Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: regarding the changes to kernel entropy gathering (Joerg Sonnenberger) writes:

>Part of the problem here is that most of the non-RNG data sources are
>easily observable either from the local system (e.g. any malicious user)
>or other VMs on the same machine (in case of a hypervisor) or local
>machines on the same network (in case of network interrupts). That's the
>real reason why their entropy is hard to estimate. It becomes even more
>annoying with modern hardware features like interrupt moderation of
>nics. They can make the timing of interrupts highly predicable.

Must be a thing of the past, as we always ignored that information
from NIC devices by default. No need to rip out the code that would
allow it.

Home | Main Index | Thread Index | Old Index