[talk] FreeBSD RNG issue on -current only

Brian Callahan bcallah at devio.us
Tue Feb 17 18:21:22 EST 2015


On 02/17/15 15:02, George Rosamond wrote:
> Mark Saad:
>>
>> On 02/17/15 13:28, Brian Callahan wrote:
>>> Just in case anyone is running a recent FreeBSD -current:
>>> https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html
>> They also had to create keys in that said version. This also doesn't not
>> effect any release.
> Yes, it's current and all, and that should be made clear, but
> nevertheless it's disturbing.

But it's not theoretical either. The HardenedBSD project had to revoke
their SSL and GPG certs because of it:
https://twitter.com/HardenedBSD/status/567746189089464320

~Brian

> Isn't there some automated way to check and recheck entropy from output,
> instead of solely relying on the code?  Obviously, it couldn't find
> highly unlikely collisions, etc., but at least discover the most ugly
> instances?  Yes.. probably would require a lot of CPU...
>
>



More information about the talk mailing list