tech-security archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: OpenSSH/OpenSSL patches to stop excessive entropy consumption
On Sat, Mar 03, 2012 at 11:57:39PM -0500, Thor Lancelot Simon wrote:
>
> Using less entropy while providing better security cannot possibly be
> a bad thing, no matter what platform you're on.
To be clear, when I say "better security" I refer specifically to
the OpenBSD-specific hack in OpenSSL that keys the OpenSSL RNG with
nothing but arc4random() output. Other platforms do not have this
issue.
Thor
Home |
Main Index |
Thread Index |
Old Index