These seem like really good mitigations to make a userland RNG safe. But makes me wonder why they don’t just use a kernel RNG.https://aws.amazon.com/blogs/opensource/better-random-number-generation-for-openssl-libc-and-linux-mainline/ …
-
-
Reason 2: In-kernel RNGs have been their own poorly audited moving target, getting better though!
-
The third mitigation still seems to rely on kernel support, so it still seems like auditing and replacing the kernel RNG is in scope.
- 7 more replies
New conversation -
-
-
Still going to cost you a context switch isn't it? Also, sounds like a good conversation for HACS.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.