On Jan 13, 2008 2:06 PM, Eduardo Tongson <[EMAIL PROTECTED]> wrote: > On Jan 13, 2008 11:23 AM, fooler mail <[EMAIL PROTECTED]> wrote: > > On Jan 13, 2008 12:00 AM, Drexx Laggui [personal] <[EMAIL PROTECTED]> wrote: > > > 12Jan2008 (UTC +8) > > > > > > I guess that with regular PCs, "badblocks -c 512 -s -w -t random" will > > > be good enough and a bit more useful. With with higher-risk computers > > > however, I'd recommend the use of "dd if=/dev/urandom". For the truly > > > secure machines that have the luxury of more preparation time, "dd > > > if=/dev/random" is the way to go. > > > > i wont recommend badblocks with -t random parameter for scrubbing your > > disk as it uses the C standard library random() function ... random() > > function uses a non-linear additive feedback random generator as this > > would easily for cryptanalyst to decrypt your data.... > > > > ... > > In the RNG front: > random(), srandom(), rand(), srand() are weak random number > generators. A better random generator is arc4random(). If I am not > mistaken there are patches for Glibc to incorporate arc4random(). >
that is correct that they are weak...here is the formula of GLIBC's PRNG... r[0] = seed r[i] = (16807 * r[i - 1]) mod 2147483647 where i = 1 to 30 for cryptanalyst or mathematicians (or even an average person with a math know how) can easily get your sequence random number... for decryption, even a typical desktop computer can decrypt it in a short period of time as you can start from seed 0 to to 2^31 -1 (2147483647) for brute force decryption.. fooler. _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
