One of my past workplaces used a random number generator seeded by an unintentional buffer read-overrun for years before anyone noticed. (Given that it was also deriving AES keys from that excellent source of secrets, getuid(), expecting any sort of randomness tests to be performed on the RNG was perhaps expecting too much.)
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds