On Wed, Oct 25, 2000 at 10:35:55AM +0000, Terry Lambert wrote:
> > I see the opposite. I see that without writing to the /dev/random
> > device I get a cons is an object that cares fortune 99+% of the time
> > on my first login. With it, I see more decently random fortunes (but
> > I haven't done a statistical analysis of them to see how random things
> > are).
> Is it just me, or have there been more problems achieving
> real statistical randomness since /dev/random went in, than
> at any other time in BSD history?
> I booted a 1.5 system a couple of times for grins.
> It gives you a different fortune each time.
> Note that 1.5 "lacked" /dev/random.
It is because /dev/random totally ignore _time_ and not reseed from it,
but no other randomness source available at boot time.
At the boot /dev/random tries to reseed from other sources (excepting
1) Reseed code is broken, in come case (as I describe) all reseeding data
is ignored, only its size is counted until it was as big as 16384. Mark
not fix it yet at this moment nor confirm he is able to reproduce this
2) Reseeding state may not preserve across the boot due to various reasons
like panic, etc. Since _time_ is ignored, all other data /etc/rc tries to
collect now can be non-random _easily_!
Unless _time_ will be used, /dev/random is plain unusable for production
Andrey A. Chernov
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message