[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-14:01.random
Darren Pilgrim
list_freebsd at bluerosetech.com
Wed Jan 15 17:04:33 UTC 2014
On 1/14/2014 12:11 PM, FreeBSD Errata Notices wrote:
> III. Impact
>
> Someone who has control over these hardware RNGs would be able to
> predicate the output from random(4) and urandom(4) devices and may be able
> to reveal unique keys that are used to encrypt data.
This is good to know, but I have to wonder:
If the attacker has that level of access to the hardware, I would expect
one of two things is also true:
1. If you're on "bare metal", the attacker has firmware-level or
physical access to the machine;
2. If you're on a hypervisor, you can't trust the hypervisor;
In both cases, I would think the attacker can use much simpler, more
direct vectors and you have much worse things to worry about than the
quality of /dev/random. I'm not questioning the validity of the
advisory, I'm genuinely curious about this. I can't think of a scenario
were someone could attack /dev/random using this vector without 1 or 2
above also being true.
More information about the freebsd-stable
mailing list