|| ||Matt Mackall <mpm-AT-selenic.com>|
|| ||Theodore Tso <tytso-AT-mit.edu>, Mike McGrath <mmcgrath-AT-redhat.com>,
Jon Masters <jonathan-AT-jonmasters.org>,
Alan Cox <alan-AT-lxorguk.ukuu.org.uk>,
Ray Lee <ray-AT-madrabbit.org>, Adrian Bunk|
|| ||Re: Why does reading from /dev/urandom deplete entropy so much?|
|| ||Sat, 8 Dec 2007 12:15:25 -0600|
On Sat, Dec 08, 2007 at 12:49:08PM -0500, Theodore Tso wrote:
> On Sat, Dec 08, 2007 at 11:33:57AM -0600, Mike McGrath wrote:
> >> Huh? What's the concern? All you are submitting is a list of
> >> hardware devices in your system. That's hardly anything sensitive....
> > We actually had a very vocal minority about all of that which ended up
> > putting us in the unfortunate position of generating a random UUID instead
> > of using a hardware UUID from hal :-/
> Tinfoil hat responses indeed! Ok, if those folks are really that
> crazy, my suggestion then would be to do a "ifconfig -a > /dev/random"
> before generating the UUID, and/or waiting until you just about to
> send the first profile, and/or if you don't yet have a UUID,
> generating it at that very moment. The first will mix in the MAC
> address into the random pool, which will help guarantee uniqueness,
> and waiting until just before you send the result will mean it is much
> more likely that the random pool will have collected some entropy from
> user I/O, thus making the random UUID not only unique, but also
It might be better for us to just improve the pool initialization.
That'll improve the out of the box experience for everyone.
Mathematics is the supreme nostalgia of our time.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to firstname.lastname@example.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
to post comments)