On 25.11.2015 12:42, Philip Chee wrote: > <https://medium.com/@betable/tifu-by-using-math-random-f1c308c4fd9d#.ui74puy9k> > > Hopefully Spidermonkey's Math.random() is better. > > Phil >
There have been multiple insightful responses on HN and reddit/netsec. The short version is, that Math.random() isn't providing statistically good randomness, because JS benchmarks use it. So it has been optimized for performance in most browsers. Also, the person writing the post did not only want randomness, but uniqueness. If someone wants unique, you should use a UUID-algorithm. If all you need is a better PRNG use crypto.getRandomValues(), which is providing cryptographically secure randomness. _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
