> > /dev/random -- a world readable device -- should do the following: > > > > cat /dev/random > /dev/null & > > > > Crypto software which uses those devices should be doing some kind of > > checking to make sure that they are getting at least good entropy. I On linux at least, the above is at most a denial of service attack, as /dev/random does not deliver any data when it runs out of entropy (and programs usually are prepared to wait for data on that devices for some time). On linux/x86, moving my mouse generates >400bytes/s random data (this is currently specific to x86), and if two processes listen on /dev/random, both get about half the random data, so it seems that there isn't even a denial of service attack here. -- -----==- | ----==-- _ | ---==---(_)__ __ ____ __ Marc Lehmann +-- --==---/ / _ \/ // /\ \/ / pcgat_private |e| -=====/_/_//_/\_,_/ /_/\_\ XX11-RIPE --+ The choice of a GNU generation | |
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:33:58 PDT