The maintainers of the security-conscious FreeBSD operating system have declared that they will no longer rely on the random number generators in Intel and Via's chips, on the grounds that the NSA likely has weakened these opaque hardware systems in order to ease surveillance. The decision is tied to the revelations of the BULLRUN/EDGEHILL programs, wherein the NSA and GCHQ spend $250M/year sabotaging security in standards, operating systems, software, and networks.
"For 10, we are going to backtrack and remove RDRAND and Padlock backends and feed them into Yarrow instead of delivering their output directly to /dev/random," FreeBSD developers said. "It will still be possible to access hardware random number generators, that is, RDRAND, Padlock etc., directly by inline assembly or by using OpenSSL from userland, if required, but we cannot trust them any more."
In separate meeting minutes, developers specifically invoked Snowden's name when discussing the change.
"Edward Snowdon [sic] -- v. high probability of backdoors in some (HW) RNGs," the notes read, referring to hardware RNGs. Then, alluding to the Dual EC_DRBG RNG forged by the National Institute of Standards and Technology and said to contain an NSA-engineered backdoor, the notes read: "Including elliptic curve generator included in NIST. rdrand in ivbridge not implemented by Intel... Cannot trust HW RNGs to provide good entropy directly. (rdrand implemented in microcode. Intel will add opcode to go directly to HW.) This means partial revert of some work on rdrand and padlock."
“We cannot trust” Intel and Via’s chip-based crypto, FreeBSD developers say [Dan Goodin/Ars Technica]
Many countries around the world have a policy of reciprocal border treatment -- I once traveled to Uganda and the visa payment demanded at the border varied on your citizenship, based on what your country charged Ugandans to travel there; likewise, after the US started fingerprinting visitors, Brazil starting fingerprinting Americans (and only Americans!) at […]
The US Department of Homeland Security has published a new proposed rule that would make people ineligible for US citizenship if their credit-scores were poor.
A recent Pew poll challenged subjects to distinguish between factual statements and statements of opinion in news articles; it found that there is a large gap in accuracy between 18- to 49-year-olds (32% of whom correctly labeled 100% of the facts, and 44% of whom correct labeled 100% of the opinions) and those aged 50 […]
With the intuitive software out there today, anyone can become a music producer. You’ve probably heard that from any number of laptop impresarios, but you still have to know how to use the tools – and Logic Pro X is one of the best platforms out there right now. In order to get the most […]
Believe it or not, PDF files have been the go-to format for contracts and forms of any type since 1993. And sure, they’re easily shareable – but that’s about it. When you need to edit or sign a document – and you will – that’s when frustration can set in. Luckily, there are workarounds, and […]
It’s 4/20! Smoke ’em if you got ’em – and if you haven’t got ’em, check out this roundup of deep discounts on pipes and other accessories. They’re all on sale, but you can take an extra discount off the final price courtesy of the Boing Boing store by using the online code 420SAVE. Freeze […]