Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linus Responds To RdRand Petition With Scorn

Posted by timothy on from the never-a-dull-moment dept.

hypnosec writes "Linus Torvalds, in response to a petition on Change.org to remove RdRand from /dev/random, has lambasted the petitioner by called him ignorant for not understanding the code in the Linux Kernel. Kyle Condon from the UK raised a petition on Change.org to get Linus to remove RdRand from /dev/random in a bid 'to improve the overall security of the linux kernel.' In his response, Torvalds asked Condon and the supporters of the petition to gain an understanding of Linux drivers and cryptography, and then 'come back here and admit to the world that you were wrong.' Torvalds stressed that kernel maintainers knew what they were doing and the petitioner didn't. Torvalds, in a similar outburst just yesterday, hoped that 'ARM SoC hardware designers all die in some incredibly painful accident.' This came in response to a message from Kevin Hilman when he noted that there were quite a few conflicts in the ARM SoC pull request for Linux 3.12 which were a result of the platform changes conflicting with driver changes going in to the V4L tree."

5 of 566 comments (clear)

  1. Hmm.... by Andy+Dodd · · Score: 4, Interesting

    There was an incident a few years ago (that led to at least one subsystem maintainer resigning) where RdRand was used as the EXCLUSIVE entropy source for some items if it were present. http://cryptome.org/2013/07/intel-bed-nsa.htm - Matt Mackall resigned over it.

    This is BAD.

    If it is now merely feeding the pool as one of multiple sources, then it's OK. If anything is directly exposed to raw rdrand output, something is very wrong.

    --
    retrorocket.o not found, launch anyway?
  2. Re:Negotiation Skills by Goaway · · Score: 5, Interesting

    There was no negotiation going on. There was a single obnoxious guy calling Linux "an approved partner of the NSA" and complaining about something he knew nothing about. He deserved what he got. In fact, Linus went pretty easy on him.

  3. Re:At Least He Doesn't Throw Chairs by Sarten-X · · Score: 4, Interesting

    ...where kindergarten teachers repeat the Golden Rule to him.

    I've seen Linus get into an argument with someone of the same style. After a few rounds, it became obviously different that the debate was not like the typical Internet insult-hurling flame war. Rather, each side had points and counter-points and presented a persuasive case... just peppered with insults and offenses, as a separate layer of argument. It's sort of like real insult swordfighting.

    --
    You do not have a moral or legal right to do absolutely anything you want.
  4. Re:Negotiation Skills by Lumpy · · Score: 4, Interesting

    It's not only an obnoxious guy, but an uneducated one. You can easily disable it with a compile time option already.

    --
    Do not look at laser with remaining good eye.
  5. Re:Excuses, excuses, excuses ! by vux984 · · Score: 5, Interesting

    Open source is just that, you can read the source of the programs

    I believe the suspicion is the RDRAND cpu instruction itself is a black box from intel that may have been subverted by the NSA.

    As such, no, it can't be audited, and it's source cannot be inspected.