#randomness

January 28, 2022 11:35pm

Why #Randomness Isn’t Quite As Random As You Think ⚓ https://tedium.co/2022/01/28/insights-about-randomness/ ䷉ #tedium | more in http://schestowitz.com/2022/01/28/#latest

Why Randomness Isn’t Quite As Random As You Think

Despite the fact that this package is about randomness, it’s actually fairly well structured. But as it turns out, order might be more random than it looks.

Rudolf Polzer

August 1, 2020 1:40am

For those who would like to find out whether or not they should trust this password generator: https://pastebin.com/qyuqLeLk

It uses an not-quite-secure python standard RNG, and calls random.randint on it at least 1554 times (only looked at the first loop, there is more). In doing so, it gets at least 38035 bits of entropy out of random.randint. Too bad Python's RNG only has a state size of 19937 bits.

Problem, math?

Yes, you read this right: even when generating just ONE password, random bits used in the generation correlate with each other. A rookie mistake.

Solution would be, of course, using random.SystemRandom to fix this flaw once and for all. I suggested this to the author before, but they wouldn't listen and make this one trivial change, and instead just made the random number generation more complicated.

Also, there are some sources of bias in the algorithm, but last time I checked they only lower password entropy by a few bits.

#security #cryptography #randomness #fail

reshare from @I Like Da Web

https://greyhatlaboratories.com/download-vb6-random-password-generator-beta-grey-hat-labs.html #password #security #ghl

+ rm -rf tmp+ mkdir tmp+ cd tmp+ unrar x ../S.P.G.M.v07-setup.rarUNRAR - Pastebin.com

Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.

Doc Morbius (moved to Glasswings)

March 31, 2014 1:09pm

HFT, Sequence Fuzzing, Randomness, and Repeatability

High frequency trading has popped up again on Hacker News with a couple of stories, "Is the U.S. stock market rigged? (cbsnews.com)[1] " and "U.S. stock markets are rigged, says author Michael Lewis (reuters.com)[2] ". As I've mentioned previously, HFT is something that troubles me, both on its own merits and on the statements of others (Warren Buffett, Mark Lewis, and others have criticized it strongly).

One solution that's occasionally mentioned is for either discrete-step trade processing, or randomly assigning lags to orders, with the fuzzing interval being such that HFT operators couldn't be assured of a timeslice within their range of advantage -- prehaps 1-10 seconds (this for a practice which relies on sub-milisecond timings).

And so I suggest a possible replayable yet gaming-resistant fuzzing mechanism.

More at the dreddit

#HFT #randomness #repeatability #trading

http://www.reddit.com/r/dredmorbius/comments/21tm8l/hft_sequence_fuzzing_randomness_and_repeatability/

0 Persons are tagged with #randomness

#randomness

HFT, Sequence Fuzzing, Randomness, and Repeatability