Obviously, you have no experience with Oracle or Microsoft products and do not know where Apple and Intel manufacture their devices.

Large != dominant. Doing a lot of cheap, low-qualification tech work does not make a country a "leader" or "dominant". But keep putting you head in the sand. The rest of the world is really not surprised by the steady decline of the US.

It looks like it is barely part of the first world in this area these days ...

Ah, well, pattern matching in human communications is not really reliable. My apologies then.

The thing with your flip-flop idea is that it could work, but it requires extra hardware that could be found. As it is, they probably just need to laser-cut a single interconnect, preferably not even in in the top layer and preferably just silicon, not metal, to compromise the thing. That would be really hard to find. If they implement your idea, there would be said extra flip-flop, its reset logic and connection to the JTAG logic, etc. But you are making my point: Why are they claiming JTAG is a security issue, if it is not and they could hide a compromised generator even with it? The only explanation I find is that they want an absolutely minimal change to compromise the CPRNG and that compromising the JTAG hardware in the way you describe is already above what they are willing to accept in visibility/exposure. Also note that the compromised JTAG logic would be in the design (and hence many people would see it and all CPUs would have it), while what they likely can do now is not.

Sorry, but the Inquisition and its agents is one of the darkest, most evil things humans ever did. I am not going to play one.

It is basically a compromised design, i.e. a design that makes an implementation compromise intentionally hard or impossible to spot. That does not actually mean the implementation is necessarily compromised.

People have real trouble understanding the distinction or why this is a compelling reason not to use it.

Well, to spin this further, you do know who downmodded me, and why I was at +5 before, right? Clearly this is done by the forces of evil. That would be the same people that pay you to be a troll here. And no, you do not get to define the rules. Oldest trick in the book to sabotage an opponent in a "discussion".

Hehehe, while completely useless as a measure, I guess that actually is what people are doing....

Stop spreading FUD. The architecture is designed to hide a compromised implementation, that makes it a compromised architecture, regardless of whether the implementation is actually secure or not. I never said anything about me not "trusting" the architecture either. I know it has been compromised, there is no need to "trust" or "distrust" anything. The question of "trust" does not apply.

You also do not understand JTAG or why it is important for them to have a minimal change they can make to compromise the implementation.

But I have run in people like you before. If you were a regular slashdotter, I would by now have insulted you enough for you to not be willing to talk to me anymore. Instead you are intent on keeping the conversation going. That behavior is however consistent with somebody working from a PsyOps manual. Keeping the conversation going is essential to be able to shape it.

Just my point. The OpenSSH project has done its learning and reached a quite high level of quality 10 years or more ago. Ans as it does what it is supposed to, there is no need to add features, making it even more secure.
 

Have you even tried to find out what is going on? The evidence is getting quite compelling. But I guess some people cannot see what they do not want to see.

You did notice that "legacy" in the thing you quote? You can run OpenSSH with insecure settings or with protocol version 1.0. But if you use these you are supposed to look at the security trade-offs yourself. The thing is that it is not OpenSSH that is insecure here, it just allows you to shoot yourself in the foot after warning you.

Did you screw up the config? That will get you rooted...

Otherwise, please supply a CVE number for the vulnerability responsible.

You are either ignorant or a liar. (Maybe a paid-for liar?). Just read this: https://plus.google.com/+Theod...

That is a few more people than "nobody". The flaw is that the whole design does not allow verification that it is non-compromised. The claim that including its bits in JTAG would be a security risk is completely bogus, as an attacker with access to the JTAG pins can do whatever they like already. With those bits in JTAG, it would be relatively easy to verify the analog-side is actually analog and is actually what feeds the whitener. That possibility was intentionally sabotaged, and the _only_ good reason for that is that they want to be able to compromise the CPRNG in select batches and make detection of that very hard. And no, there is no software access to those JTAG pins and yes, the hardware to query the internal CPRNG state and analog bit stream must be in place to test the CPU. That means they are switching this access explicitly off after they have verified the hardware works. So not only is this a compromised architecture and design, it is also more effort than doing it right. IT does not get more obvious than this.

Your link, BTW, is worthless. It does not go into the needed level of detail. The contrast with what you get for the VIA C3 generator (e.g.), is quite telling: http://www.cryptography.com/pu.... And VIA has a non-compromised design as they do not desperately try to hide what the analog random source spits out.

That one is easy: Just throw it away completely. Systemd is a major redesign of a major, critical Linux component.You would think that there is a very good, solid, compelling reason to do so. Apparently all they really have is "it boots faster". (And apparently id does not even do that in quite a few circumstances...)

My personal theory is that the NSA planned systemd as a project to sabotage Linux security (remember that Red Hat is primarily funded by the US military): Put an incompetent team with big egos in charge (Poettering and Sivers are certainly that), give them delusions of grandeur, make sure the BSD people ignore it by explicitly denying portability, and then just wait while the cretins produce a bloated, easy-to-exploit mess. (This "init-system" includes a freaking web-server! How stupid can you get?)

No need to place any backdoors, and all the countless vulnerabilities are genuine mistakes! Genius!