(cc-ing Robert Withers as he seems to be working with
cryptography and security... as this seems related and may
have some implications, but I am likely wrong about the
implications)
yesterday I've encountered a very surprising behavior
I executed the same script `10 atRandom` on the same image
without saving it and got the same output:
while true; do
pharo-vm --nodisplay latest.image
--no-default-preferences eval '10 atRandom'
done
10
10
10
10
10
10
Not so random… not random at all.
Apparently the default random generator uses SharedRandom
pool, that is initialized only once… so every time you start
an image you get the EXACT same random seed... I think this is
stupid, and I am not sure what are the security implications
of this (e.g. when opening an SSL connection… having fixed
world-wide initial seed seems like an awful, awful idea), but
whatever…
So instead I tried to explicitly specify the Random
generator… which I can do
while true; do
pharo-vm --nodisplay latest.image
--no-default-preferences eval '10 atRandom: Random new'
done
5
5
5
5
5
Still not random… what?
while true; do
pharo-vm --nodisplay latest.image
--no-default-preferences eval 'Random new instVarNamed:
#seed'
done
426306047
426305545
426305546
426306010
So the seed is different but thanks to the magic of masking
the seed, I always get the same first several bits… thus the
same result for small numbers.
So if I actually want what seems like a random value… I
have to at least once run the generator…
while true; do
pharo-vm --nodisplay latest.image
--no-default-preferences eval '10 atRandom: (Random new
next; yourself)'
done
7
3
4
9
6
7
Once I start to use it the properties of the algo kick in
so it's pseudo-random… but I need to run it once to initialize
it, which is wtf.
My questions:
1) do we really want to have global fixed seed?
2) Random new should actually setup a usable seed so I
don't need to first run it N times before I can use the value
3) Should we switch to what UUIDGenerator is using… reading
/dev/urandom for the initial seed setup?
Peter