| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5229C5D4.5070600@redhat.com> Date: Fri, 06 Sep 2013 08:08:52 -0400 From: Prarit Bhargava <prarit@...hat.com> To: "Theodore Ts'o" <tytso@....edu>, linux-kernel@...r.kernel.org Subject: Re: [PATCH] random, Add user configurable get_bytes_random() On 09/05/2013 03:49 PM, Theodore Ts'o wrote: > BTW, note the following article, published today: > > http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all > > "By this year, the Sigint Enabling Project had found ways inside some > of the encryption chips that scramble information for businesses and > governments, either by working with chipmakers to insert back doors...." > > Relying solely and blindly on a magic hardware random number generator > which is sealed inside a CPU chip and which is impossible to audit is > a ***BAD*** idea. Your argument seems to surround the idea that putting stuff on the internet is safe. It isn't. If you've believed that then you've had your head in the sand and I've got a lot of land in Florida to sell you. Either way ... it's obvious you're not willing to take this patch and I respect that decision. Thanks, P. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists