> On Fri, 24 May 1996, Herbert Rosmanith wrote:
>
> > a rendom generator placed in the kernel is a thematical error.
> > i always thought that an OS is an abstracion of the hardware.
> > please put random generators to where they belong to: to the
> > application level. put it into some static library.
>
> This is difficult, because once the information used by the random driver
> is filtered to the application level, significant amounts of randomness
> are lost, because of timing considerations. Real randomness generated
> (esp. on a multiuser OS) by timing numbers can't be filtered. The only
> way to ensure this is to build it into the OS.
>
Hey do You know howsimple they are doing it in X11R6 and they magic cookies?
They are simply checksumming /dev/mem (in fact using the MD5 thereafter)!
And now please tell me why this doesn't involve more "entropy" from
hardware then /dev/random????? Every interrupt will leave the memmory in
some different state!!!
Marcin