Subject: Re: CVS commit: syssrc/sys/dev/ic
To: Perry E. Metzger <email@example.com>
From: Michael Graff <firstname.lastname@example.org>
Date: 11/08/2001 13:43:25
"Perry E. Metzger" <email@example.com> writes:
> Sharks, in particular, have audio inputs you can sample noise from --
> so do many such devices. If you really have nothing at all, you
> probably should think about adding something rather than relying on
> the network.
I find it strange that you don't trust networks, but you do trust
audio noise as a source.
I seem to remember some studies that claim audio noise (with and
without a microphone) as being a bad way to gather entropy.
> If the device is a low security item and you truly have no choice, I
> can see using the network for such things, but it is certainly not
> something we want to make particularly easy because that would not
> convey the right message about the security of such things in other
It's not the default. Please don't make it impossible, or even