Subject: *why* /dev/rnd?
To: None <current-users@NetBSD.ORG>
From: John F. Woods <jfw@jfwhome.funhouse.com>
List: current-users
Date: 10/13/1997 10:24:37
> > It also seemed to mount my disks strangely (sd2 was mounted as an
> > "entropy source").

That means your disk contains too much random information.  You should
decrease the entropy of your disk by writing zeroes to all of your files.

> I can't help with the getty part, but the "entropy source" stuff is part
> of the new /dev/rnd device - random noise^H^H^H^H^Hnumber source.

What, exactly, is the *reason* for the new /dev/rnd device?  Granted,
I actually HAVE an immediate application for it (I had been planning
to have ftpd make up random values to substitute for files like
/etc/passwd, /bin/ls, and other files that people think are a good
idea to take from anonymous ftp servers, and this means I don't have
to add a random number generator to ftpd[*]), but it seems like there are
substantially more useful things that could have been integrated
instead...

I also note that, although the code makes grand promises about not
releasing any information about its entropy sources, the fact that it
can block waiting for more entropy gives out low-quality information
about how active the system is...  (Not, of course, that there aren't
already hundreds of ways this information is already leaked.)


[*] The password files under the anon-ftp directory are dummies, of course,
but (a) they do reveal a few user IDs, and (b) I just want to make life a
little more difficult for password fishers...