> > /dev/random -- a world readable device -- should do the following:
> >
> > cat /dev/random > /dev/null &
> >
> > Crypto software which uses those devices should be doing some kind of
> > checking to make sure that they are getting at least good entropy. I
On linux at least, the above is at most a denial of service attack, as
/dev/random does not deliver any data when it runs out of entropy (and
programs usually are prepared to wait for data on that devices for some
time).
On linux/x86, moving my mouse generates >400bytes/s random data (this is
currently specific to x86), and if two processes listen on /dev/random,
both get about half the random data, so it seems that there isn't even a
denial of service attack here.
--
-----==- |
----==-- _ |
---==---(_)__ __ ____ __ Marc Lehmann +--
--==---/ / _ \/ // /\ \/ / [EMAIL PROTECTED] |e|
-=====/_/_//_/\_,_/ /_/\_\ XX11-RIPE --+
The choice of a GNU generation |
|
