[Cryptography] Fwd: [IP] 'We cannot trust' Intel and Via's chip-based crypto, FreeBSD developers say

[grarpamp]

> They want this, if it can be made to work, and they'll try
> it if they don't know.  That's what they said in the goals revelations, and
> I believe them.

This probably can't be mentioned enough. Millions to billions
of gates on a die, lots of room there. Multiplied out to the
millions to billions of computers in service. That's a huge
opportunity no one in their right mind wouldn't try to exploit.
And RNG's are an easy place to do it. RNG is not a box
you can input 2+2 test vector from the outside and get 4
back out. The RNG may even look random, pass diehard, etc.
But if there's a secret seed buried in the RNG somewhere,
you're screwed. And when was the last time anyone ever publicly
decapped and validated a current Intel RNG CPU? <silence>
Sure, mix it in with at least one other source, or shutdown, and
use that. But don't ever use it raw. Embedded RNG's help make
the market for external discrete logic RNG dongles.