You know how docker containers get a random name assigned when you don't specify one yourself? Names are randomly generated and look like "inspiring_pike" or "competent_darwin".

Turns out there's a special check in the code that prevents it from ever generating the name "boring_wozniak" 😄

@fribbledom looks like a great way to leak RNG outout through a side channel... though a good RNG shouldn't care about its output being known



Looking at the code, they use the non-crypto RNG for this particular use-case anyway.

· · Web · 1 · 0 · 0

@fribbledom as long as guessing a container name doesn't matter, it should be fine

Sign in to participate in the conversation

The original server operated by the Mastodon gGmbH non-profit