Tag: prng
All the articles with the tag "prng".
-
Insecure Randomness: recovering a gift card code from its timestamp
OopsSec Store derives gift card codes from a linear congruential generator seeded with the card's creation timestamp. The timestamp is exposed to the buyer with millisecond precision, which is all you need to reproduce the code and redeem the card from a different account.
