On Apr 4, 23:09, Taylor R Campbell wrote:
}
} > Date: Sun, 04 Apr 2021 12:58:09 -0700
} > From: "Greg A. Woods" <[email protected]>
} > References: <[email protected]>
} > <[email protected]>
} >
} > At Sun, 4 Apr 2021 09:49:58 +0000, Taylor R Campbell <[email protected]>
wrote:
} > >
} > > Your change _creates_ the lie that every bit of data entered this way
} > > is drawn from a source with independent uniform distribution.
} >
} > No, my change _allows_ the administrator to decide which devices can be
} > used as estimating/counting entropy sources. For example I know that
} > many of the devices on almost all of my machines (virtual or otherwise)
} > are equally good sources of entropy for their uses.
}
} If you know this (and this is something I certainly can't confidently
} assert!), you can write 32 bytes to /dev/random, save a seed, and be
} done with it.
}
} But users who don't go messing around with obscure rndctl settings in
} rc.conf will be proverbially shot in the foot by this change -- except
} they won't notice because there is practically guaranteed to be no
} feedback whatsoever for a security disaster until their systems turn
} up in a paper published at Usenix like <https://factorable.net/>.
Or, get a repeat of the Debian weak SSH key debacle when they
screwed up their crypto. I don't expect NetBSD to withstand an
attack by a nation state actor, but I do expect it to stand up to
a wardialing script kiddie.
}-- End of excerpt from Taylor R Campbell
