From owner-freebsd-arch@FreeBSD.ORG Fri Nov 21 19:41:33 2014 Return-Path: Delivered-To: arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E25B1FFF; Fri, 21 Nov 2014 19:41:32 +0000 (UTC) Received: from mho-02-ewr.mailhop.org (mho-02-ewr.mailhop.org [204.13.248.72]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B0EB6FDE; Fri, 21 Nov 2014 19:41:32 +0000 (UTC) Received: from [73.34.117.227] (helo=ilsoft.org) by mho-02-ewr.mailhop.org with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1Xru5D-0009Pz-CZ; Fri, 21 Nov 2014 19:41:31 +0000 Received: from [172.22.42.240] (revolution.hippie.lan [172.22.42.240]) by ilsoft.org (8.14.9/8.14.9) with ESMTP id sALJfTOj004218; Fri, 21 Nov 2014 12:41:29 -0700 (MST) (envelope-from ian@FreeBSD.org) X-Mail-Handler: Dyn Standard SMTP by Dyn X-Originating-IP: 73.34.117.227 X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/sendlabs/outbound_abuse.html for abuse reporting information) X-MHO-User: U2FsdGVkX1+q7f5GjiilTO3VUth3K+8M X-Authentication-Warning: paranoia.hippie.lan: Host revolution.hippie.lan [172.22.42.240] claimed to be [172.22.42.240] Subject: Re: svn commit: r274739 - head/sys/mips/conf From: Ian Lepore To: Mark R V Murray In-Reply-To: References: <201411200552.sAK5qnXP063073@svn.freebsd.org> <20141120084832.GE24601@funkthat.com> <20141121092245.GI99957@funkthat.com> <1416582989.1147.250.camel@revolution.hippie.lan> <026FEB8A-CA8C-472F-A8E4-DA3D0AC44B34@grondar.org> <1416596266.1147.290.camel@revolution.hippie.lan> Content-Type: text/plain; charset="iso-8859-13" Date: Fri, 21 Nov 2014 12:41:29 -0700 Message-ID: <1416598889.1147.297.camel@revolution.hippie.lan> Mime-Version: 1.0 X-Mailer: Evolution 2.32.1 FreeBSD GNOME Team Port Content-Transfer-Encoding: quoted-printable X-MIME-Autoconverted: from 8bit to quoted-printable by ilsoft.org id sALJfTOj004218 Cc: arch@freebsd.org, John-Mark Gurney , Adrian Chadd X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Nov 2014 19:41:33 -0000 On Fri, 2014-11-21 at 19:37 +0000, Mark R V Murray wrote: > > On 21 Nov 2014, at 18:57, Ian Lepore wrote: > >=20 > > All I've ever asked for, since day one of discussing this topic, is a > > knob to prevent /dev/random from blocking, ever. A way in which an > > administrativive policy decision can be made about what consitutes "g= ood > > enough" entropy (and by extension, security). The knob could be of t= he > > nature that it's hard to turn on accidentally -- it's a dangerous thi= ng > > and like an industrial stamping press maybe you have to hold down two > > buttons far apart from each other to make it go. >=20 > I=FFm suspicious of motive here. You are planning on ignoring lousy > entropy coming out of /dev/random; you seem to need a way of breaking > to do so. (I can=FFt think of a better word than =B4ignoring=A1; what I= mean > is that you don=FFt seem to care how bad the output is.) >=20 > If you don=FFt care about the contents of /dev/random, why not simply > ignore it? Choosing to use tools that require good-quality /dev/random > output means you should choose other tools, not break /dev/random! >=20 > > As far as I know we have that now, but it sounds like not forever. I= 'm > > just arguing in favor of providing the tools, making it reasonably ha= rd > > to accidentally cut yourself on them, but ultimately leaving the poli= cy > > decisions of how to use them to the people who own and run the system= s. > > I kind of thought that was the unix way. >=20 > The Snowden revelations have made folks considerably more paranoid. >=20 > Providing tools that bad guys could potentially use where the good guys > have alternatives is not a way that security-minded folks are keen to > go. >=20 > You have the right to ignore /dev/random. Asking for a back door to > break it is a bigger deal. Bad guys like these back doors. >=20 > M The arrogance in the way you talk down to me about my right and ability to decide these things is mind-boggling. It's clear you're going to do whatever you want, so I guess I'll just shut up. -- Ian