> Alan Cox wrote:
> > Its true the NSA might have the keys to the "RNG" or it might have magic
> > switches. However if the rest of our RNG is secure then I can't see it
> > being anything but useful (once info becomes available) to feed their
> > hardware RNG into the entropy pool of /dev/random as another source
>
> [ from other message ]
> > One thing Intel are good at is back compatibility. Everything should be fine.
> > You can't use the KNI stuff but thats about it. 2.0.37 will even ident
> > a PIII and turn off the serial number
>
> Maybe this serial is also nice as an initial entropy pool-
> source? Not for the local system, but for the network-point-of
> -view (/dev/random is used for tcp/ip seq.nr. generating?)
Most Linux distributions save and restore 512 bytes from /dev/urandom
over reboots ("Initializing random number generator"). So it already has
a nice initial pool.
TCP only needs 36 bytes from the pool initially anyway, and refreshes
that every 5 minutes.
-Andi
-- This is like TV. I don't like TV.- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/