>Theo de Raadt <deraadt <at> cvs.openbsd.org> writes: > >> This requires an upgrade of the bootblocks and at least >> /etc/rc (which saves an entropy file for future use). Some >> bootblocks will be able to use machine-dependent features >> to improve the entropy even further (for instance using >> random instructions or fast-running counters or such). >> >> As a result, the kernel can start using arc4random() >> exceedingly early on, even before interrupt entropy is >> collected. The randomization subsystem can hopefully >> become simpler due to this early entropy.. there is more >> work do here. > >I have a question. > >Having no interrupt (and such) entropy means less entropy. > >>From other hand, there are lot of speculations about some >hardware entropy sources are suspected (proven?) bad (or >intentionally hijacked?). > >So question here is, does moving random generation closer >to hardware paves a way to more predictable numbers?
It is clear you don't understand the code that was commited.
