From owner-freebsd-current  Fri Jul 21 12:26:34 2000
Delivered-To: freebsd-current@freebsd.org
Received: from grimreaper.grondar.za (grimreaper.grondar.za [196.7.18.138])
	by hub.freebsd.org (Postfix) with ESMTP id 60F8D37BE0A
	for <current@FreeBSD.ORG>; Fri, 21 Jul 2000 12:26:26 -0700 (PDT)
	(envelope-from mark@grondar.za)
Received: from grimreaper.grondar.za (localhost [127.0.0.1])
	by grimreaper.grondar.za (8.9.3/8.9.3) with ESMTP id VAA00724;
	Fri, 21 Jul 2000 21:26:21 +0200 (SAST)
	(envelope-from mark@grimreaper.grondar.za)
Message-Id: <200007211926.VAA00724@grimreaper.grondar.za>
To: "Jeroen C. van Gelderen" <jeroen@vangelderen.org>
Cc: current@FreeBSD.ORG
Subject: Re: randomdev entropy gathering is really weak 
References: <3978806C.8BD1EDD6@vangelderen.org> 
In-Reply-To: <3978806C.8BD1EDD6@vangelderen.org> ; from "Jeroen C. van Gelderen" <jeroen@vangelderen.org>  "Fri, 21 Jul 2000 12:55:08 -0400."
Date: Fri, 21 Jul 2000 21:26:21 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> You generate a new PGP keypair and start using it. Your
> co-worker reboots your machine afterwards and recovers 
> the PRNG state that happens to be stashed on disk. He 
> can then backtrack and potentially recover the exact same
> random numbers that you used for your key.

Said state is rm'med after use. If you didn't detect the breakin,
your fault for poor intrusion detection. lets put the paranoia
to practical use and detect the breakin, not nitpick the systems
that are supposed to be protected.

M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message