ErLounge 10-MAR-2016: Use rand module (on Erlang/OTP and Elixir)

Transcript

1. We Interrupt Your Regularly Scheduled Programming to Bring You
   A Public Service Announcement
   1 — Kenji Rikitake / ErLounge 10-MAR-2016
   

   View Slide

2. Use rand module
   now1
   1 Unless you stick to the older Erlang/OTP or Elixir versions before Erlang/OTP 18.x
   2 — Kenji Rikitake / ErLounge 10-MAR-2016
   

   View Slide

3. The random module is
   obsolete
   and will be compromised by a brute-force attack in 9 hours!2
   2 https://github.com/jj1bdx/as183-c
   3 — Kenji Rikitake / ErLounge 10-MAR-2016
   

   View Slide

4. Still many examples use
   random:uniform/1
   This is not good
   4 — Kenji Rikitake / ErLounge 10-MAR-2016
   

   View Slide

5. Stop using
   random module
   now3
   3 Unless you stick to the older Erlang/OTP or Elixir versions before Erlang/OTP 18.x
   5 — Kenji Rikitake / ErLounge 10-MAR-2016
   

   View Slide

6. Use rand:uniform/1
   or :rand.uniform()
   6 — Kenji Rikitake / ErLounge 10-MAR-2016
   

   View Slide

7. Alternatives
   → exsplus116, equivalent to rand module's default
   algorithm, for 17.x or older versions of Erlang/OTP
   → sfmt-erlang (hex.pm: sfmt)
   → tinymt-erlang (hex.pm: tinymt)
   7 — Kenji Rikitake / ErLounge 10-MAR-2016
   

   View Slide

8. I repeat:
   use rand module
   right now4!
   4 Unless you stick to the older Erlang/OTP or Elixir versions before Erlang/OTP 18.x
   8 — Kenji Rikitake / ErLounge 10-MAR-2016
   

   View Slide

9. random module will be
   deprecated in OTP 19
   removed from OTP 20
   (Officially announced by Kenneth Lundin on Erlang
   Factory SF Bay 2016 Day 1)
   9 — Kenji Rikitake / ErLounge 10-MAR-2016
   

   View Slide

10. Thank you
    10 — Kenji Rikitake / ErLounge 10-MAR-2016
    

    View Slide