Tim Dierks <[email protected]> writes: >While this is all true, it's also why manufacturers who want persuasive >analysis of their products hire consulting vendors with a brand and track >record strong enough that the end consumer can plausibly believe that their >reputational risk outweighs the manufacturer's desire for a good report. >Cryptography Research is such a vendor.
There's also the law of diminishing returns for Intel. Most users of their products are going to say "it's from Intel, it should be good enough". A small number of users are going to say "it should be OK but I'd like a second opinion just to be sure". A vanishingly small number are going to peek out from under their tinfoil hats and claim that the Bavarian Illuminati "fixed" the report and they still don't trust it, ignoring the fact that the app they're using the RNG with has to run as admin under Windows, opens a bunch of globally-accessible network ports, and has eight different buffer overflows in it. The point at which it makes sense to stop is between the second and third groups. Peter. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
