The maintainers of the security-conscious FreeBSD operating system have declared that they will no longer rely on the random number generators in Intel and Via's chips, on the grounds that the NSA likely has weakened these opaque hardware systems in order to ease surveillance. The decision is tied to the revelations of the BULLRUN/EDGEHILL programs, wherein the NSA and GCHQ spend $250M/year sabotaging security in standards, operating systems, software, and networks.
"For 10, we are going to backtrack and remove RDRAND and Padlock backends and feed them into Yarrow instead of delivering their output directly to /dev/random," FreeBSD developers said. "It will still be possible to access hardware random number generators, that is, RDRAND, Padlock etc., directly by inline assembly or by using OpenSSL from userland, if required, but we cannot trust them any more."
In separate meeting minutes, developers specifically invoked Snowden's name when discussing the change.
"Edward Snowdon [sic] -- v. high probability of backdoors in some (HW) RNGs," the notes read, referring to hardware RNGs. Then, alluding to the Dual EC_DRBG RNG forged by the National Institute of Standards and Technology and said to contain an NSA-engineered backdoor, the notes read: "Including elliptic curve generator included in NIST. rdrand in ivbridge not implemented by Intel... Cannot trust HW RNGs to provide good entropy directly. (rdrand implemented in microcode. Intel will add opcode to go directly to HW.) This means partial revert of some work on rdrand and padlock."
“We cannot trust” Intel and Via’s chip-based crypto, FreeBSD developers say [Dan Goodin/Ars Technica]
The Intercept just published an amazing article by Jim Bamford yesterday talking about how the NSA exploited a backdoor in Vodafone to spy on Greek politicians and journalists during the 2004 Olympics. Bamford is an American author and journalist best known for his writing about United States intelligence agencies, and in particular the National Security […]
When National Security Agency director Michael Hayden told then-CEO-of-HP/now-Republican-presidential-hopeful Carly Fiorina he needed servers to put the entire USA under unconstitutional surveillance, she leapt into action to supply him with the materiel he needed.
Bamford was the first-ever NSA whistleblower, whose bravery led to the Church Commission and the unprecedented curbs on the agency’s spying powers — his long, sympathetic Wired profile of Snowden is full of insight and wisdom.
Skip the technical jargon and get right to taking amazing, professional-quality photos with this complete training. The Hollywood Art Institute Photography Course includes 22 modules filled with tutorials on how to profit off of your photography, or simply capture your memories in the manner they deserve.Accredited by the Photography Education Accreditation CouncilDive into this 22 […]
Power up your gadgets in the most unexpected places with the extremely compact SolarJuice battery pack. SolarJuice charges up at home like your average battery pack, but also lets you add extra juice on-the-go using its built-in solar panel—so you’ll never be left unplugged from the digital world.4.5 Stars on Amazon!Simultaneously charges 2 devices at […]
Hold your camera to higher standards with the brand-new iBlazr 2, the most advanced LED flash to date. Simply attach to your smartphone, tablet, or DSLR camera. Conveniently sized and wireless, this premium flash will let you easily take amazing photos in low light situations. It’s a literal snap to use: simply attach to your […]