From owner-freebsd-security  Fri Jun 13 10:48:14 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id KAA09632
          for security-outgoing; Fri, 13 Jun 1997 10:48:14 -0700 (PDT)
Received: from sendero-ppp.i-connect.net (sendero-ppp.i-Connect.Net [206.190.143.100])
          by hub.freebsd.org (8.8.5/8.8.5) with SMTP id KAA09613
          for <security@FreeBSD.ORG>; Fri, 13 Jun 1997 10:48:03 -0700 (PDT)
Received: (qmail 17400 invoked by uid 1000); 13 Jun 1997 17:47:32 -0000
Message-ID: <XFMail.970613104732.Shimon@i-Connect.Net>
X-Mailer: XFMail 1.2-alpha [p0] on FreeBSD
Content-Type: text/plain; charset=iso-8859-8
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
In-Reply-To: <199706062115.RAA12756@khavrinen.lcs.mit.edu>
Date: Fri, 13 Jun 1997 10:47:32 -0700 (PDT)
Organization: Atlas Telecom
From: Simon Shapiro <Shimon@i-Connect.Net>
To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Subject: Re: sequence predictability (fwd)
Cc: security@FreeBSD.ORG
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


Hi Garrett Wollman;  On 06-Jun-97 you wrote: 
> <<On Fri, 06 Jun 1997 12:09:35 -0700 (PDT), Simon Shapiro
> <Shimon@i-Connect.Net> said:
> 
> > Good Idea.  /dev/rand, setup properly produces very good results.
> 
> It's also far too slow.
> 
> If I had a working kernel debugger at the moment (it's sick from
> version skew at the moment) or BPF (it's in use by something else) I
> could document precisely how the ISS changes.  In the current design,
> it is incremented by a random amount which averages to approximately
> the old rate.

OK, Bad Idea, then :-)

I think the true solution is elsewhere but will not voice my (politically
incorrect) idea in public.

Simon