Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 2 Nov 2014 13:29:37 +0000
From:      Mark R V Murray <mark@grondar.org>
To:        Ian Lepore <ian@FreeBSD.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r273958 - head/sys/dev/random
Message-ID:  <6FB65828-6A79-4BDE-A9F7-BC472BA538CE@grondar.org>
In-Reply-To: <1414934579.17308.248.camel@revolution.hippie.lan>
References:  <201411020201.sA221unt091493@svn.freebsd.org> <720EB74E-094A-43F3-8B1C-47BC7F6FECC3@grondar.org> <1414934579.17308.248.camel@revolution.hippie.lan>
next in thread | previous in thread | raw e-mail | index | archive | help 

> On 2 Nov 2014, at 13:22, Ian Lepore <ian@FreeBSD.org> wrote:
>=20
> On Sun, 2014-11-02 at 09:45 +0000, Mark R V Murray wrote:
>> Hi DES,
>>=20
>> I=C2=B4m scared witless of this being on-by-default, for the reason =
given in the removed comment. I=C2=B4d much prefer to see it only turned =
on if a kernel option is set, and the embedded folks /et al/ can use =
that.
>>=20
>> Please reinstate the #ifdef RANDOM_AUTOSEED, and set a kernel option =
to turn it on. Please also leave the comment; summarily turning on an =
unprepared generator is not going to be obvious to anyone but an =
attacker.
>>=20
>> Moving the point of the auto-firstseed to where is good, thanks.
>>=20
>> M
>>=20
>=20
> To give you some idea of how usable this new stuff is on a system that
> isn't an x86 server or someone's desktop or laptop... after commenting
> out the postrandom so that a board would at least boot (but before =
DES'
> resend change), I left a board sitting idle at the login prompt.  It =
was
> somewhere between 40 minutes and an hour before I saw this:
>=20
> FreeBSD/arm (rpi) (ttyu0)
>=20
> login: random: reseed - fast - thresh 96,1 -  0 48 0 0 0 130 0 0 620 0 =
0 0 0 0 0 0 0 0 0 0
> random: reseed - slow - thresh 128,2 -  0 44 0 0 0 130 0 0 619 0 0 0 0 =
0 0 0 0 0 0 0
> random: unblocking device.

Thanks for doing this, Ian. This is good information, and tells me a lot
about Yarrow on some systems.

> Securing a system against some theoretical attack has value only to =
the
> point where the system is no longer usable at all.  At that point you
> kind of have to declare the attacker the winner, and he didn't even =
have
> to actually launch an attack.

Point conceded. :-)

M
--=20
Mark R V Murray

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6FB65828-6A79-4BDE-A9F7-BC472BA538CE>