FreeBSD Developers Will Not Trust Chip-Based Encryption 178
New submitter srobert writes "An article at Ars Technica explains how, following stories of NSA leaks, FreeBSD developers will not rely solely on Intel's or Via's chip-based random number generators for /dev/random values. The values will first be seeded through another randomization algorithm known as 'Yarrow.' The changes are effective with the upcoming FreeBSD 10.0 (for which the first of three planned release candidates became available last week)."
Very Smart Move (Score:5, Insightful)
They have every reason NOT to trust the chips. Trust, but verify is always the correct way.
Makes sense ... (Score:5, Insightful)
One of the features of open source software is that the code, thus the algorithms, can be examined by a third party. In the case of chips, this is very difficult to do. Most people are stuck trusting that the designer implemented the algorithm they said they did, and that they implemented it properly (the former implying no malice and the latter implying competence). That is particularly true for something like random number generators, which are intended to be non-deterministic as far as the software is concerned so any testing the implementation can only be done statistically. Very few people have the ability to examine the physical design of the chip to check the actual implementation.
Re:what's that going to accomplish? (Score:5, Insightful)
Re:Is there any way to gain trust in a chip? (Score:2, Insightful)
The output can be completely random, but it doesn't matter if someone else has a mechanism to reproduce exactly the same random stream. Or the ability to toggle on the semi-random mode...
Re:Very Smart Move (Score:3, Insightful)
"Trust, but verify"
If you feel you have to verify then you don't trust them. It was bullshit when Reagan said it and it still is.