Good call on this. If you can't trust the CPU you're running on, you can't trust anything at all. The proper solution is to find a supplier you trust and go with them.
Pulling useful entropy away from the OS's RNG functions is the best example of an ignorant knee-jerk reaction to this security problem.
I don't see where the OS's RNG functions are being deprived of such entropy as the hardware RNG provides; it looks more like the hw RNG is being used as one of many inputs to the OS RNG instead of as a completely trusted substitute for the OS RNG.
Presumably using the same skynet tech it uses to look ahead and see where the rdrand is going to be xored into. I'm less familiar with precisely how linux does it, but it's not as simple as "newsecret = oldsecret ^ rdrand". The bits are scattered all to hell.
Building a "where will this rdrand go?" backdoor is harder than building a backdoor that just trawls through load addresses for various common kernels looking for the symbol table so it can poison the entropy directly.
Do you realize how much of a performance hit modern desktops would take if a processor that had to freeze the operating system while it wandered through memory first identifying the operating system and then finding the entropy pool and modifying it?
>Presumably using the same skynet tech it uses to look ahead and see where the rdrand is going to be xored into.
There is no such tech. That's why this is not 'checkmate'. A poisoned random number that generates numbers in a predictable manner is orders of magnitude easier to implement and less possible to detect than a magical processor that changes memory it thinks might be entropy for some operating systems it has been pre-programmed to look for under the assumption that kernel will never change ever. Get real.
Good call on this. If you can't trust the CPU you're running on, you can't trust anything at all. The proper solution is to find a supplier you trust and go with them.
Pulling useful entropy away from the OS's RNG functions is the best example of an ignorant knee-jerk reaction to this security problem.
reply