[147742] in cryptography@c2.net mail archive
Re: [Cryptography] [RNG] on RNGs, VM state, rollback, etc.
daemon@ATHENA.MIT.EDU (James A. Donald)
Sat Oct 19 09:35:42 2013
X-Original-To: cryptography@metzdowd.com
Date: Sat, 19 Oct 2013 14:11:17 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
In-Reply-To: <20131018230832.GC3358@gmail.com>
Reply-To: jamesd@echeque.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 2013-10-19 09:08, Nico Williams wrote:
> The problem is that many apps expect /dev/urandom never to block. This
> is a severe problem if such an app is invoked early in boot and blocks
> the rest of the bootup procedure.
If an app expects urandom never to block, and itself blocks bootup, that
app is broken, because it is doing something that requires or purports
to provide cryptographic security, which it will not get.
The cure is to remove the app from the bootup process, rather than
employ an app providing security theater.
The app will probably run fine if launched at a later stage in the
process. If not, needs rewriting.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography