> You generate a new PGP keypair and start using it. Your > co-worker reboots your machine afterwards and recovers > the PRNG state that happens to be stashed on disk. He > can then backtrack and potentially recover the exact same > random numbers that you used for your key. Said state is rm'med after use. If you didn't detect the breakin, your fault for poor intrusion detection. lets put the paranoia to practical use and detect the breakin, not nitpick the systems that are supposed to be protected. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
- Re: randomdev entropy gat... Mark Murray
- Re: randomdev entropy gat... Mark Murray
- Re: randomdev entropy gat... Kris Kennaway
- Re: randomdev entropy gat... Mark Murray
- Re: randomdev entropy gat... Mark Murray
- Re: randomdev entropy gat... Jeroen C. van Gelderen
- Re: randomdev entropy gat... Rodney W. Grimes
- Re: randomdev entropy gathering is... Dan Moschuk
- Re: randomdev entropy gatheri... Jeroen C. van Gelderen
- Re: randomdev entropy gat... Steve Kargl
- RE: randomdev entropy gat... Mark Murray
- RE: randomdev entropy gat... David Schwartz
- RE: randomdev entropy gat... Kris Kennaway
- Re: randomdev entropy gathering is really weak Trevor Johnson
- Re: randomdev entropy gathering is really weak Mike Smith
- Re: randomdev entropy gathering is really weak Boris Popov
- Re: randomdev entropy gathering is really weak Mark Murray
