Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: the entropy bug, and device timeouts (was: Note: two files changed and hashes/signatures updated for NetBSD 8.1)



At Wed, 26 Jan 2022 16:47:15 +1300, Lloyd Parkes <lloyd%must-have-coffee.gen.nz@localhost> wrote:
Subject: Re: the entropy bug, and device timeouts (was: Note: two files changed and hashes/signatures updated for NetBSD 8.1)
>
> The change was more subtle than that I
> think. Untrusted hardware was used as an
> entropy source, but it didn't count
> towards the "enough" that was needed to
> bootstrap the rnd system from nothing.

No, not quite -- there was a whole bunch of code removed that is needed
to actually make the hardware events "count" if and when you configure
them to do so.

> On 7 May 2020 a change was committed to
> /etc/rc.d/random_seed so that a seed file
> is created at boot time if you don't
> already have one. I haven't checked
> because I really can't be bothered right
> now, but I'm pretty sure that's all that's
> required.

Well, if you have a hardware RNG, or my patches, then that'll do
something, but otherwise it's just useless noise and misdirection.

--
					Greg A. Woods <gwoods%acm.org@localhost>

Kelowna, BC     +1 250 762-7675           RoboHack <woods%robohack.ca@localhost>
Planix, Inc. <woods%planix.com@localhost>     Avoncote Farms <woods%avoncote.ca@localhost>

Attachment: pgpwuDG6D7Im0.pgp
Description: OpenPGP Digital Signature



Home | Main Index | Thread Index | Old Index