[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: possible /dev/random compromise (misplaced trust in RDRAND / Padlock entropy sources)

On Sat, 14 Dec 2013, Steven Chamberlain wrote:
> On 14/12/13 01:08, Henrique de Moraes Holschuh wrote:
> > Yeah, I think Linux went through similar blindness braindamage sometime ago,
> > but blind trust on rdrand has been fixed for a long time now, and it never
> > trusted any of the other HRNGs (or used them for anything at all without a
> > trip through "rng-tools" userspace until v3.12).
> 
> I seem to remember that Ted T'so's committed the fix for this only after
> the release of Linux 3.2, so I assuemd wheezy's kernels might be still
> affected?

I'd need to check it througoutly, but almost all important /dev/random
changes in Linux were backported to all stable kernels, and thus eventually
migrated into the Debian kernel (which is based on 3.2.y-stable plus lots of
other backports).

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh
Reply to: