On Thursday, 20 September 2012 at 10:20, Dag-Erling Sm=C3=B8rgrav wrote: > Please understand that the timers used here have a resolution of around= > 1e-8 to 1e-10 seconds. You may be able to predict the first six digits > with reasonable accuracy - in fact, the first four or five will almost > always be 0, except for devices with moving parts - but anything beyond= > that is a crapshoot, even in a virtual machine. And this conclusion seems to be borne out by Pawel's data, at least on on= e machine on one architecture. RW's point is still valid, though: if we'r= e going to start asserting that =22we have gathered entropy from source X= =22, we owe it to the consumers of that entropy to really check that we'v= e done what we claim. =46or instance: on an embedded board with few devices, that uses =46DT ra= ther than bus enumeration whatsits, perhaps the time is more deterministi= c and therefore yields less entropy. I don't know, maybe it doesn't, but = we must have data. Jon -- =20 Jonathan Anderson jonathan=40=46reeBSD.org _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"