From owner-freebsd-current  Fri Jul 21  5:54: 4 2000
Delivered-To: freebsd-current@freebsd.org
Received: from grimreaper.grondar.za (markm.ops.uunet.co.za [196.31.2.167])
	by hub.freebsd.org (Postfix) with ESMTP
	id 7C7B537B97D; Fri, 21 Jul 2000 05:53:56 -0700 (PDT)
	(envelope-from mark@grondar.za)
Received: from grimreaper.grondar.za (localhost [127.0.0.1])
	by grimreaper.grondar.za (8.9.3/8.9.3) with ESMTP id OAA00377;
	Fri, 21 Jul 2000 14:53:57 +0200 (SAST)
	(envelope-from mark@grimreaper.grondar.za)
Message-Id: <200007211253.OAA00377@grimreaper.grondar.za>
To: Kris Kennaway <kris@FreeBSD.org>
Cc: current@FreeBSD.org
Subject: Re: randomdev entropy gathering is really weak 
References: <Pine.BSF.4.21.0007210345170.13729-100000@freefall.freebsd.org> 
In-Reply-To: <Pine.BSF.4.21.0007210345170.13729-100000@freefall.freebsd.org> ; from Kris Kennaway <kris@FreeBSD.org>  "Fri, 21 Jul 2000 03:46:31 MST."
Date: Fri, 21 Jul 2000 14:53:57 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> > What about saving the state of the RNG and re-reading it on bootup?  That
> > will allow Yarrow to continue right where it left off. :-)
> 
> That's a bad thing. You don't want someone to be able to examine the exact
> PRNG state at next boot by looking at your hard disk after the machine has
> shut down.

It is a Yarrow-mandated procedure. Please read the Yarrow paper.

If they can do that, they have either the console (==root) or they have
root. Either way, who cares what they know about your machine, they have
the whole darn thing :-O.

M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message