This is all FUD. The parameters in the code EK wants you to use are like saying "pick an integer between 2 and 4 and I'll guess it in one guess" Vs saying "pick an integer between one and a trillion and I'll guess it in 1 guess."
Just like with the android PRNG bug, if you limit the search space you can easily search it. It is self evident. There is a good thread in the tech and dev section which details why it isn't an issue unless you use bad (or limited) code to generate keys.
Just like with the android PRNG bug, if you limit the search space you can easily search it. It is self evident. There is a good thread in the tech and dev section which details why it isn't an issue unless you use bad (or limited) code to generate keys.
Exactly.
For those who don't quite grasp the technology: This "vulnerability" has been and will always be there. Address collision is just very very very very unlikely unless the random number generation of the code is predictable (or you create your own private key from some phrase/input without using some form of salt to modify it).
If you are really paranoid just split your holdings into many wallets that were created with code that provides good random numbers.
In the unlikely event that you are one of the most unlucky beings in the universe and suffer from a collision at least you only lose a fraction.
A 1 second google search threw up this QA : http://bitcoin.stackexchange.com/questions/22/is-it-possible-to-brute-force-bitcoin-address-creation-in-order-to-steal-money
.