Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:94057 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 78957 invoked from network); 16 Jun 2016 18:55:40 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 16 Jun 2016 18:55:40 -0000 Authentication-Results: pb1.pair.com smtp.mail=php@fleshgrinder.com; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=php@fleshgrinder.com; sender-id=unknown Received-SPF: error (pb1.pair.com: domain fleshgrinder.com from 212.232.28.122 cause and error) X-PHP-List-Original-Sender: php@fleshgrinder.com X-Host-Fingerprint: 212.232.28.122 mx201.easyname.com Received: from [212.232.28.122] ([212.232.28.122:57944] helo=mx203.easyname.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 94/E7-25388-B26F2675 for ; Thu, 16 Jun 2016 14:55:40 -0400 Received: from cable-81-173-134-219.netcologne.de ([81.173.134.219] helo=[192.168.178.20]) by mx.easyname.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1bDcRz-0001qS-Dz; Thu, 16 Jun 2016 18:55:35 +0000 Reply-To: internals@lists.php.net References: <1ee34970-76f4-e6c6-df1e-a827e3fc592d@fleshgrinder.com> <25bb59bb-d9ac-5ab3-f0bb-d80e6b3fe745@fleshgrinder.com> <55ceae84-5e24-96b4-bb0f-bd8c71c057ef@fleshgrinder.com> <6d6c121e-bdd4-c6d8-b376-71ba25455a30@fleshgrinder.com> To: Pierre Joye , PHP internals Cc: Niklas Keller Message-ID: <1726fd34-8c3c-0af8-ab97-630cbbf13772@fleshgrinder.com> Date: Thu, 16 Jun 2016 20:55:23 +0200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.1.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="99kBNGM8DQsw98LUMr4apgubnrRB9bbrm" X-ACL-Warn: X-DNSBL-BARRACUDACENTRAL Subject: Re: [PHP-DEV] [RFC] RNG fixes From: php@fleshgrinder.com (Fleshgrinder) --99kBNGM8DQsw98LUMr4apgubnrRB9bbrm Content-Type: multipart/mixed; boundary="x9FgekOPXV8bUWlQMwqkR9vMQ6dWfJ9OT" From: Fleshgrinder Reply-To: internals@lists.php.net To: Pierre Joye , PHP internals Cc: Niklas Keller Message-ID: <1726fd34-8c3c-0af8-ab97-630cbbf13772@fleshgrinder.com> Subject: Re: [PHP-DEV] [RFC] RNG fixes References: <1ee34970-76f4-e6c6-df1e-a827e3fc592d@fleshgrinder.com> <25bb59bb-d9ac-5ab3-f0bb-d80e6b3fe745@fleshgrinder.com> <55ceae84-5e24-96b4-bb0f-bd8c71c057ef@fleshgrinder.com> <6d6c121e-bdd4-c6d8-b376-71ba25455a30@fleshgrinder.com> In-Reply-To: --x9FgekOPXV8bUWlQMwqkR9vMQ6dWfJ9OT Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 6/16/2016 8:14 PM, Pierre Joye wrote: > Well know you do as I gave you examples of such usages. Their Code not > public so I cannot give you links. >=20 That's a knockout argument. On 6/16/2016 8:14 PM, Pierre Joye wrote: > I am not sure to follow the legitimate part. There are perfectly legiti= mate > usage of rand/mt_rand outside crypto. The fact that some developers sti= ll > do not get the non safe part is an education problem. The same applies = to > many functions, like serialize, which has many security impacts but we = do > not remove it because some people misuse it constantly. >=20 Nikic sees it like I do: https://wiki.php.net/rfc/deprecations_php_7_1#rand_srand_and_getrandmax People are already preparing for it: https://github.com/SimpleMachines/SMF2.1/issues/3492 And apparently people who want to create tiny games don't get it right: https://github.com/Frug/AJAX-Chat/issues/167 I am still going through the search results. So far everything deals with broken crypto and invalid usage of rand(), srand() as well as mt_rand() and mt_srand(). I know you will continue insisting that this is a super crucial feature just because you started with this argument into this discussion. I learned that people in general have a hard time changing their mind a long time ago. > A designer knows he has achieved perfection not when there is nothing > left to add, but when there is nothing left to take away. > > --- Antoine de Saint-Exupery Education is a hard problem that the whole world is struggling with. We will never achieve it. We will especially not achieve convincing people of legacy software to change. Heck, we cannot even convince anyone here to change legacy stuff. Hence, if rand and friends stay, they will continue to help people to produce insecure software. On 6/16/2016 8:14 PM, Pierre Joye wrote: > It does as these functions are available by default and cannot be disab= led > (ext/standard). >=20 And? That is beside the point. People can simply add the PECL module and there is no difference. We could deprecate them and move them to PECL later. There are many ways. Changing the behavior of any of these functions *is* a BC for the software that you refer to that relies on the predictability of these functions. Somehow it seems that you are fine with that ...?!? --=20 Richard "Fleshgrinder" Fussenegger --x9FgekOPXV8bUWlQMwqkR9vMQ6dWfJ9OT-- --99kBNGM8DQsw98LUMr4apgubnrRB9bbrm Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXYvYfAAoJEOKkKcqFPVVrhs0P/2bzbhnfFznvK+7ZBbyQdg2o jXfmfDNMGfhS/2tmFslo4EjrKKJfXjUKUUFku0Qjr/rLNjwlzDsnY9iTdqrpWMyC 3MuodWZ1CpgofBFyVJnGA2bqtpVN804xKQVcSfdeJ7PeDgYKfnDgJL0vXGwn/yQ9 hwA7UAKxCJvYyhY64L6EpJ03O4WMMxww7mnQ7eNW3O/S3m/FExrKBSbvboK1jmo6 D70o7C5xxLpyKjnDyfPjs6icWxPp+1VdO4XI2AYVIpBsH7vDI9UHw3ulWKDaRDZ2 PXkSVyxgIRY7CBb6sdcdcF9Enrn8Gnq+CUN1JoMZZ28DzSesW3nhIe1Px02KV2qk mGPiggLNfuEvFz9KBD1S2club8rBB5FLvQBWIITyzz/7Zd0T4dorOdqgzk1C/CFR JyCabviThNjyzmWL7zHIDg5amG4Ob/wunAKs1QYqM1dDw+nk6OHCiDSb4bqwurXa UGUOHfi/9uGzC2h37T++tZs8MIsOdNx3FuLZ3e+ODtn3tU0vLV4Fe8oqdXIYCC8U B3s6U8UVgrCMaF5Mrlomtqg+/wiwyWBJB9g8eyA9P6VQK70c8YzWpfTJKVW99T3I YbakbnmfKh3DGTDQqFv2hvc9xfX2OFKfDrFzYFvWRzKIKTXwu7R0oQPL9FyCixkX DnSlWoxeaOfO7yQjIK/e =mUd6 -----END PGP SIGNATURE----- --99kBNGM8DQsw98LUMr4apgubnrRB9bbrm--