At Wed, 26 Jan 2022 16:47:15 +1300, Lloyd Parkes <lloyd%must-have-coffee.gen.nz@localhost> wrote: Subject: Re: the entropy bug, and device timeouts (was: Note: two files changed and hashes/signatures updated for NetBSD 8.1) > > The change was more subtle than that I > think. Untrusted hardware was used as an > entropy source, but it didn't count > towards the "enough" that was needed to > bootstrap the rnd system from nothing. No, not quite -- there was a whole bunch of code removed that is needed to actually make the hardware events "count" if and when you configure them to do so. > On 7 May 2020 a change was committed to > /etc/rc.d/random_seed so that a seed file > is created at boot time if you don't > already have one. I haven't checked > because I really can't be bothered right > now, but I'm pretty sure that's all that's > required. Well, if you have a hardware RNG, or my patches, then that'll do something, but otherwise it's just useless noise and misdirection. -- Greg A. Woods <gwoods%acm.org@localhost> Kelowna, BC +1 250 762-7675 RoboHack <woods%robohack.ca@localhost> Planix, Inc. <woods%planix.com@localhost> Avoncote Farms <woods%avoncote.ca@localhost>
Attachment:
pgpwuDG6D7Im0.pgp
Description: OpenPGP Digital Signature