[FreeBSD-Announce] FreeBSD Security Advisory
FreeBSD-SA-08:11.arc4random
Nate Eldredge
neldredge at math.ucsd.edu
Mon Nov 24 10:18:39 PST 2008
Upon reading this, my first question was whether the weakness applies to
the random numbers supplied by /dev/random. If it does, then userspace has
been getting non-random values, and things like PGP and SSH keys could be
compromised. It might be good for secteam to clarify this, IMHO.
On Mon, 24 Nov 2008, FreeBSD Security Advisories wrote:
> FreeBSD-SA-08.11.arc4random Security Advisory
> The FreeBSD Project
...
--
Nate Eldredge
neldredge at math.ucsd.edu
More information about the freebsd-security
mailing list