From owner-freebsd-questions@FreeBSD.ORG  Tue Mar  1 08:03:10 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0E42516A4CE
	for <freebsd-questions@freebsd.org>;
	Tue,  1 Mar 2005 08:03:10 +0000 (GMT)
Received: from mail.freebsd-corp-net-guide.com
	(mail.freebsd-corp-net-guide.com [65.75.192.90])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7CF8743D64
	for <freebsd-questions@freebsd.org>;
	Tue,  1 Mar 2005 08:03:09 +0000 (GMT)
	(envelope-from tedm@toybox.placo.com)
Received: from tedwin2k (nat-rtr.freebsd-corp-net-guide.com [65.75.197.130])
	j2182sb20198;	Tue, 1 Mar 2005 00:02:54 -0800 (PST)
	(envelope-from tedm@toybox.placo.com)
From: "Ted Mittelstaedt" <tedm@toybox.placo.com>
To: "Kris Kennaway" <kris@obsecurity.org>
Date: Tue, 1 Mar 2005 00:02:51 -0800
Message-ID: <LOBBIFDAGNMAMLGJJCKNAEJGFAAA.tedm@toybox.placo.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0)
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1478
In-Reply-To: <20050228200706.GA70059@xor.obsecurity.org>
Importance: Normal
cc: Rob <spamrefuse@yahoo.com>
cc: FreeBSD questions <freebsd-questions@freebsd.org>
Subject: RE: /dev/io , /dev/mem : only used by Xorg?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Mar 2005 08:03:10 -0000

owner-freebsd-questions@freebsd.org wrote:
> On Mon, Feb 28, 2005 at 04:11:24AM -0800, Ted Mittelstaedt wrote:
>
>> Actually, recompiling openssl to use a prng daemon instead of the
>> random device will probably improve your ssh security - unless they
>> have greatly improved the entropy generation in the random device in
>> 5.X
>
> Yes.  It seems that you really need to learn about FreeBSD 5.x and
> how it differs from 4.x.
>

Do I hear an echo here?  Did you miss the part where I said "UNLESS
they have greatly improved..."

The description of the "all new" randomizer in FreeBSD 5.X is all very
well but I have not got around to run a test suite against it.  So
until such time as I do, I am not going to assume that it really is
better.  There's a big gap between implementation and architecture.

As I only care to make my stuff crackable by 500 clustered supercomputers
working for 1 year, instead of 2000 supercomputers working for 100 years,
I really and truly have had better things to do than test the new
randomizer.  I presume that you are in the same boat Ken, as you have
not admitted to testing it either.  If this is the case, perhaps the
wise thing to do would be to actually test it, rather than just taking
the word of the manpage in 5.x that it is better?  Eh?

Ted