From owner-freebsd-security@FreeBSD.ORG Mon Jul 25 00:52:02 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3B23A16A41F for ; Mon, 25 Jul 2005 00:52:02 +0000 (GMT) (envelope-from dougb@FreeBSD.org) Received: from mail1.fluidhosting.com (mail1.fluidhosting.com [204.14.90.61]) by mx1.FreeBSD.org (Postfix) with SMTP id 31A0443D48 for ; Mon, 25 Jul 2005 00:52:01 +0000 (GMT) (envelope-from dougb@FreeBSD.org) Received: (qmail 47868 invoked by uid 399); 25 Jul 2005 00:52:00 -0000 Received: from mail1.fluidhosting.com (66.150.201.101) by mail1.fluidhosting.com with SMTP; 25 Jul 2005 00:52:00 -0000 Received: (qmail 91437 invoked by uid 399); 25 Jul 2005 00:51:59 -0000 Received: from unknown (HELO ?192.168.15.101?) (dougb@dougbarton.net@67.20.70.103) by mail1.fluidhosting.com with SMTP; 25 Jul 2005 00:51:59 -0000 Message-ID: <42E437AA.1050307@FreeBSD.org> Date: Sun, 24 Jul 2005 17:51:54 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050722) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Colin Percival References: <20050724135738.GM46538@darkness.comp.waw.pl> <64009.1122213962@phk.freebsd.dk> <20050724181912.GO46538@darkness.comp.waw.pl> <42E3DF1E.9040405@freebsd.org> In-Reply-To: <42E3DF1E.9040405@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Poul-Henning Kamp , Pawel Jakub Dawidek , freebsd-security@freebsd.org Subject: Re: cvs commit: src/games/fortune/fortune fortune.c X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Jul 2005 00:52:02 -0000 Colin Percival wrote: > I think this would be more dangerous than valuable. "Most" failure modes of > modern PRNGs will result in output which is cryptographically predictable but > passes all known statistical tests. (To take a trivial example, the sequence > MD5(0), MD5(1), MD5(2) ... looks random, but obviously isn't.) > > If we want to determine if the PRNG has been seeded properly, we should be > querying the kernel, not trying to distinguish between "random" and "non-random" > just based on its output. I put the following in my /etc/rc.local file to try and do some detective work on the fortune issue: sysctl kern.random.sys.seeded >> ${TMPDIR:-/tmp}/sysctl.out If others are seeing apparent problems with randomness issues on startup this might be a useful diagnostic for them as well. FWIW, I cranked up the entropy save function on my laptop to the following values: entropy_save_sz="4096" # Size of the entropy cache files. entropy_save_num="17" # Number of entropy cache files to save. And haven't seen any problems with repetitive fortunes in the last 2 days. Since storage of these files is pretty painless, I'm tempted to crank this up in /etc/defaults/rc.conf. Opinions? Doug -- This .signature sanitized for your protection