Mark Murray <[EMAIL PROTECTED]> wrote:

> Can we decide this, please - do we want secure startup (which will
> take some effort to achieve), or can we say "screw it" and start
> insecure like the old system?
> I'm happy to accomodate folks, but the constant lack of concensus
> combined with extreme positions is wearing a bit thin.

Although I'm not a coder on this platform, I do have an idea that we
sometimes use on my hobby platform, maybe this might help...

Start some kind of hardware-managed timer at the earliest possible
opportunity (perhaps start it in the boot loader!), then when you need to
pick up your first seed, read the timer's value and seed your random
generator from that.

The idea is to catch that timer at an unknown condition, and certainly the
computer is not going to boot in the exact same amount of time, every time
it's restarted.  This would be especially true if the boot sequence gets
interrupted (to load another kernel perhaps) or the user forces the
machine into single-user mode while it's booting.

In my hobby platform, it's common to start the timer, then grab a value
from it after the user hits a key after viewing some introduction screen.
The value grabbed is often used as the actual random number, but it could
be just as useful if used to seed a random generator.

If you're particularly paranoid, you set both timers for 32-bit mode,
start one first thing at startup, and the other when the user hits the
key, then read both of them the first time a random number is needed.
Seed your random generator from that, along with any other sources you can
(such as the video raster counter and the sound device's readable
oscillator, set to generate a noise waveform).

Just my two cents.

 ___________________________________  _____  _____
|                                   _///@@@|      |
| [EMAIL PROTECTED]              /'//ZZ@@|____  |
|                                 |'''/    |'/@7  |
| |`'|     `~~'   |
|                                 | `|     .--.   |
| C64/C128 - What's *YOUR* hobby? |  `\____|___\  |
|                                  \_      |      |
|___________________________________ \_____| _____|

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to