From owner-freebsd-stable@FreeBSD.ORG Wed Jan 15 19:25:37 2014 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A300BAAB for ; Wed, 15 Jan 2014 19:25:37 +0000 (UTC) Received: from mail-wg0-x236.google.com (mail-wg0-x236.google.com [IPv6:2a00:1450:400c:c00::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3B0601D66 for ; Wed, 15 Jan 2014 19:25:36 +0000 (UTC) Received: by mail-wg0-f54.google.com with SMTP id x13so2188923wgg.33 for ; Wed, 15 Jan 2014 11:25:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=GDrNMBSTQmkl0Gx6aXt+//wCR/rTTWDTIx90DVjxfbg=; b=gyNJSk+g6IpURl3Y0nhBRQxsfTi2surT4jB23R8V4DbB+fJzo7scxFhCVxEq/XTfD4 MXqqVlr4UlTBXQg4dh6yukqtaDDCRMk5wPLkANXtsMPJcLdpgtAHyOroYUJ5PB8kbNC2 Mvf2/T3qnNthAo2AzjfCckHkK7VajfZxAz81gzYcwb0jegLxTLBjqfbNvZfOeGK9t7kr twzKGUczcu1EATLdaXb0GRJwOijSyT45lwK1PvY5hxF5S3zygTOEg8wyU6wPrcL+LDCa +B0YOnwiXlDymWeDN/3aMoZ0reepg+TdKoQOgmx/cUvqKqmLuZn7p6LQUlfmSLLa8mT8 GGSQ== MIME-Version: 1.0 X-Received: by 10.180.211.39 with SMTP id mz7mr4014576wic.53.1389813934513; Wed, 15 Jan 2014 11:25:34 -0800 (PST) Sender: asomers@gmail.com Received: by 10.194.22.35 with HTTP; Wed, 15 Jan 2014 11:25:34 -0800 (PST) In-Reply-To: <52D6D93F.7020600@bluerosetech.com> References: <201401142011.s0EKBoi7082738@freefall.freebsd.org> <52D6BF9C.8070405@bluerosetech.com> <52D6D5C7.80200@sentex.net> <52D6D93F.7020600@bluerosetech.com> Date: Wed, 15 Jan 2014 12:25:34 -0700 X-Google-Sender-Auth: zAI1bRV6g1I2MePyLh3nNwJ2m9w Message-ID: Subject: Re: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-14:01.random From: Alan Somers To: Darren Pilgrim Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jan 2014 19:25:37 -0000 On Wed, Jan 15, 2014 at 11:53 AM, Darren Pilgrim wrote: > On 1/15/2014 10:39 AM, Mike Tancsa wrote: >> >> On 1/15/2014 12:04 PM, Darren Pilgrim wrote: >>> >>> >>> 1. If you're on "bare metal", the attacker has firmware-level or >>> physical access to the machine; >>> 2. If you're on a hypervisor, you can't trust the hypervisor; >>> >>> In both cases, I would think the attacker can use much simpler, more >>> direct vectors and you have much worse things to worry about than the >>> quality of /dev/random. I'm not questioning the validity of the >>> advisory, I'm genuinely curious about this. I can't think of a scenario >>> were someone could attack /dev/random using this vector without 1 or 2 >>> above also being true. >> >> >> Say you have a physical tap on the network upstream from the victim. The >> victim is exchanging data across a VPN. You can capture the encrypted >> traffic, and knowing there is a weakness in the quality of RNG, more >> easily decode the encrypted traffic. You dont have to worry about >> sending "extra" traffic from the host say, by poking around in /dev/mem >> etc. > > > Yes, that's an obvious consequence of a compromised RNG; but that's not what > I was asking. I'm asking how the attacker could compromise the hardware RNG > without also obtaining effectively unfettered access to the entire system. By compromising it at the design stage. For example, the NSA could hypothetically collaborate with Intel to trojan Intel's RNG. In that case, the NSA would've compromised the RNG, but they wouldn't have unfettered access to the rest of the system. > > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"