Debian vulnerability has widespread effects
Posted May 15, 2008 4:41 UTC (Thu) by proski
In reply to: Debian vulnerability has widespread effects
Parent article: Debian vulnerability has widespread effects
I would prefer that only inputs definitely not controlled by attackers are used, and I'm not sure it can be guaranteed that uninitialized data is not manipulated in some way. There are sources of entropy that are harder to subvert. I think it's better to have less entropy but avoid giving attackers another possibility for exploits.
You don't use enemy's rivets to build your battleships. It may be just little pieces of metal that get a very different shape when used, but never underestimate those who are determined to harm you.
to post comments)