On Friday 05 October 2001 01:36, Jeffrey W. Baker wrote: > On Thu, 4 Oct 2001, Alan Shutko wrote: > > "Jeffrey W. Baker" <[EMAIL PROTECTED]> writes: > > > That is an extraordinarily bad idea. Any person will be able to guess > > > the sequence of random numbers simply by guessing the time at which > > > your program was started. > > > > And the impact of this depends on what the program is used for. If > > you're seeding the RNG for a crypto program, yes, this is bad. If > > you're seeding the RNG for a random sig generator, who cares? Why use > > up entropy for programs which don't need it? > > Right, but those conditions weren't explained in the original advice to > use srand(time()). When someone asks "How do I generate a random number" > I think it's a lot safer to advise /dev/random than time(). > > In either case I would hope that critical software isn't being written by > people who don't even know how to generate random numbers. > > -jwb
Thanks for all replys. I have known the methords to generate random numbers. /dev/random is more safe , but time() is safe enough to me. In fact I only need some different numbers for children's mahts. Liu Tao
