| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 24 Dec 2010 17:08:19 -0800
From: Dan Kaminsky <dan@...para.com>
To: BMF <badmotherfsckr@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: how i stopped worrying and loved the backdoor
On Fri, Dec 24, 2010 at 4:37 PM, BMF <badmotherfsckr@...il.com> wrote:
> On Fri, Dec 24, 2010 at 4:27 PM, coderman <coderman@...il.com> wrote:
> > how many of you have a competent userspace entropy
> > daemon funneling hardware sources into host pool?
>
> It would be nice if there were inexpensive hardware sources available
> and a means to distribute the entropy among hosts in one's own trusted
> infrastructure. I have a mail server, a name server, an ntp server
> (usually several), among various other sorts of pieces of
> infrastructure which serve hundreds or even thousands of servers. Why
> not an entropy server? It would be nice if I could setup an entropy
> generating black box somewhere and attach it via USB to my entropy
> server host then install a package with a config file on all of my
> machines pointing to the entropy host. But so far I know of no such
> thing. Do you?
>
>
Don't we have hardware RNG in most motherboard chipsets nowadays?
(Not that you should exclusively trust it, but the nature of RNG's is that
it's easy to mix in sources.)
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists