[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-14:01.random
Peter Ankerstål
peter at pean.org
Wed Jan 15 18:17:36 UTC 2014
On 15 Jan 2014, at 18:04, Darren Pilgrim <list_freebsd at bluerosetech.com> wrote:
> On 1/14/2014 12:11 PM, FreeBSD Errata Notices wrote:
>> III. Impact
>>
>> Someone who has control over these hardware RNGs would be able to
>> predicate the output from random(4) and urandom(4) devices and may be able
>> to reveal unique keys that are used to encrypt data.
>
> This is good to know, but I have to wonder:
>
> If the attacker has that level of access to the hardware, I would expect one of two things is also true:
>
> 1. If you're on "bare metal", the attacker has firmware-level or physical access to the machine;
> 2. If you're on a hypervisor, you can't trust the hypervisor;
>
> In both cases, I would think the attacker can use much simpler, more direct vectors and you have much worse things to worry about than the quality of /dev/random. I'm not questioning the validity of the advisory, I'm genuinely curious about this. I can't think of a scenario were someone could attack /dev/random using this vector without 1 or 2 above also being true.
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
>
The manufacturer of a good friend of the manufacturer interested in decrypting stuff.
/Peter.
More information about the freebsd-stable
mailing list