User: Password:
Subscribe / Log in / New account

Kernel security, year to date

Kernel security, year to date

Posted Sep 10, 2008 9:10 UTC (Wed) by nix (subscriber, #2304)
In reply to: Kernel security, year to date by spender
Parent article: Kernel security, year to date

Actually, some systems (even Linux systems) have in the past used the random number sources on sound cards as a source of randomness (not terribly good sources, there's all sorts of rhythmic electrical noise in there, but still they're sources). If that's a system's only source of entropy, and an attacker makes the sound card stop working, you've now got an entropyless system. A good few things will stall forever in such circumstances -> DoS.

(Sure, it's contrived: perhaps the only thing that saves us is that the contrived part is the original setup of the system, which isn't something an attacker can easily contrapt.)

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds