On 20 October 2015 at 11:33, Victor Stinner <victor.stin...@gmail.com> wrote: > 2015-10-20 11:11 GMT+02:00 Nick Coghlan <ncogh...@gmail.com>: >> Folks wanting to simulate die rolls should be using the random module >> rather than the secrets module anyway, > > Hum, why? Dices are used in Casino where security matters because it > costs money.
True, I was thinking of just-for-fun games, but in gambling games unbiased randomness can be significantly more important. > A bad API can be more likely misused and introduce security > vulnerability. The C rand() API is a good example: 1+rand()%6 is not > uniform... "1 + secrets.randbelow(6)" would be uniform, though. As Tim pointed out, the *lack* of flexibility in randbelow() is a feature here, since it focuses on producing a uniformly random distribution of a given size, which can then be transformed deterministically. Cheers, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
