Talk in English - UK at Inviqa Dev Day
Short URL: https://joind.in/talk/9e492
(QR-Code (opens in new window))
PHP 7 for the first time introduced simple consistent functions to access good quality pseudo-random values from within PHP applications. But many applications written for earlier PHP versions, or still supporting them, use other methods to generate random values – with mixed results.
Such home-cooked methods often use unsuitable pseudo-random generators and seeding methods. We will take a look at the weird and wonderful methods developers have used in common open-source applications such as Wordpress and Magento. After digging down into the PHP source to find what the underlying functions actually rely on we will be putting on our hacking hats to try breaking an example application using bad random.
Comments
Comments are closed.
Enlighting talk about the hidden and yet extremely important aspects of day a day decisions that shouldn't be taken carelessly. I would personaly like to see more of this.
Kinda crazy once you scratch the surface of how some of these functions work (off the back of random number generation). Nice presentation and the demos worked out. Cheers Nat!
Good talk, with a great delivery. Working examples were also a nice touch.