On Thu, 18 May 2023 18:42:31 -0400 Bill Ricker <[email protected]> wrote:
> My concern was *since* *his* /dev/urandom reportedly got *faster*, > does that mean someone *improved* it (safely!), or *broke* it (aka > ^*improved*^ it, badly)? Fair point. People break secure enough things all the time, but it's unlikely in the Stable and Longterm kernel branches. You are running Stable or Longterm kernels in production, right? > If it were my system, i'd want to be looking at the change notes to > see if it was intentional, and if so what cryptographer approved the > patches to urandom that made it faster. The 4.8 kernel *did* change how /dev/urandom works and it is faster for it. But it's no less secure because the CSPRNG is still the same CSPRNG that feeds /dev/random. There just are fewer steps now. This is detailed in the article I linked. I don't know if this is what happened on Kent's system or not. There are lots of reasons why I/O performance can change -- even a different USB port given that we're dealing with external storage -- and none of us here but Kent can possibly be aware of them all. -- \m/ (--) \m/ _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
