From owner-freebsd-questions@FreeBSD.ORG Mon Sep 17 09:19:20 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F37F416A46B for ; Mon, 17 Sep 2007 09:19:19 +0000 (UTC) (envelope-from tedm@toybox.placo.com) Received: from mail.freebsd-corp-net-guide.com (mail.freebsd-corp-net-guide.com [65.75.192.90]) by mx1.freebsd.org (Postfix) with ESMTP id B413113C478 for ; Mon, 17 Sep 2007 09:19:19 +0000 (UTC) (envelope-from tedm@toybox.placo.com) Received: from TEDSDESK (nat-rtr.freebsd-corp-net-guide.com [65.75.197.130]) by mail.freebsd-corp-net-guide.com (8.13.8/8.13.8) with SMTP id l8H9JFjo074959; Mon, 17 Sep 2007 02:19:18 -0700 (PDT) (envelope-from tedm@toybox.placo.com) From: "Ted Mittelstaedt" To: "RW" , Date: Mon, 17 Sep 2007 02:20:17 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1896 In-Reply-To: <20070916215550.65e09a71@gumby.homeunix.com.> Cc: Subject: RE: /dev/random question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Sep 2007 09:19:20 -0000 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of RW > Sent: Sunday, September 16, 2007 1:56 PM > To: freebsd-questions@freebsd.org > Subject: Re: /dev/random question > > > That's a poor analogy because they haven't improved /dev/random so it > doesn't block, they've taken a /dev/urandom implementation and renamed > it. In terms of your analogy they've blocked off the road, diverted > everyone onto the highway, and renamed it to main street. > > Using Yarrow for /dev/random is not an intrinsically bad idea, but it > is controversial. I really don't see what the issue is here. If you really want a /dev/urandom on your system then fine - symlink /dev/random to /dev/urandom and be done with it. Historically on UNIXes, /dev/urandom has been LESS random than /dev/random. In short, it forced the application developer to make a tradeoff - if they needed a lot of random numbers quickly, they had to be content with the stream of numbers being less random. Where you often saw this is in game programming - and less-random inputs to games made them predictable, and thus, not as fun to play. With crypto apps, they just made those apps run -slower- as the app waited for the random device to give it randomness. if you really want a source that is kind of random but really isn't then use the rand library call which doesen't use yarrow. And as for using Yarrow for /dev/random, well the /dev/random device uses the hardware random generator on the VIA C3 Nehemiah (stepping 3 or greater) CPU, not Yarrow, if such a CPU is present. For those that think Yarrow is controversal then fine - add in support for the hardware random generator of your favorite processor (most have one now) and quit complaining. Ted