Ruby Issue Tracking System

06/16/2016

06:55 AM Ruby master Bug #9569: SecureRandom should try /dev/urandom first

Shyouhei Urabe wrote:
> Everyone advocates their advantages. Maybe "OpenSSL should die" can be the only thing every... azet (Aaron Zauner)

06/15/2016

12:03 PM Ruby master Bug #9569: SecureRandom should try /dev/urandom first

Yui NARUSE wrote:
> Shyouhei Urabe wrote:
> > @naruse Do you think it's inadequate for Linux users to fall back to ... azet (Aaron Zauner)

05/03/2016

03:11 PM Ruby master Bug #9569: SecureRandom should try /dev/urandom first

Shyouhei Urabe wrote:
> Filippo Valsorda wrote:
> > **All other languages only expose /dev/urandom in the stdlib.**... azet (Aaron Zauner)

04/29/2016

08:43 AM Ruby master Bug #9569: SecureRandom should try /dev/urandom first

A recent (2012) analysis of the RNG subsystem in the Linux Kernel can be found here: https://eprint.iacr.org/2012/251... azet (Aaron Zauner)

04/13/2016

09:02 AM Ruby master Bug #9569: SecureRandom should try /dev/urandom first

There's now a new paper outlining RNG weaknesses in OpenSSL: https://eprint.iacr.org/2016/367.pdf
Again: Please sw... azet (Aaron Zauner)

01/02/2016

03:11 PM Ruby master Bug #9569: SecureRandom should try /dev/urandom first

The following is the output of your 'SecureRandom' construction vs. the Linux `/dev/urandom` facility:
http://nopa... azet (Aaron Zauner)

10:18 AM Ruby master Bug #9569: SecureRandom should try /dev/urandom first

Nobuyoshi Nakada wrote:
> SecureRandom without OpenSSL (or compatible alternatives) is nonsense.
You evidently ha... azet (Aaron Zauner)

01:48 AM Ruby master Bug #9569: SecureRandom should try /dev/urandom first

Hi,
This still seems to be the case according to the code available on GitHub.
I urge the core team to move to ... azet (Aaron Zauner)

01/31/2012

12:33 AM Ruby master Bug #5950 (Closed): open-uri: https redirect fix

open-uri raises an exception if a http/s redirect refers to https.
original mail to the maintainer with a quickf... azet (Aaron Zauner)