Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Ubuntu: reseed(8), random.org, and HTTP request
Jul 06 2011 04:04AM
Jeffrey Walton (noloader gmail com)
Ubuntu's reseed(8) can be used to seed the PRNG state of a host. The
script is run when the package installed, and anytime su executes the
reseed(8) performs a unsecured HTTP request to random.org for its
bits, despite random.org offering HTTPS services.
The Ubuntu Security Team took no in...
[ more ]
Copyright 2010, SecurityFocus