Commentary and OpinionsRamblings and Rants


Call Toll Free 855-927-7583
Get vCard

Random Numbers Protect You

Android Logo

It's funny when I tell my kids and my friends that random number do protect you and your online transactions, along with your family photos, private thoughts, and treasured memories.  All of these are probably stored in some encrypted form, and that encryption relies on random numbers that form the basis for encryption keys.

If you do not have random numbers, the attacker has less work to do to guess your key.  If you do generate a random number on your Android device, but another device with the same configuration randomly generates the same number, then you are not truly generating random numbers.

It is very hard for a computer to generate a random number.... they are all identical, and therefore make the same "random" guesses. To help the randomness evolve, coders can look for other bits of information in the device to help seed a random number.  For instance, the time of day changes every second... but that means the attacker can guess what 3 month period you generated your random number and set his or her device to the same parameters and simply let the attacking device start guessing.  You can also look at CPU temperature, time since last reboot, or wireless network name... or take a combination of all of these items and then run them through a hash function to generate even more seemingly random data to seed a random number.

It's a lot of work to generate true randomness, and ideally, a particular chip in your device would contain a bit of cesium and a radiation detector.  As the cesium releases electrons, the sensor converts that into numbers, which is a truly random event.  But that gets expensive, and cesium isn't the best substance for commercial devices.  Regardless, when money is involved, you should make a diligent attempt to generate true random numbers, else the bad guys will act rather quickly to separate you from your electronic secrets. Android users are being shown that their devices do not necessarily meet this threshold.

[image retrieved 29 May 2015 from]

Stealing Coffee

Retrieved from all the Starbucks coffee drinkers out there with payments tied to their iPhone app, you have a problem. Hackers are sniffing email passwords at Starbucks WiFi betting that you use the same password for your Starbucks account. They then log into the Starbucks account and "gift" themselves a new Starbucks gift card that they can use, but you foot the bill. Solution: break all payment methods to auto-refill your Starbucks card on your Starbucks account. Refill on a case-by-case basis until Starbucks unscrews this problem. Source article:

[The Starbucks logo was retrieved 21 May 2015 from]

Search the Blog

Login Form

Who's Online

We have 4 guests and no members online

Join Our Newsletter

Get Updates, Upcoming Themes Info, and Our Great Deals!
Provided by FeedBurner at Google.

Login Form