There's a big difference between "We shouldn't assign 100% trust to any particular HWRNG" and "RDRAND IS TEH BACKDOOR!!!!11!"
-
-
-
Replying to @matthew_d_green
@matthew_d_green I am less than sure of that. But any OS PRNG which can't withstand one of its inputs being teh backdoor is IMO quite poor.1 reply 2 retweets 1 like -
Replying to @nickm_tor
@nickm_tor I agree, but let's be honest... A backdoor isn't aimed against smart software. It's aimed against software that's friendly to it.1 reply 0 retweets 0 likes -
Replying to @matthew_d_green
Taylor Hornby Retweeted Taylor Hornby
@matthew_d_green@nickm_tor Yep, and the Linux kernel up to 3.13-rc? allows RDRAND to fully control the output -https://twitter.com/DefuseSec/status/408975222163795969 …Taylor Hornby added,
1 reply 1 retweet 2 likes -
Replying to @DefuseSec
@DefuseSec@matthew_d_green It might not be out of order to suspect everybody who's suggested using RDRAND to -replace- an entropy pool.4 replies 2 retweets 3 likes -
-
Replying to @matthew_d_green
@matthew_d_green@nickm_tor@DefuseSec RDRAND-only seems like the best choice for VMs because it is atomic. Outside of a VM guest, then no.2 replies 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____@matthew_d_green@nickm_tor@DefuseSec RDRAND could be trapped in the hypervisor, and OS entropy inserted instead1 reply 0 retweets 0 likes
@mik235 @matthew_d_green @nickm_tor @DefuseSec Yes, the VM host shouldn't just forward it down to RDRAND.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.