The maintainers of the security-conscious FreeBSD operating system have declared that they will no longer rely on the random number generators in Intel and Via's chips, on the grounds that the NSA likely has weakened these opaque hardware systems in order to ease surveillance. The decision is tied to the revelations of the BULLRUN/EDGEHILL programs, wherein the NSA and GCHQ spend $250M/year sabotaging security in standards, operating systems, software, and networks.
"For 10, we are going to backtrack and remove RDRAND and Padlock backends and feed them into Yarrow instead of delivering their output directly to /dev/random," FreeBSD developers said. "It will still be possible to access hardware random number generators, that is, RDRAND, Padlock etc., directly by inline assembly or by using OpenSSL from userland, if required, but we cannot trust them any more."
In separate meeting minutes, developers specifically invoked Snowden's name when discussing the change.
"Edward Snowdon [sic] -- v. high probability of backdoors in some (HW) RNGs," the notes read, referring to hardware RNGs. Then, alluding to the Dual EC_DRBG RNG forged by the National Institute of Standards and Technology and said to contain an NSA-engineered backdoor, the notes read: "Including elliptic curve generator included in NIST. rdrand in ivbridge not implemented by Intel... Cannot trust HW RNGs to provide good entropy directly. (rdrand implemented in microcode. Intel will add opcode to go directly to HW.) This means partial revert of some work on rdrand and padlock."
“We cannot trust” Intel and Via’s chip-based crypto, FreeBSD developers say [Dan Goodin/Ars Technica]
Laura Poitras, whose 2014 Edward Snowden documentary Citizenfour won the Academy Award for best doc, has a show on at NYC’s Whitney Museum called “Astro Noise,” which attempts to capture the sense of overwhelming surveillance she’s lived under since the US government targeted her while she was shooting a documentary in Iraq.
In less than an hour, Wikileaks will publish a set of TOP-SECRET/COMINT-GAMMA documents — “the most highly classified documents ever published by a media organization” — that document NSA spying on UN Secretary General Ban Ki-Moon, German Chancellor Angela Merkel, Israeli prime minister Benjamin Netanyahu, former Italian prime minister Silvio Berlusconi, former French leader Nicolas […]
In 2005, a former AT&T engineer named Mark Klein walked into the Electronic Frontier Foundation’s offices and revealed that he had helped the phone company build a secret NSA surveillance outpost at the Folsom Street switching station, through which AT&T was helping the US government conduct mass, warrantless, domestic surveillance.
Bootcamps are all the rage these days and if you’re going to drill obsessively deep into any core programming discipline, you probably won’t find a more deserving recipient of that super-intensive study time than Java. Java’s simple, adaptable and – probably not coincidentally – one of the most widely-used programming languages and platforms across the […]
Envelope-pushing tech satisfies on two levels…it not only stimulates the gee whiz, what’ll-they-think-of-next pleasure center of your brain, but it opens you up to tantalizing possibilities that older tech limitations left unfulfilled. So what if you could snap an image with a SLR-quality camera, then utilize and manipulate the elements of your photo independently? Kind of […]
When you’re in the mood to light up, there’s not much else you want to have to think about. Relaxation is the goal and thus, the focus, not remembering your last temperature or chastising yourself for not cleaning your vape well enough. You simply want to chill and let the pipe do all the work […]