Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment Re:Big problem, but addressable (Score 5, Informative) 179

Actually, /dev/random and /dev/urandom have their own, separate secondary pools that are fed off of a main pool when entropy is "depleted" in the second level pools. This is an area of research for us as well, since Linux's entropy estimation algorithm fails in situations where the timing deltas of entropy gathering events (IRQs and disk IOs) are actually predictable, so it's possible that the second level pools are not being refreshed at appropriate times.

If you write to /dev/urandom, it goes into the primary pool by tradition. This is what the rc scripts do on bootup with the random seed file on disk.

BTW, it's absolutely the wrong solution to get entropy from another source on the network (for many reasons, but one is that you can't do a secure HTTPS handshake without, you guessed it, unguessable random numbers). The whole point here is that we are looking for a way for 500 Linux instances on EC2 to have different entropy pools before the kernel completes boot. The only possible solution is for the hypervisor (Xen for Amazon) to provide a simulated HW RNG that pulls entropy from a real HW RNG or from an entropy daemon in the hypervisor.

The best way to learn about Linux RNG basics is Gutterman et. al. Analysis of the Linux Random Number Generator. Several of the issues they describe have been addressed, such as their PFS concerns, but their description of the entropy pools is still accurate.
Security

Submission + - Entropy Problems for Linux in "The Cloud" (forbes.com)

CalTrumpet writes: "Our research group recently spoke at Black Hat USA on the topic of Cloud Computing Security. One of the interesting outcomes of our research was the discovery that the combination of virtualization technologies and public system images results in a problem for random number generation on guest operating systems. This is especially true for Linux, since it's PRNG uses only a small set of entropy gathering events and virtual Linux images often generate SSH host keys within seconds of their initial boot. The slides themselves are available here"

Comment Re:Why was the book released before the patch? (Score 5, Informative) 214

Howdy... I'm actually one of the contributors to the book. We have been working with Adobe and CERT for a while on this issue, and we felt that as much time as is reasonable had elapsed since the initial reporting. The disclosure of security vulnerabilities is always a complicated ethical issue, and you have to weigh the public's right to know with the possibility that a speedy fix may reduce the overall damage from disclosure. Even with several months of work, "patching" the vulnerabilities is complicated, since the issues exist in the SWF files themselves and not in Flash player, so the only solution is for website owners to re-generate their Flash applets with the updated generators, which should be out shortly.

A more formal vulnerability report is being co-ordinated with CERT and should be out soon with the details of the issues.

Slashdot Top Deals

Quantum Mechanics is a lovely introduction to Hilbert Spaces! -- Overheard at last year's Archimedeans' Garden Party

Working...