false being worse than nothing is how we got the 1/200 Heninger RSA failure
-
-
Had to research on what you were referring to, and no, this is actually a perfect example of it.
1 reply 0 retweets 0 likes -
Replying to @dorianmuthig @rmhrisk and
if we'd followed
@mattblaze with truerand there would have been less failures.2 replies 0 retweets 2 likes -
Replying to @dakami @dorianmuthig and
Every time someone uses Truerand on anything built after 1995, I strangle a kitten.
2 replies 0 retweets 10 likes -
Replying to @mattblaze @dakami and
Then why didn't you replace it? You had plenty opportunity...
2 replies 0 retweets 0 likes -
Replying to @dorianmuthig @dakami and
there's nothing to replace it with. Userspace RNGs are consorting with the devil.
1 reply 0 retweets 3 likes -
Replying to @mattblaze @dorianmuthig and
userspace, kernel space. The point is humans aren't the only ambient entropy!
3 replies 0 retweets 1 like -
Replying to @dakami @mattblaze and
remember, status quo is kernels think entropy runs out!
4 replies 1 retweet 2 likes -
Replying to @dakami @mattblaze and
That is only the status quo for one of Linux’s 2 RNG interfaces.
1 reply 0 retweets 1 like -
Replying to @tqbf @mattblaze and
/dev/random blocked, breaking production. People used /dev/urandom static seed
2 replies 0 retweets 0 likes
yay for getrandom()!
-
-
totally agree!
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
yay for freebsd!
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.