tmsr - Search: debian rng

17 entries in 0.879s

asciilifeform: re : 'difficult for changes to be inserted unnoticed' -- did they ever even pin a name on the debian rng lulz ?

a111: 14 results for "debian rng", http://btcbase.org/log-search?q=debian%20rng

asciilifeform: !#s debian rng

ben_vulpes: the debian rng bug is a good example of hosed RNGs, that's a fine place to start

asciilifeform: since the debian incident, enemy stepped up the 'NOBUS' crapola; no noar '32768 possible keys, total', instead things moar in the spirit of http://qntra.net/2016/08/rng-whitening-bug-weakened-all-versions-of-gpg

mircea_popescu: leaking rng quality is more of a concern for debian/prngs.

asciilifeform: i ran into it when trying to replicate the classical 'dead rng' debian setup

asciilifeform: lol debian rng

a111: Logged on 2016-11-17 16:02 Framedragger: in fact.. due to https://hdm.io/tools/debian-openssl/ correctly pointing out that "This flaw is ugly because even systems that do not use the Debian software need to be audited in case any key is being used that was created on a Debian system.", someone should attempt botnet-brute-login to all 13M+ (i forget lol) ssh hosts with rng-fucked client keys.

Framedragger: in fact.. due to https://hdm.io/tools/debian-openssl/ correctly pointing out that "This flaw is ugly because even systems that do not use the Debian software need to be audited in case any key is being used that was created on a Debian system.", someone should attempt botnet-brute-login to all 13M+ (i forget lol) ssh hosts with rng-fucked client keys. ☟︎

Framedragger: http://log.mkj.lt/trilema/20161117/#508 << someone with time on their hands should write script to attempt logins at all of these with rng-fucked ssh keys (available at https://hdm.io/tools/debian-openssl/ i think though did not check, or re-gen themselves, shouldnt be hard)!

asciilifeform: is the question specifically concerning the buggy debian rng ?

BingoBoingo: ;;google debian rng 2006

PinkPosixPXE: ignore the debian portion, rng-tools is something most OS's should have available

assbot: Helping The Random Number Generator To Gain Enough Entropy With rng-tools (Debian Lenny) | HowtoForge - Linux Howtos and Tutorials

PinkPosixPXE: http://www.howtoforge.com/helping-the-random-number-generator-to-gain-enough-entropy-with-rng-tools-debian-lenny

BingoBoingo: God is actually just the old Debian RNG flaw, n always ===== 6