Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: regarding the changes to kernel entropy gathering



> All that changed is that we don't pretend it provides entropy.

Instead, you pretend it provides none.

Neither pretense is accurate (where the "pretend it provides entropy"
refers to providing any non-configurable fixed amount).  The real
problem here, as I see it, is that NetBSD qua NetBSD cannot tell where
between those two extremes any particular case falls.  Compounding this
is that most sysadmins are not competent to accurately describe where a
given install falls, even were NetBSD to provide a means to do so.
(Though I suspect that most who understand the issues could provide a
usefully high lower bound on the entry provided.  For example, I'd be
satisfied with one millibit per event - network packet or disk transfer
- and in my environment I am confident that is an understimate.)

> As I mentioned elsewhere, a lot of the classic entropy sources are
> surprisingly bad nowadays when someone can observe the kernel,
> especially in a virtualized environment.

Yes...but, as gwoods indirectly but correctly pointed out, that may not
matter: other VMs under the same hypervisor can be anywhere from "known
to be actively hostile" to "fully trusted", depending on the site.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B


Home | Main Index | Thread Index | Old Index