43, David Mertz
Hence I affirmatively PREFER a random module that explicitly proclaims that it is non-cryptographic. Someone who figures out enough to use random.SystemRandom, or a future crypto.random, or the like is more likely to think about why they are doing so, and what doing so does and does NOT assure them off.
And what about those that don't? Is our position here "screw 'em, and also screw their users"?