riastr...@netbsd.org (Taylor R Campbell) writes:
>> Date: Mon, 11 May 2020 16:16:12 -0000 (UTC)
>> From: mlel...@serpens.de (Michael van Elst)
>>
>> Previously we could trust in random processes, whether the entropy
>> estimation was scientific or not. We could also chose what source
>> to trust.
>Still can. NetBSD just doesn't do bogus pseudoscientific
>prestidigitation any more.
It doesn't do any entropy estimation anymore.
HWRNG - we trust the driver
constant file - we trust the file
any random process we used before - we ignore it (as far as it is
related to the topic).
>> Now we put all trust in loading a constant file.
>This is still false, just like it was the last time you made this
>claim.
We only trust a HWRNG and the seed file because only these enter
a non-zero value for entropy. I cannot configure any other source to
do that.
>> >This hardware can reasonably block forever on first boot, due to
>> >the large number of sources of entropy that are no longer measured.
>>
>> Not "can". It does, definitely, always.
>>
>> And it never blocks on second boot.
>This is false.
After initial boot, reading from /dev/random blocks forever.
Rebooting without providing a seed: /dev/random still blocks forever.
Rebooting after writing a seed once: never blocks again, even when
the file wouldn't change. Technically of course you are right that
before loading the seed in the rc sequence we would still block forever.
>Please do your homework first,
Like checking the code and verifying how it operates ?
>and then take this to a thread where it
>is on topic, not the thread about a choice of C API to adopt.
The discussion seems to be on topic here, even if you don't want it.
After all I responded to an article that exactly put this on topic
but which didn't cause indignation.
--
--
Michael van Elst
Internet: mlel...@serpens.de
"A potential Snark may lurk in every tree."
