{"id":1388,"date":"2013-10-22T14:11:18","date_gmt":"2013-10-22T12:11:18","guid":{"rendered":"http:\/\/stephane.weblog.starend.org\/?p=1388"},"modified":"2013-10-22T14:11:18","modified_gmt":"2013-10-22T12:11:18","slug":"devrandom-on-linux-kernel","status":"publish","type":"post","link":"http:\/\/stephane.weblog.starend.org\/?p=1388","title":{"rendered":"\/dev\/random on Linux kernel"},"content":{"rendered":"

Theodore Ts’o said (link<\/a>) :<\/p>\n

\n

I am so glad I resisted pressure from Intel engineers to let \/dev\/random rely only on the RDRAND instruction. \u00c2\u00a0 To quote from the article below:<\/p>\n

\u00ab\u00a0By this year, the Sigint Enabling Project had found ways inside some of the encryption chips that scramble information for businesses and governments, either by working with chipmakers to insert back doors….\u00a0\u00bb<\/p>\n

Relying solely on the hardware random number generator which is using an implementation sealed inside a chip which is impossible to audit is a BAD<\/b> idea.<\/p>\n<\/blockquote>\n

Thanks !!!
\nMerci \u00e0 toi :-)<\/p>\n

On sait aujourd’hui gr\u00e2ce \u00e0 tout ce qui est r\u00e9v\u00e9l\u00e9 sur les pratiques de la NSA<\/em> les risques que l’on encourait vis-\u00e0-vis de la NSA<\/em> elle-m\u00eame mais aussi de fait vis-\u00e0-vis de tous autres gouvernements et organisations criminelles ayant suffisamment de moyens.
\nLe g\u00e9n\u00e9rateur de nombres al\u00e9atoires du noyau Linux<\/em> n’est peut-\u00eatre pas parfait. Mais on sait qu’il n’est pas mauvais… et que ce n’est pas le pire, loin de l\u00e0.
\nEt chez Microsoft<\/em>, \u00e7a s’est pass\u00e9 comment ?<\/p>\n

Liens :
\n– https:\/\/plus.google.com\/117091380454742934025\/posts\/SDcoemc9V3J<\/a>
\n– https:\/\/www.schneier.com\/blog\/archives\/2013\/10\/insecurities_in.html<\/a>
\n– http:\/\/www.nytimes.com\/2013\/09\/06\/us\/nsa-foils-much-internet-encryption.html?pagewanted=all&_r=0<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Theodore Ts’o said (link) : I am so glad I resisted pressure from Intel engineers to let \/dev\/random rely only on the RDRAND instruction. \u00c2\u00a0 To quote from the article below: \u00ab\u00a0By this year, the Sigint Enabling Project had found ways inside some of the encryption chips that scramble information for businesses and governments, either … Continuer la lecture de \/dev\/random on Linux kernel<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[2,10,11],"tags":[],"_links":{"self":[{"href":"http:\/\/stephane.weblog.starend.org\/index.php?rest_route=\/wp\/v2\/posts\/1388"}],"collection":[{"href":"http:\/\/stephane.weblog.starend.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/stephane.weblog.starend.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/stephane.weblog.starend.org\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/stephane.weblog.starend.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1388"}],"version-history":[{"count":0,"href":"http:\/\/stephane.weblog.starend.org\/index.php?rest_route=\/wp\/v2\/posts\/1388\/revisions"}],"wp:attachment":[{"href":"http:\/\/stephane.weblog.starend.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1388"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/stephane.weblog.starend.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1388"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/stephane.weblog.starend.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1388"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}