| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20071208173204.GI17037@thunk.org> Date: Sat, 8 Dec 2007 12:32:04 -0500 From: Theodore Tso <tytso@....edu> To: Jon Masters <jonathan@...masters.org> Cc: Mike McGrath <mmcgrath@...hat.com>, Matt Mackall <mpm@...enic.com>, Alan Cox <alan@...rguk.ukuu.org.uk>, Ray Lee <ray@...rabbit.org>, Adrian Bunk <bunk@...nel.org>, Marc Haber <mh+linux-kernel@...schlus.de>, linux-kernel@...r.kernel.org Subject: Re: Why does reading from /dev/urandom deplete entropy so much? On Sat, Dec 08, 2007 at 02:37:57AM -0500, Jon Masters wrote: > > BTW, You may be better off using "uuidgen -t" to generate the UUID in > > the smolt RPM, since that will use 12 bits of randomness from > > /dev/random, plus the MAC, address and timestamp. So even if there is > > zero randomness in /dev/random, and the time is January 1, 1970, at > > least the MAC will contribute some uniqueness to the UUID. > > I haven't checked how uuidgen uses the MAC, but I would suggest that > that is not something Fedora should jump at doing - although it would > help ensure unique UUIDs, it also contributes to the tinfoil hat > responses that usually come up with things like smolt. Huh? What's the concern? All you are submitting is a list of hardware devices in your system. That's hardly anything sensitive.... - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists