There's a big difference between "We shouldn't assign 100% trust to any particular HWRNG" and "RDRAND IS TEH BACKDOOR!!!!11!"
@matthew_d_green @nickm_tor @DefuseSec RDRAND-only seems like the best choice for VMs because it is atomic. Outside of a VM guest, then no.
-
-
@BRIAN_____@matthew_d_green@nickm_tor Is there a reason atomic is better in VMs? Side channel attack? -
@DefuseSec@matthew_d_green@nickm_tor Result of discussion of cloning kernel PRNG state during VM cloning, but now I don't remember details -
@DefuseSec@matthew_d_green@nickm_tor It may very well have been the wrong conclusion. Something to think about.
End of conversation
New conversation -
-
-
@BRIAN_____@matthew_d_green@nickm_tor@DefuseSec RDRAND could be trapped in the hypervisor, and OS entropy inserted instead -
@mik235@matthew_d_green@nickm_tor@DefuseSec Yes, the VM host shouldn't just forward it down to RDRAND.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.