Tag
csprng
Safeguard articles tagged "csprng" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Application Security
Why Math.random() is a security bug waiting to happen
A 2008 Debian OpenSSL patch cut key entropy to ~32,768 values; a 2012 scan found 0.75% of TLS certs shared keys. Weak PRNGs still cause real breaches.
Jul 14, 20266 min read
Vulnerability Analysis
Insecure randomness vulnerabilities explained
CWE-338 explained through the Debian OpenSSL and Android Bitcoin SecureRandom breaches — how weak PRNGs get exploited, and how to detect and fix them.
Dec 8, 20257 min read