tech-userlevel archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Waiting for Randot (or: nia and maya were right and I was wrong)
> Date: Thu, 14 Jan 2021 10:15:41 +0000
> From: nia <nia%NetBSD.org@localhost>
>
> I still think my idea to record a second of noise from /dev/audio on
> machines that totally lack other strong sources is a good one. We did
> already put together the code and test it on a range of hardware and
> VMs.
I agree -- I think sysinst should take advantage of that if it can be
done unobtrusively, even better if it can be done reliably without
saying anything to the user.
> Overall though I'm reasonably happy with this compromise, although
> it would still make me sleep safer at night if we very conservatively
> added a bit from environmental sensors ever so often - perhaps based
> on a advance measurements from a range of hardware rather than
> runtime calculations.
We do incorporate the data; we just don't count it. So the only
effect that this change would have is to unblock things _earlier_ than
they would otherwise unblock -- i.e., this change could only make
things `less safe'. That said, if you have some reasonable analysis
for particular devices, I would be happy to consider it!
> The man page is very clearly written, aside from the parts that
> recommend tossing coins.
Thanks! I know tossing coins sounds silly. But as a fallback if you
have no other options, it really is 100% guaranteed to work, it's easy
for anyone to confidently understand, and as a bonus it avoids any
concerns with supply chain attacks on HWRNGs, &c. So that's why I
mention it -- buried near the bottom, as a last resort.
Home |
Main Index |
Thread Index |
Old Index