2009/10/10 Florian Weimer <f...@deneb.enyo.de>: > * Raphael Geissert: > >> Cc'ing the stable security team as I would some input from them. As >> mentioned by Florian on IRC there's a bug on some browsers that >> could let other websites predict the sequence of Math.random(). On >> unstable the cryptojs library from stanford could be packaged and >> used to generate a session id with the Fortuna-based PRNG (which is >> of course not shared between websites, therefore safe from the >> Math.random() attacks), > > I think it's impossible to generate random numbers which reasonably > cryptographically strong with pure Javascript code because you lack a > reliable source of entropy.
The cryptojs library uses mouse movements (at least) as entropy data, which makes it a very good candidate. The PRNG can not be used until it has enough entropy data, based on its predictor. > > Can't you get the ID from the server instead? > It should be possible, yes, but not without modifying many parts of the code. From the very first time the client connects to the server a session is started. My real concern about ajaxterm is that it somewhat eases the possibility of brute force attacks because none of the policy layers that are designed to prevent remote brute force attacks are applied. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
