Not using cryptographically safe random key is very stupid, even though it is only an example. It should be very trivial to fix this example.

I think in python the right way is to use the os.urandom() function.