Re: use of RDRAND in $random_library

To: debian-devel@lists.debian.org
Subject: Re: use of RDRAND in $random_library
From: Matthias Urlichs <matthias@urlichs.de>
Date: Thu, 12 Jun 2014 08:36:16 +0200
Message-id: <[🔎] 20140612063615.GA7784@smurf.noris.de>
In-reply-to: <[🔎] 20140611232220.GA19363@virgil.dodds.net>
References: <[🔎] 20140611165859.GA15063@kitenet.net> <[🔎] 20140611224541.GA12701@jtriplet-mobl1> <[🔎] 20140611232220.GA19363@virgil.dodds.net>

Hi,

Steve Langasek:
> Debian should do the right thing, regardless of what upstreams may believe.
> 
I don't trust the hardware random generator. At all. Given what's been
revealed about the NSA so far, being extra paranoid about anything we
cannot verify to be secure is the right thing to do.

That being said, sometimes you just need the binary equivalent of an
uncompressible Lorem Ipsum text (dd if=/dev/urandom), but IMHO the kernel
could (and should) provide a device for that.

-- 
-- Matthias Urlichs

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: use of RDRAND in $random_library
  - From: Jeroen Dekkers <jeroen@dekkers.ch>

References:
- use of RDRAND in $random_library
  - From: Joey Hess <joeyh@debian.org>
- Re: use of RDRAND in $random_library
  - From: Josh Triplett <josh@joshtriplett.org>
- Re: use of RDRAND in $random_library
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: use of RDRAND in $random_library
Next by Date: Re: holes in secure apt
Previous by thread: Re: use of RDRAND in $random_library
Next by thread: Re: use of RDRAND in $random_library
Index(es):
- Date
- Thread