[whatwg] Cryptographically strong random numbers
getify at gmail.com
Tue Feb 22 15:36:52 PST 2011
> I didn't see a way to set the seed of Math.random(), so the
timestamp by default? Perhaps I'm totally off base, but that's long been my
assumption, and the reason why I never questioned not having a `seed()`
function to set it, since the timestamp was fine for most non-crypto needs.
I also recall that being one of the main complaints about Math.random for
> But, having both a repeatable random function and a secure random function
> in a language is certainly reasonable.
If it's a choice between repeatable-random and actual random... I vote
actual random with all my fingers and toes. Test harnesses can override
Math.random() with fake repeatable sequences for that purpose. In the real
world (non-testing), repeatable-random is far less desirable, at least I
(butting back out)
More information about the es-discuss