[talk] FreeBSD RNG issue on -current only

Isaac (.ike) Levy ike at blackskyresearch.net
Tue Feb 17 21:42:53 EST 2015

On 02/17/15 21:00, George Rosamond wrote:
> Isaac (.ike) Levy:
>> On February 17, 2015 03:12:24 pm EST, "George Rosamond"
>> <george at ceetonetechnology.com> wrote:
>>> Mark Saad:
>>>> On 02/17/15 13:28, Brian Callahan wrote:
>>>>> Just in case anyone is running a recent FreeBSD -current:
>>>>> https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html
>>>> They also had to create keys in that said version. This also doesn't not
>>>> effect any release.
>>> Yes, it's current and all, and that should be made clear, but
>>> nevertheless it's disturbing.
>>> Isn't there some automated way to check and recheck entropy from output,
>>> instead of solely relying on the code?  Obviously, it couldn't find
>>> highly unlikely collisions, etc., but at least discover the most ugly
>>> instances?  Yes.. probably would require a lot of CPU...
>>> g
>> I'm by no means an authority- but wouldn't testing using a tool like
>> ent(8) do the job, crudely even?
>> http://www.fourmilab.ch/random/
> That's a cool tool... don't know why I hadn't seen it before.
> Anyone use it before?
> Seems useful for testing password entropy, at least.
> g

I first found it in a Calomel article,


(I hear Bcallah loves these guys? ;)

Anyhow, fun article- but I'm no authority, and RNG is obviously a 
serious topic- so I don't want to pretend to suggest this as though it's 
an authoritative resource.


More information about the talk mailing list