On Thu, Jan 03, 2013, Oleg Goldshmidt wrote about "Re: SSD drives": > 2) I would not only be worried about an NSA backdoor in Intel CPUs, > but also about the degree of randomness of their generator. If it is > flawed (and it is notoriously difficult to do a really good PRNG - I > assume it is a PRNG, otherwise Ted would not be worried about NSA > backdoor)
The whole point of the hardware random number generator is that it is *not* a PRNG, but rather some special hardware which supposedly uses sources of randomness (e.g., heat) not normally available for software. Doing a normal PRNG in hardware instead of software would be kind of pointless - what could it possibly gain you - improved performance of the PRNG? Hardly nobody cares about that. Anyway, what Ted Tso was "worried" about was that theoretically, the output of the random number generator *might* be a PRNG returning a sequence known to the NSA (or Intel), and there is no way to verify that this is not the case. In any case, I think what a normal user should do is to use /dev/urandom - and that should (but I don't know if it does) use both the hardware and software sources of randomness, as available. -- Nadav Har'El | Thursday, Jan 3 2013, 21 Tevet 5773 n...@math.technion.ac.il |----------------------------------------- Phone +972-523-790466, ICQ 13349191 |God gave us two eyes and ten fingers so http://nadav.harel.org.il |we will type five times as much as we read _______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il