[Python-ideas] Python's Source of Randomness and the random.py module Redux
Paul Moore
p.f.moore at gmail.com
Thu Sep 10 10:41:54 CEST 2015
On 10 September 2015 at 01:01, Donald Stufft <donald at stufft.io> wrote:
> Essentially, there are three basic types of uses of random (the concept, not
> the module). Those are:
>
> 1. People/usecases who absolutely need deterministic output given a seed and
> for whom security properties don't matter.
> 2. People/usecases who absolutely need a cryptographically random output and
> for whom having a deterministic output is a downside.
> 3. People/usecases that fall somewhere in between where it may or may not be
> security sensitive or it may not be known if it's security sensitive.
Wrong.
There is a fourth basic type. People (like me!) whose code absolutely
doesn't have any security issues, but want a simple, convenient, fast
RNG. Determinism is not an absolute requirement, but is very useful
(for writing tests, maybe, or for offering a deterministic rerun
option to the program). Simulation-style games often provide a way to
find the "map seed", which allows users to share interesting maps -
this is non-essential but a big quality-of-life benefit in such games.
IMO, the current module perfectly serves this fourth group.
While I accept your point that far too many people are using insecure
RNGs in "generate a random password" scripts, they are *not* the core
target audience of the default module-level functions in the random
module (did you find any examples of insecure use that *weren't*
password generators?). We should educate people that this is bad
practice, not change the module. Also, while it may be imperfect, it's
still better than what many people *actually* do, which is to use
"password" as a password on sensitive systems :-(
Maybe what Python *actually* needs is a good-quality "random password
generator" module in the stdlib? (Semi-serious suggestion...)
Paul
More information about the Python-ideas
mailing list