[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: possible /dev/random compromise (misplaced trust in RDRAND / Padlock entropy sources)

On 15/12/13 22:10, Robert Millan wrote:
> Perhaps we should just disable Via chipset from sys/dev/random/probe.c.
> Would this be a terrible loss for a Technology Preview release?

>From reading upstream's Errata Note[0], they have more or less done this
and disabled the hardware providers of /dev/{,u}random in stable/8 and
stable/9 by default.

[0]: http://security.freebsd.org/advisories/FreeBSD-EN-14:01.random.asc

Only the new code in kfreebsd/10 will be able to use the output of those
RNGs safely, probably feeding them into Yarrow as a potential extra
source of 'some' usable additional entropy.

VIA RNGs were enabled in 9.1 kernels, Intel Bull Mountain in 9.2, and
both in 8.4.  Thankfully wheezy's 9.0 and 8.3 kernels had not enabled
either of those RNGs yet.  Only kernels in jessie/sid (and before that,
experimental) have been potentially affected.

Steven Chamberlain

Reply to: