Image Unique Identifier

John M McIntosh johnmci at
Tue Aug 22 23:22:35 UTC 2006

Ok, well first the squeak VM returns a UUID if that support is in the  
VM to fetch it from the host operating system
If it is not found then we generate a type of UUID based on the  
squeak random number generator with a reset very N usages.
However I can't speak for how random that would be, since I don't  
believe it's considered a cryptographic level random number generator.

For platforms that support getting the UUID from the host operating  
system the system *might* have done a one-way hash on
the UUID. How valid is that? You would have to get the vendors to  
admit what they are doing.

On 22-Aug-06, at 4:14 PM, Ron Teitelbaum wrote:

> I understand the original implementation of UUID used information  
> from the
> computer but people said this was a bad thing since data created  
> from a
> computer could be traced back to that computer.  I don't see that  
> in this
> UUID and I'm not sure of our implementation.  If it is based on SHA  
> then the
> distribution should be very close to random meaning 3/5th's.  If it  
> is the
> old UUID where the distribution was wider on the beginning bits  
> then I'd say
> you have a larger amount of uniqueness in the first 16 of 25 bits,  
> although
> guaranteed uniqueness came from the computer id so who knows.
John M. McIntosh <johnmci at>
Corporate Smalltalk Consulting Ltd.

More information about the Squeak-dev mailing list