Linux Today: Linux News On Internet Time.

More on LinuxToday

PHP blunders with random numbers

Mar 31, 2010, 03:03 (1 Talkback[s])

"Security expert Andreas Bogk warns that, despite recent PHP improvements, the session IDs of users who are logged into PHP applications remain guessable. Upon close examination, the alleged improvements display frightening weaknesses.

"PHP assigns a session ID in order to allow individual page calls to be allocated to a specific logged-in user. To prevent attackers from using a forged session ID to take control of a session, the ID is chosen supposedly at random. When computers require random numbers, invariably a pseudo random number generator such as the Linear Congruential Generator (LCG) will be used. Such number generators use complex mathematical operations to generate a stream of numbers which are random at least in so far as it is impossible to predict future numbers based on the numbers already generated."

Complete Story

Related Stories: