Tag
insecure-randomness
Safeguard articles tagged "insecure-randomness" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Vulnerability Analysis
Insecure randomness vulnerabilities explained
CWE-338 explained through the Debian OpenSSL and Android Bitcoin SecureRandom breaches — how weak PRNGs get exploited, and how to detect and fix them.
Dec 8, 20257 min read
Application Security
Generation of Predictable Numbers or Identifiers
From Debian's 2008 OpenSSL bug to First American's 885-million-record leak, predictable identifiers keep breaking security. Here's how the vulnerability works and how to stop it.
Nov 10, 20257 min read
Industry Analysis
Insecure Randomness in Security-Sensitive Code
A single deleted line broke Debian's OpenSSL keys for two years. We break down real insecure randomness vulnerabilities and how Safeguard catches weak PRNGs before attackers do.
Oct 31, 20257 min read