[ale] Possible backdoor in /dev/random? [discussion]
Mike Harrison
cluon at geeklabs.com
Fri Sep 6 13:58:20 EDT 2013
On Sep 6, 2013, at 1:13 PM, Ted W. <ted-lists at xy0.org> wrote:
> I saw an interesting discussion on http://reddit.com/r/linux today
> about the decision Linus made two years ago to include RdRand as the
> source for /dev/random. Thought you all might like to see it and
> discuss here as well.
>
> http://www.reddit.com/r/linux/comments/1lucdy/did_linus_torvalds_backdoor_linux_random_number/
One of the better reddit threads. If the source for /dev/random isn't.. it should be easy to detect by generating a few million randoms
and evaluating for randomness (which is the hard part).
I have a neighbor that is a respected chaos mathematician and successful professional gambler because of it. i foresee some mind-numbing conversations in my future,
maybe some code. He's got the skill and tools for analyzing them for randomness, which is what he does when gambling. He finds patterns and exploits them. I saw a 3d "cloud" representation of a dataset he was playing with from an online gambling system that had some rather obvious "sweet spots" in it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 671 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.ale.org/pipermail/ale/attachments/20130906/f9d62a44/attachment.sig>
More information about the Ale
mailing list