Flutter's PRNG Pitfalls: Misusing Insecure Random Number Generators in Secure Contexts
[Technical Overview] The recent discussion surrounding Dart/Flutter’s pseudo-random number generator (PRNG) highlights a critical misunderstanding of cryptographic security in software development. While using a 32-bit seed for a PRNG is commonplace, the core issue wasn’t the PRNG itself, but rather the widespread misuse of an insecure PRNG for applications demanding cryptographic security. This oversight led to vulnerabilities in various projects that relied on the default Random class for tasks requiring strong randomness....