dgatwood
is out. Leave a message.
ModNote: Per request of TyphoidHippo, I moved some posts from another thread to a new thread so they could continue their discussion on computer generated random numbers....
Your professor was right. The randomness generated by rand(3) is absolute garbage. The random results returned by rand(3) are simply not good enough for any real use. It's not that they aren't cryptographically random, but that they're so far from cryptographically random that if you're modding the value by more than about 10, the difference in probability of each possible value will be immediately obvious after just a handful of calls. It's that bad.
I used to use rand(3) for choosing a random photo out of a few thousand a few years ago, and it was instantly obvious that there were about two or three dozen photos that showed up better than 90% of the time, and that the other photos essentially never appeared at all. I swapped in a more legitimate random number generator (a call into OpenSSL, IIRC), and suddenly I almost never saw the same photo twice within a few minutes (as you would expect out of a pool of several thousand). The difference in randomness is absolutely staggering.
Heck, the man page for rand(3) in Mac OS X starts with the words "These interfaces are obsoleted by random(3)." If someone came to me with a tool that tried to be random and I saw it calling rand(), unless the tool was written before random(3) was standardized (about ten years ago), I would immediately conclude that the author was a newb. It's just way too easy to get much better random numbers.
It's not elitism to call a turd a turd.
Post-secondary instructors crack me up. They need more shit to do. Or maybe they need to be required to actually work in the field a few months out of the year... or something. I once had a programming teacher who wouldn't let us use C's rand() function because "it wasn't random enough". Well.. guess what - commercial programming houses all use rand(), and commercial studios all use digital recording technology.
Your professor was right. The randomness generated by rand(3) is absolute garbage. The random results returned by rand(3) are simply not good enough for any real use. It's not that they aren't cryptographically random, but that they're so far from cryptographically random that if you're modding the value by more than about 10, the difference in probability of each possible value will be immediately obvious after just a handful of calls. It's that bad.
I used to use rand(3) for choosing a random photo out of a few thousand a few years ago, and it was instantly obvious that there were about two or three dozen photos that showed up better than 90% of the time, and that the other photos essentially never appeared at all. I swapped in a more legitimate random number generator (a call into OpenSSL, IIRC), and suddenly I almost never saw the same photo twice within a few minutes (as you would expect out of a pool of several thousand). The difference in randomness is absolutely staggering.
Heck, the man page for rand(3) in Mac OS X starts with the words "These interfaces are obsoleted by random(3)." If someone came to me with a tool that tried to be random and I saw it calling rand(), unless the tool was written before random(3) was standardized (about ten years ago), I would immediately conclude that the author was a newb. It's just way too easy to get much better random numbers.
It's not elitism to call a turd a turd.
Last edited by a moderator: