On Thu 2019-08-15 11:12:24, Theodore Y. Ts'o wrote: > On Thu, Aug 15, 2019 at 01:24:35AM +0200, Pavel Machek wrote: > > Burn it with fire! > > > > I mean... people were afraid RDRAND would be backdoored, and you now > > confirm ... it indeed _is_ backdoored? /., here's news for you! > > To be fair to AMD, I wouldn't call it a backdoor. Hanlon's razor is > applicable here: > > "Never attribute to malice that which can be adequately > explained by neglect."
> (Sometimes other words are used instead of neglect, but i'm trying to
> be nice.)
You are right, I thought it was returning values with low entropy, and
it returns ~0 (so -- really really low entropy :-) and can't be
clasified as a backdoor.
Anyway, AMD is _not_ doing good job right now.
I'd expect:
a) CVE reference
b) real fix; if BIOS can init the rng, so can kernel
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures)
http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
signature.asc
Description: Digital signature
