Re: Waiting for Randot (or: nia and maya were right and I was wrong)

To: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
Subject: Re: Waiting for Randot (or: nia and maya were right and I was wrong)
From: RVP <rvp%SDF.ORG@localhost>
Date: Thu, 14 Jan 2021 21:43:44 +0000 (UTC)

On Thu, 14 Jan 2021, Manuel Bouyer wrote:

And what about systems that don't have a /dev/audio (or system that have
play-only /dev/audio) ?


Is this OK (or, it is hopelessly insecure)?:

1. Use environment (keyb. delay, mouse, ...) to seed the libc PRNG.

2. Use the PRNG values to pick out random bits from a truely random
   file.

The random file is generated anew each time an distrib. image is built.
If one needs 256 bits to seed /dev/random, then a 32K random file should
suffice.

The other alternative is the user mashing the keyboard and moving a mouse
for a few minutes.

-RVP

Follow-Ups:
- Re: Waiting for Randot (or: nia and maya were right and I was wrong)
  - From: nia

References:
- Waiting for Randot (or: nia and maya were right and I was wrong)
  - From: Taylor R Campbell
- Re: Waiting for Randot (or: nia and maya were right and I was wrong)
  - From: Martin Husemann
- Re: Waiting for Randot (or: nia and maya were right and I was wrong)
  - From: nia
- Re: Waiting for Randot (or: nia and maya were right and I was wrong)
  - From: Manuel Bouyer

Prev by Date: Re: inetd enhancements - config syntax
Next by Date: master.passwd(5) questions
Previous by Thread: Re: Waiting for Randot (or: nia and maya were right and I was wrong)
Next by Thread: Re: Waiting for Randot (or: nia and maya were right and I was wrong)
Indexes:

Home | Main Index | Thread Index | Old Index