[Python-ideas] PEP 504: Using the system RNG by default

Wed Sep 16 14:43:23 CEST 2015

Tim Peters writes:

 > Fundamentally, I just don't see the sense in saying that someone
 > who does their own seeding deserves whatever they get, while
 > someone who uses an inappropriate generator in a security context
 > should be saved from themself.

Strawman, or imprecise quotation if you prefer.  Nobody said they
*deserve* it AFAICR; I said we can't stop them.  Strictly speaking,
yes, we could.  We could (and *I* think we *should*) make it much less
obvious how to do it by removing the seed method and the seed argument
to __init__.  The problem there is backward compatibility.  I don't
see that Guido would stand for it.  Dis here homeboy not a-gonna stick
mah neck out heeya, suh.

I suspect we might also want to provide helper functions to construct
a state from a seed as used by some other simulation package, such as
Python 3.4. ;-)  Name them and document them as for use in replicating
simulations done from those seeds.  Nice self-documenting names like
"construct_rng_internal_state_from_python_3_4_compatible_seed".  There
should be one for each version of Python, too (sssh! don't confuse the
users with abstractions like "identical implementation").

 > There's no real substitute for understanding what you're doing,
 > regardless of field.  Yes, incompetence can cause great damage.
 > But I'm not sure it does the world a real favor to possibly help a
 > programmer incompetent to do a task keep working in the field a
 > little longer.

"Think of it as evolution in action."  Yeah, I sympathize.  But
realistically, Darwinian selection will take geological time, no?
That is, in almost all cases where disaster strikes, the culprit has
long since moved on[1].  Whoever gets the sack is unlikely to be him
or her.  More likely it will be whoever has been telling the shop that
their product is an accident waiting to happen. :-(

The way I think about it, though, is a variation on a theme by Nick.
Specifically, the more attractive nuisances we can eliminate, the
fewer things the uninitiated need to learn.

Footnotes: 
[1]  That's especially true in Japan, where I live.  "Whodunnit" also
gets fuzzed up by the tendency to group work and group think, and a
value system that promotes "getting along with others" more than
expertise.  Child-proof caps are a GoodThang[tm]. ;-)