Re: how i stopped worrying and loved the backdoor

[Dan Kaminsky <dan () doxpara com>]

On Fri, Dec 24, 2010 at 4:37 PM, BMF <badmotherfsckr () gmail com> wrote:

> On Fri, Dec 24, 2010 at 4:27 PM, coderman <coderman () gmail com> wrote:
> >  how many of you have a competent userspace entropy
> > daemon funneling hardware sources into host pool?
>
> It would be nice if there were inexpensive hardware sources available
> and a means to distribute the entropy among hosts in one's own trusted
> infrastructure. I have a mail server, a name server, an ntp server
> (usually several), among various other sorts of pieces of
> infrastructure which serve hundreds or even thousands of servers. Why
> not an entropy server? It would be nice if I could setup an entropy
> generating black box somewhere and attach it via USB to my entropy
> server host then install a package with a config file on all of my
> machines pointing to the entropy host. But so far I know of no such
> thing. Do you?
Don't we have hardware RNG in most motherboard chipsets nowadays?

(Not that you should exclusively trust it, but the nature of RNG's is that
it's easy to mix in sources.)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/