from the mehr-Zufälligkeit dept.
CalTrumpet writes "Our research group recently spoke at Black Hat USA on the topic of cloud computing security. One of the interesting outcomes of our research was the discovery that the combination of virtualization technologies and public system images results in a problem for random number generation on guest operating systems. This is especially true for Linux, since its PRNG uses only a small set of entropy-gathering events, and virtual Linux images often generate SSH host keys within seconds of their initial boot. The slides are available; the PRNG vulnerability material begins at slide 63."
The more data I punch in this card, the lighter it becomes, and the
lower the mailing cost.
-- S. Kelly-Bootle, "The Devil's DP Dictionary"