lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sat, 8 Dec 2007 13:05:57 -0500
From:	Theodore Tso <>
To:	Matt Mackall <>
Cc:	Jon Masters <>,
	Mike McGrath <>,
	Alan Cox <>,
	Ray Lee <>, Adrian Bunk <>,
	Marc Haber <>,
Subject: Re: Why does reading from /dev/urandom deplete entropy so much?

On Sat, Dec 08, 2007 at 11:43:43AM -0600, Matt Mackall wrote:
> > Huh?  What's the concern?  All you are submitting is a list of
> > hardware devices in your system.  That's hardly anything sensitive....
> Using MAC addresses -does- de-anonymize things though and presumably
> anonymous collection is a stated goal.

True, but for many machines, the MAC address is enough for someone
knowledgeable to (at least) determine what the manufacturer of your
machine is, and in many cases, the model number of your laptop (since
MAC addresses are assigned sequentially) and thus people can have a
very good idea of the contents of your PCI tree ---- if for some
reason anyone would even care, of course!

					- Ted
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists