I assume you're referring to Linux's ill-advised implementation of directly xor'ing RDRAND output into the kernel entropy pool.
One example might be when the attack process is sandboxed some way that precludes exfil.
-
-
See, sandboxes make this more fun, because gathering entropy in them is super hard. You need to expose entropy to them safely.
-
A consideration in multi-core systems with HRNGs is proper synchronisation of the HRNG to prevent parallel reading of the output
-
Since if core 0 is executing untrusted code in a sandbox, unsynchronised access would allow RNG output sniffing of other code.
-
Trivially exploitable, too. Poll RNG in a tight loop from the attacking core. Sliding window over them. Job done.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.