11 Oct
2012
11 Oct
'12
8:43 p.m.
On Thu, Oct 11, 2012 at 05:25:37PM -0700, Jonathan Lassoff wrote:
Yes, but then you're also introducing a way for an external attacker to transmit data that can be mixed into your entropy pool.
XORring predictable data to random data does not yield a predictable result. /dev/random is world writable so if writing to it causes the random generator to output something predictable it's a bug that needs to be fixed. Also, an analog TV receiver will always have some noise that is not predictable even if you are transmitting a known signal to it. If you seriously need good entropy for cryptography, I think you will not ask about it on nanog, and I'd be very wary of cheap hardware RNGs too.