Date: Thu, 06 Sep 2012 16:40:48 -0700 From: Doug Barton <dougb@FreeBSD.org> To: Arthur Mesh <arthurmesh@gmail.com> Cc: freebsd-rc@freebsd.org, freebsd-security@freebsd.org, RW <rwmaillists@googlemail.com> Subject: Re: svn commit: r239569 - head/etc/rc.d Message-ID: <50493480.8060307@FreeBSD.org> In-Reply-To: <20120906224703.GD89120@x96.org> References: <5043DBAF.40506@FreeBSD.org> <20120903171538.GM1464@x96.org> <50450F2A.10708@FreeBSD.org> <20120903203505.GN1464@x96.org> <50451D6E.30401@FreeBSD.org> <20120903214638.GO1464@x96.org> <50453686.9090100@FreeBSD.org> <20120904220754.GA3643@server.rulingia.com> <20120906174247.GB13179@dragon.NUXI.org> <20120906230157.5307a21f@gumby.homeunix.com> <20120906224703.GD89120@x96.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/6/2012 3:47 PM, Arthur Mesh wrote:
> On Thu, Sep 06, 2012 at 11:01:57PM +0100, RW wrote:
>> Reusing a secure entropy file is only a problem if the complete history
>> of yarrow, from boot until some significant output, is exactly the same
>> as on a previous boot.
>
> Not sure I agree. It's not the only problem. It's the worst problem;
> in the situation you describe, you'll end up with identical output from
> /dev/random.
Arthur, I've asked you repeatedly to demonstrate the truth of this
claim. You and David are speaking completely theoretically about a
possible attack vector. I (and others) have repeatedly provided hard
facts that demonstrate that what you're concerned about cannot happen,
and yet you repeatedly claim it can.
It is way past time that you either demonstrate that your claim has
merit, or stop making it.
Doug
--
I am only one, but I am one. I cannot do everything, but I can do
something. And I will not let what I cannot do interfere with what
I can do.
-- Edward Everett Hale, (1822 - 1909)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50493480.8060307>