On 2012-02-21, at 21:24 , Brett Cannon wrote: > On Tue, Feb 21, 2012 at 15:05, Barry Warsaw <barry at python.org> wrote: > >> On Feb 21, 2012, at 02:58 PM, Benjamin Peterson wrote: >> >>> 2012/2/21 Antoine Pitrou <solipsis at pitrou.net>: >>>> >>>> Hello, >>>> >>>> Shouldn't it be enabled by default in 3.3? >> >> Yes. >> >>> Should you be able to disable it? >> >> No, but you should be able to provide a seed. > > I think that's inviting trouble if you can provide the seed. It leads to a > false sense of security in that providing some seed secures them instead of > just making it a tad harder for the attack. I might have misunderstood something, but wouldn't providing a seed always make it *easier* for the attacker, compared to a randomized hash?
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4