Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 2 Nov 2014 13:29:37 +0000
From:      Mark R V Murray <mark@grondar.org>
To:        Ian Lepore <ian@FreeBSD.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r273958 - head/sys/dev/random
Message-ID:  <6FB65828-6A79-4BDE-A9F7-BC472BA538CE@grondar.org>
In-Reply-To: <1414934579.17308.248.camel@revolution.hippie.lan>
References:  <201411020201.sA221unt091493@svn.freebsd.org> <720EB74E-094A-43F3-8B1C-47BC7F6FECC3@grondar.org> <1414934579.17308.248.camel@revolution.hippie.lan>
index | next in thread | previous in thread | raw e-mail 


> On 2 Nov 2014, at 13:22, Ian Lepore <ian@FreeBSD.org> wrote:
> 
> On Sun, 2014-11-02 at 09:45 +0000, Mark R V Murray wrote:
>> Hi DES,
>> 
>> I´m scared witless of this being on-by-default, for the reason given in the removed comment. I´d much prefer to see it only turned on if a kernel option is set, and the embedded folks /et al/ can use that.
>> 
>> Please reinstate the #ifdef RANDOM_AUTOSEED, and set a kernel option to turn it on. Please also leave the comment; summarily turning on an unprepared generator is not going to be obvious to anyone but an attacker.
>> 
>> Moving the point of the auto-firstseed to where is good, thanks.
>> 
>> M
>> 
> 
> To give you some idea of how usable this new stuff is on a system that
> isn't an x86 server or someone's desktop or laptop... after commenting
> out the postrandom so that a board would at least boot (but before DES'
> resend change), I left a board sitting idle at the login prompt.  It was
> somewhere between 40 minutes and an hour before I saw this:
> 
> FreeBSD/arm (rpi) (ttyu0)
> 
> login: random: reseed - fast - thresh 96,1 -  0 48 0 0 0 130 0 0 620 0 0 0 0 0 0 0 0 0 0 0
> random: reseed - slow - thresh 128,2 -  0 44 0 0 0 130 0 0 619 0 0 0 0 0 0 0 0 0 0 0
> random: unblocking device.

Thanks for doing this, Ian. This is good information, and tells me a lot
about Yarrow on some systems.

> Securing a system against some theoretical attack has value only to the
> point where the system is no longer usable at all.  At that point you
> kind of have to declare the attacker the winner, and he didn't even have
> to actually launch an attack.

Point conceded. :-)

M
-- 
Mark R V Murray
help

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6FB65828-6A79-4BDE-A9F7-BC472BA538CE>