On Fri, 14 Sep 2012 22:49:14 +0100 Mark Murray wrote: > If not, then whatever you run instead must also be sound. XOR isn't. > > You have a way to go before you convince me on this one. I'll buy this > argument if it is a routine/regular/risky ocurrence that the output > of (say) > > $ ( ps -gauxwww ; netstat -arn ; sysctl -ao ) | gzip | ... > > ... can be demonstrated to have insignificant entropy when harvested > using my proposed method. BTW - you may want to actually see the > method. The fastest compression setting on gzip is five times slower than sha256 and doesn't actually solve any specific problem. So far no one has come up with a single cogent argument for compression. If you replace compression with hashing then the need modifying the kernel code is eliminated. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"