1. 7
  1.  

  2. 2

    Sad they cannot tell us which OS allows arbitrary users to write to /dev/urandom.

    Well I suppose NDAs exist for a reason…

    1. 3

      Well, just writing to /dev/urandom in the Linux sense (mixing into the pool) would be OK, making such writes replace the seed (and having the seed be just 32 bits) is what makes the situation bad.

      1. 2

        There was a company known for making solid, embedded software that just goofs on some stuff for reasons unknown. Probably management rushing them given their profitability. They also do NDA’s. I’m not saying Green Hills was responsible for this bad RNG in the A380, F-35, and JTRS…

        http://www.ghs.com/news/20031118_boeing.html

        http://www.ghs.com/customers/lockheedf35.html

        http://www.ghs.com/customers/A380.html

        …but I am saying the authors know how to handle a NDA. ;)

        1. 3

          Hah. Thanks!