Re: [PATCH] (0/4) Entropy accounting fixes

Linus Torvalds (torvalds@transmeta.com)
Sat, 17 Aug 2002 21:53:46 -0700 (PDT)


On Sat, 17 Aug 2002, Oliver Xymoron wrote:
>
> But it will get data of _equal quality_ to the current approach from
> /dev/urandom.

So what?

If you make /dev/random useless ("but you can use /dev/urandom instead")
then we should not have it.

> > Are you seriously trying to say that a TSC running at a gigahertz cannot
> > be considered to contain any random information just because you think you
> > can time the network activity so well from the outside?
>
> Yes. The clock of interest is the PCI bus clock, which is not terribly
> fast next to a gigabit network analyzer.

Be realistic. This is what I ask of you. We want _real_world_ security,
not a completely made-up-example-for-the-NSA-that-is-useless-to-anybody-
else.

All your arguments seem to boil down to "people shouldn't use /dev/random
at all, they should use /dev/urandom".

Which is just ridiculous.

Linus

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/