On Thu, Jan 11, 2018 at 08:19:30PM +0000, Dan Brown wrote:
>
> If an adversary gains access to this interface, then there is a
> small risk that sensitive information leaks to the adversary,
> because the entropy estimate may be derived from and correlated to
> sensitive information.
I'll note that most of the entropy is coming from interrupt timing,
and we use timing from many interrupts for a single bit. One can get
more information about what is going on with the system using
/proc/interrupts. You'll get far more detail about keyboard timings
from /proc/interrupts.
You can also find out what's happening with incoming network packets
using ifconfig.... and then there's vmstat, iostat, ps, etc., etc.
So there's quite a lot of system interfaces one would have to restrict
before I would even *start* worrying about the entropy count.
Regards,
- Ted
_______________________________________________
dsfjdssdfsd mailing list
dsfjdssdfsd@ietf.org
https://www.ietf.org/mailman/listinfo/dsfjdssdfsd
