[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-14:01.random
Mike Tancsa
mike at sentex.net
Wed Jan 15 18:39:08 UTC 2014
On 1/15/2014 12:04 PM, Darren Pilgrim wrote:
>
> 1. If you're on "bare metal", the attacker has firmware-level or
> physical access to the machine;
> 2. If you're on a hypervisor, you can't trust the hypervisor;
>
> In both cases, I would think the attacker can use much simpler, more
> direct vectors and you have much worse things to worry about than the
> quality of /dev/random. I'm not questioning the validity of the
> advisory, I'm genuinely curious about this. I can't think of a scenario
> were someone could attack /dev/random using this vector without 1 or 2
> above also being true.
Say you have a physical tap on the network upstream from the victim. The
victim is exchanging data across a VPN. You can capture the encrypted
traffic, and knowing there is a weakness in the quality of RNG, more
easily decode the encrypted traffic. You dont have to worry about
sending "extra" traffic from the host say, by poking around in /dev/mem
etc.
---Mike
--
-------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada http://www.tancsa.com/
More information about the freebsd-stable
mailing list