In my review practice I often have to look at Java source code which is used
to generate passwords, authentication tokens or session ids. Ever so often
this code uses the Java API class java.util.Random to generate random
numbers. It is well-established in security industry that this particular
...
In my review practice I often have to look at Java source code which is used
to generate passwords, authentication tokens or session ids. Ever so often
this code uses the Java API class java.util.Random to generate random
numbers. It is well-established in security industry that this particular
...
[ more ]