PHP blunders with random numbers

"Security expert Andreas Bogk warns that, despite recent PHP improvements, the session IDs of users who are logged into PHP applications remain guessable. Upon close examination, the alleged improvements display frightening weaknesses.

"PHP assigns a session ID in order to allow individual page calls to be allocated to a specific logged-in user. To prevent attackers from using a forged session ID to take control of a session, the ID is chosen supposedly at random. When computers require random numbers, invariably a pseudo random number generator such as the Linear Congruential Generator (LCG) will be used. Such number generators use complex mathematical operations to generate a stream of numbers which are random at least in so far as it is impossible to predict future numbers based on the numbers already generated."

Complete Story

Related Stories:

• Break TrueCrypt Dard Drive Encryption Quickly(Mar 30, 2010)
• Get to know Linux: AppArmor(Mar 25, 2010)
• How To Harden PHP5 With Suhosin On CentOS 5.4(Mar 15, 2010)
• PHP 5.3.1 released for 5 security flaws, 113 bugs(Nov 20, 2009)
• New versions of phpMyAdmin close security holes(Oct 16, 2009)
• How To Set Up Apache2 With mod_fcgid And PHP5 On Debian Lenny(Sep 11, 2009)
• Weekly Ten: OSS Infiltrates the Enterprise, Debug PHP With Firefox, Robots do facial expressions (Jul 15, 2009)
• How To Harden PHP5 With Suhosin On CentOS 5.3(May 22, 2009)