[talk] FreeBSD RNG issue on -current only

George Rosamond george at ceetonetechnology.com
Tue Feb 17 21:00:31 EST 2015


Isaac (.ike) Levy:
> 
> On February 17, 2015 03:12:24 pm EST, "George Rosamond"
> <george at ceetonetechnology.com> wrote:
> 
>> Mark Saad:
>>>
>>>
>>> On 02/17/15 13:28, Brian Callahan wrote:
>>>> Just in case anyone is running a recent FreeBSD -current:
>>>> https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html
>>>>
>>>
>>> They also had to create keys in that said version. This also doesn't not
>>> effect any release.
>>
>> Yes, it's current and all, and that should be made clear, but
>> nevertheless it's disturbing.
>>
>> Isn't there some automated way to check and recheck entropy from output,
>> instead of solely relying on the code?  Obviously, it couldn't find
>> highly unlikely collisions, etc., but at least discover the most ugly
>> instances?  Yes.. probably would require a lot of CPU...
>>
>> g
> 
> I'm by no means an authority- but wouldn't testing using a tool like
> ent(8) do the job, crudely even?
> 
> http://www.fourmilab.ch/random/

That's a cool tool... don't know why I hadn't seen it before.

Anyone use it before?

Seems useful for testing password entropy, at least.

g



More information about the talk mailing list