13Jan2008 (UTC+ 8) On 1/13/08, fooler mail <[EMAIL PROTECTED]> wrote: [...] > i wont recommend badblocks with -t random parameter for scrubbing your > disk as it uses the C standard library random() function ... random() > function uses a non-linear additive feedback random generator as this > would easily for cryptanalyst to decrypt your data....
"Easy" is a relative term. I guess what you're trying to say is that the random bits used by badblocks is "repeatable" given that the srandom() seed is the current time of the machine (a 32-bit unsigned integer in many cases, I think) --which further stresses the term "psuedo" in PRNG. So that translates to having the cryptanalyst first try to accurately determine the exact system / hardware or NTP-based time when badblocks was run, before trying to predict the sequence of the PRNG'ed bits --and that's a lot of hard work! But after that, it's a walk in the park against the srandom'ed HDD. [...] > /dev/urandom is a non-blocking state... it will not block waiting for > other entropies to fill up the number of bits but instead uses its own > algorithm with some value in the entropy pool to produce > pseudo-randomness... but it will used that number of bits once it > fills up... I wonder if one can write to /dev/urandom while using /dev/zero as input? He he he!!! That would screw up a lot of things. I wish I can experiment write now (pun intended!) but it's a Sunday and I'm at home, using my wife's Windows XP (on a just-say-no-to-Vista laptop). Drexx Laggui -- CISA, CISSP, CFE Associate, CCSI, CSA http://www.laggui.com ( Singapore / Manila / California ) Computer forensics; Penetration testing; QMS & ISMS developers; K-Transfer PGP fingerprint = 6E62 A089 E3EA 1B93 BFB4 8363 FFEC 3976 FF31 8A4E _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
