Um, pardon my ignorance, but what is the point of a diskless,
keyboardless computer that requires such high security? If the only
interface is the network, what good is it? I can see being diskless
(although why anyone would build a diskless machine in today's world,
I have no idea -- it certainly doesn't significantly affect the cost
of the machine). I used to have a diskless sun as my workstation.
But it still had a keyboard.
Did you have a specific usage in mind, here? I certainly cannot
imagine a use for such a beast today. Even my palmpilot has user
input.
-derek
"Arnold G. Reinhold" <[EMAIL PROTECTED]> writes:
>
> At 12:25 PM -0400 8/11/99, Theodore Y. Ts'o wrote:
> > Date: Tue, 10 Aug 1999 11:05:44 -0400
> > From: "Arnold G. Reinhold" <[EMAIL PROTECTED]>
> >
> > A hardware RNG can also be added at the board level. This takes
> > careful engineering, but is not that expensive. The review of the
> > Pentium III RNG on www.cryptography.com seems to imply that Intel is
> > only claiming patent protection on its whitening circuit, which is
> > superfluous, if not harmful. If so, their RNG design could be copied.
> >
> >I've always thought there was a major opportunity for someone to come up
> >with an ISA (or perhaps even a PCI) board which had one or more circuits
> >(you want more than one for redundancy) that contained a noise diode
> >hooked up to a digitizing circuit. As long as the hardware interface
> >was open, all of the hard parts of a hardware RNG, could be done in
> >software.
>
> This thread started over concerns about diskless nodes that want to
> run IPsec. Worst case, these boxes would not have any slots or other
> expansion capability. The only source of entropy would be network
> transactions, which makes me nervous. That is why I feel we should
> pressure manufacturers of such boards to include hardware RNG
> capability in one form or another.
>
> Generic PC's these days come with audio input or can have a sound
> card added easily. Open software that would characterize, monitor and
> whiten the output of an analog noise source connected to the audio-in
> port would meet a lot of needs.
>
> Arnold Reinhold
>
>
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL N1NWH
[EMAIL PROTECTED] PGP key available
