Re: CVS commit: syssrc/sys/dev/ic

To: perry%wasabisystems.com@localhost
Subject: Re: CVS commit: syssrc/sys/dev/ic
From: John Darrow <John.P.Darrow%wheaton.edu@localhost>
Date: Thu, 8 Nov 2001 00:30:59 -0600 (CST)

Perry E. Metzger <perry%wasabisystems.com@localhost> wrote:

>Ben Harris <bjh21%netbsd.org@localhost> writes:

>> Log Message:
>> Add support for feeding entropy to rnd(4).

>Isn't this an ethernet controller? It is VERY VERY dangerous to get
>entropy from network devices.

Has a "poisoning the entropy pool via the network" attack ever been
demonstrated in a non-degenerate case (i.e. a system running more
processes than simply the one being attacked, on a network with more
traffic than just the attacker)?

(And, yes, it does seem, as mentioned in another reply, that there
might be machines where the _only_ available source of entropy is the
network, e.g. diskless headless machines.)

We're only providing rope here, and it isn't turned on by default,
either.

jdarrow

-- 
John Darrow - Senior Technical Specialist               Office: 630/752-5201
Computing Services, Wheaton College, Wheaton, IL 60187  Fax:    630/752-5968
Pager via email: 6303160707%alphapage.airtouch.com@localhost      Pager:  
630/316-0707
Email: John.P.Darrow%wheaton.edu@localhost (plain text please, no HTML or 
proprietary)

Follow-Ups:
- Re: CVS commit: syssrc/sys/dev/ic
  - From: Perry E. Metzger

References:
- Re: CVS commit: syssrc/sys/dev/ic
  - From: Perry E. Metzger

Prev by Date: CVS commit: basesrc/etc/etc.hp300
Next by Date: CVS commit: syssrc/sys/arch/hp300/include
Previous by Thread: Re: CVS commit: syssrc/sys/dev/ic
Next by Thread: Re: CVS commit: syssrc/sys/dev/ic
Indexes:

Home | Main Index | Thread Index | Old Index