Re: possible /dev/random compromise (misplaced trust in RDRAND / Padlock entropy sources)
On 14/01/2014 22:25, Steven Chamberlain wrote:
> Thankfully wheezy's 9.0 and 8.3 kernels had not enabled
> either of those RNGs yet.
Are you sure? This is from 9.0:
void
random_ident_hardware(struct random_systat *systat)
{
/* Set default to software */
*systat = random_yarrow;
/* Then go looking for hardware */
#if defined(__i386__) && !defined(PC98)
if (via_feature_rng & VIA_HAS_RNG) {
*systat = random_nehemiah;
}
#endif
}
--
Robert Millan
Reply to: