Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 21 Jul 2000 14:12:13 -0700
From:      Rush Carskadden <rcarskadden@lightrealm.com>
To:        'Garrett Wollman' <wollman@khavrinen.lcs.mit.edu>, Leif Neland <leifn@neland.dk>
Cc:        security@FreeBSD.ORG
Subject:   RE: randomdev entropy gathering is really weak
Message-ID:  <E0DBEB7DB64ED311A0520090279C1C87027E6716@EXCHANGE>
next in thread | raw e-mail | index | archive | help 
     It is somewhat troubling to me to think that you may assume the only
time you need security is when you are connected to the Internet. Picture a
large corporation (or government) with a substantial private network that,
though it is not connected to the Internet, provides a number of critical
services to it's users on a day to day basis. Is this network any less worth
protecting because it is not connected to the Internet? Assuming that there
are a large number of users on the network, is risk nonexistant? The fact of
the matter is, it is bad form to rely on any system that you do not control
for a security solution, and it is even worse form when communicating with
this system requires you to be on the Internet. But that's just my opinion. 

ok,
Rush Carskadden


-----Original Message-----
From: Garrett Wollman [mailto:wollman@khavrinen.lcs.mit.edu]
Sent: Monday, July 17, 2000 8:54 AM
To: Leif Neland
Cc: security@FreeBSD.ORG
Subject: Re: randomdev entropy gathering is really weak


<<On Mon, 17 Jul 2000 17:08:35 +0200 (CEST), Leif Neland <leifn@neland.dk>
said:

> If you can't reach a NTP server, you are not connected to the internet. In
> that case you don't need to worry so much about security...

Unless, of course, the reason your machine is not connected to the
Internet is in order that it be able to provide some critical security
functionality.

-GAWollman



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0DBEB7DB64ED311A0520090279C1C87027E6716>