Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Security Linux

Linus Responds To RdRand Petition With Scorn 566

hypnosec writes "Linus Torvalds, in response to a petition on Change.org to remove RdRand from /dev/random, has lambasted the petitioner by called him ignorant for not understanding the code in the Linux Kernel. Kyle Condon from the UK raised a petition on Change.org to get Linus to remove RdRand from /dev/random in a bid 'to improve the overall security of the linux kernel.' In his response, Torvalds asked Condon and the supporters of the petition to gain an understanding of Linux drivers and cryptography, and then 'come back here and admit to the world that you were wrong.' Torvalds stressed that kernel maintainers knew what they were doing and the petitioner didn't. Torvalds, in a similar outburst just yesterday, hoped that 'ARM SoC hardware designers all die in some incredibly painful accident.' This came in response to a message from Kevin Hilman when he noted that there were quite a few conflicts in the ARM SoC pull request for Linux 3.12 which were a result of the platform changes conflicting with driver changes going in to the V4L tree."
This discussion has been archived. No new comments can be posted.

Linus Responds To RdRand Petition With Scorn

Comments Filter:
  • by AndroSyn ( 89960 ) on Tuesday September 10, 2013 @09:29AM (#44807127) Homepage

    You have the source code, remove rdrand from the kernel yourself.

    • by gweihir ( 88907 )

      You have the source code, remove rdrand from the kernel yourself.

      And that would be exceedingly stupid. The trick to good entropy gathering is to use all sources available, mix them into the entropy pool, while very conservatively estimate each ones contribution. Removing _any_ source that provides at least some entropy, even if only under some conditions, can only make the result worse. That means that even of RdRand is fully compromised (which is extremely unlikely, as that would be obvious), it would still be a bad idea to remove it. It may be sensible to estimate its

  • by Anonymous Coward

    This douche bag just wishes painful death on people who disagree with him. That is so much better. The guy may be brilliant and he may have created a wonderful thing for the world. But he is every bit the douche bag that Jobs and Ballmer have ever been.

    • by iserlohn ( 49556 ) on Tuesday September 10, 2013 @09:41AM (#44807241) Homepage

      Linus is funny while Ballmer acts funny. Worlds apart if you ask me.

      • by MrDoh! ( 71235 ) on Tuesday September 10, 2013 @09:56AM (#44807439) Homepage Journal
        Yeah, it's just Finnish humour that's being taken badly. I know he's been in the US for a long time, but he's not being mean, it's just a way of expression that it appears many don't get. !Still, the AC could always email Linus and ask him to change, I'm sure he'd appreciate the input.
      • by oztiks ( 921504 ) on Tuesday September 10, 2013 @10:09AM (#44807579)

        I'm with you on that. It seems like his sense of humour and his calling "a spade a spade" philosophy earns him a lot of criticism. I always argue that Linus is your typical purest. He's not there to please or appease. He's there to focus on getting things done right, in his own way, but as correct as he sees it.

        I argue that because he's giving Linux freely to the world and with limited monetary gain that we can't chastise him too much about it either. What he's missing is something which I've learned through my own errors when dealing with people in the past. And that is, to deal with "the public" one must always do so with the softest possible touch. That's only if you're wanting to earn the minds of the masses mind you.

        So I say. People who bag him with the whole "his attitude is appalling" type statements. Well, it sucks to be you because I think that you're just too much of a sook and you need to harden/lighten up a little. The people who condone the attitude I say "meh, you're probably a purest as well" because they wish to understand truth and wish to see what goes on in the Linus' mind just as I do.

        As me for me. Truth be told. The day Linus actually starts acting like the rest of the PR sheep out there is the day I'd start to worry about crypto that NSA may of sneaked in to the Linux kernel. Until then. It's good to see him throwing out comments like "Deep throat Microsoft" and "You're ignorant". This kind of talk is indicative of when the internet wasn't populated by commercially driven cock suckers like Mark Zuckerberg abusing the word "hacker" and trying to pass himself off as "one of us".

        So at the end of the day, who's really lost touch here?

  • by Splab ( 574204 ) on Tuesday September 10, 2013 @09:33AM (#44807163)

    The TFA makes it look like Linus went on full rampage mode and tore a insightful request down by being mean.

    Actually reading his responses, Linus is pretty level headed and just says no, you can't have this.

    Guess submitter got his feelings hurt?

    • by greenfruitsalad ( 2008354 ) on Tuesday September 10, 2013 @09:37AM (#44807201)

      that is exactly what i thought. guy creates a lame picture with NSA and LINUX in it, comes up with a fascinating heading and uses yesterday's info from slashdot discussion to create FUD. if i were Linus, i wouldn't have bothered with such a long response.

    • There's been a whole series of "Waaa, Linus told me I was wrong and is a big meanie" articles over the last few years. I'm unclear exactly why, but it seems as though some feel like if they don't get their way on LKML, the next logical step is to complain to Slashdot.

    • by MrNemesis ( 587188 ) on Tuesday September 10, 2013 @10:49AM (#44807983) Homepage Journal

      These days, almost every time a story is posted along the lines of "Linux says X" it's frequently framed in such a way as to paint Linus as a frothing madman hurling not just insults but entire furniture factories at his cringing subordinates. It's become such a regular occurence that I half expect them to be followed up with a story on how Steve Ballmer has converted to buddhism and will be using the armpit sweat from his meditations to irrigate the sahara.

      Reading the article, of course, usually reveals a different picture, but that gets in the way of attention-grabbing headlines. I'm not really sure how the following post can be construed as "fury"; irritation, indignation, perhaps, but not fury.

      Where do I start a petition to raise the IQ and kernel knowledge of people? Guys, go read drivers/char/random.c. Then, learn about cryptography. Finally, come back here and admit to the world that you were wrong. Short answer: we actually know what we are doing. You don't. Long answer: we use rdrand as _one_ of many inputs into the random pool, and we use it as a way to _improve_ that random pool. So even if rdrand were to be back-doored by the NSA, our use of rdrand actually improves the quality of the random numbers you get from /dev/random. Really short answer: you're ignorant.

      As far as I can tell, no-one's found any evidence for rdrand being backdoored, and even if it were, there's bigger issues at foot with things like microcode. Linus explains how the kernel implementation uses random data from several different sources to guard against this kind of stuff. Plus, as other people have pointed out, you can disable rdrand with a kernel parameter. Linus is primarily a pragmatist, so it doesn't really make much sense to excise the code from the kernel - throwing out the baby with the bathwater if you will. Surely if there were any hardware to worry about, it'd be the hardware providing AES-NI [intel.com]? Why isn't there a petition to have that removed...?

  • by CajunArson ( 465943 ) on Tuesday September 10, 2013 @09:43AM (#44807271) Journal

    Shouldn't we be welcoming RdRand with open arms? It's a mathematically proven high-quality random number generator that lets chips like Ivy Bridge & Haswell produce large amounts of true random data (not a simple PRNG data) at multi-gigabit speeds.

    There are some excellent slides describing RdRand here: http://software.intel.com/en-us/tags/20757 [intel.com]

    I would strongly recommend using it wherever feasible as it is a great boon to security in Linux.

    So is some AMD/ARM fanboy saying that it's not fair that AMD/ARM haven't bothered to implement RdRand yet so therefore nobody should be allowed to use it? How about we extend that logic to other pieces of hardware? Say, when AMD comes out with an improved GPU, let's say that Linux shouldn't support it because Intel doesn't have the same hardware.. fair is fair right?

    • by pjt33 ( 739471 ) on Tuesday September 10, 2013 @09:53AM (#44807385)

      It's a mathematically proven high-quality random number generator that lets chips like Ivy Bridge & Haswell produce large amounts of true random data (not a simple PRNG data) at multi-gigabit speeds.

      Maybe. Or maybe it's deliberately weakened by Intel in response to a request from NSA in an effort to produce something akin to the Debian weak key problem. Can you audit your CPU to see whether the implementation is the one which the proof belongs to?

  • Hmm.... (Score:5, Interesting)

    by Andy Dodd ( 701 ) <atd7.cornell@edu> on Tuesday September 10, 2013 @09:45AM (#44807289) Homepage

    There was an incident a few years ago (that led to at least one subsystem maintainer resigning) where RdRand was used as the EXCLUSIVE entropy source for some items if it were present. http://cryptome.org/2013/07/intel-bed-nsa.htm [cryptome.org] - Matt Mackall resigned over it.

    This is BAD.

    If it is now merely feeding the pool as one of multiple sources, then it's OK. If anything is directly exposed to raw rdrand output, something is very wrong.

  • by gatkinso ( 15975 ) on Tuesday September 10, 2013 @09:53AM (#44807387)

    ARM SoC hardware designers world wide smile into their hand.

  • by schneidafunk ( 795759 ) on Tuesday September 10, 2013 @09:56AM (#44807435)

    I have to admit I didn't know much about the controversy so I went and found some articles.

    Here is an article showing some weaknesses in Linux's random generation: Analysis of the Linux Random Number Generator [iacr.org]

    As reported by Bruce Schneier for this Wired article: http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115 [wired.com]

  • A petition? (Score:5, Insightful)

    by macemoneta ( 154740 ) on Tuesday September 10, 2013 @09:58AM (#44807471) Homepage

    If you believe there's something broken in the kernel (or other open source project), you don't create a petition, you create and submit a patch. If you don't know enough or don't have the skills to create a patch, you're probably not qualified to criticize the implementation.

    "Anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge." -- Isaac Asimov

  • by wjcofkc ( 964165 ) on Tuesday September 10, 2013 @10:12AM (#44807611)
    I would first like to point out that if you really read this particular response, he was not as flaming as is being reported. Sounds like someone is exaggerating over a grudge. However...

    Of all modern figures, Linus Torvalds is close to the top of my list of people who I respect and admire the most. His work has truly changed the world for the better. Can you imagine what things would be like if Linux had never happened? I shudder at the very notion. Regardless of this, Linus has in fact shown over the years that he can have an unreasonably short fuse. He is not RMS, but he's not far and when he does take a hard-line bad attitude stance, I sometimes fear that it is at the detriment of potential progress. Important, high profile maintainers have quit over the years due to his attitude, and it would be nice if he could be more diplomatic in those situations where he unnecessarily goes off like a stick of dynamite. I think there is a degree where his power has gone to his head. But as long as Linux keeps marching forward, I am happy enough with that.
  • ARM chip designers view hardware as disposable. Why worry about software security updates when you are just going to replace the phone every 18 months?

    Cursing about it on LKML is useless though. Linus should start a change.org petition to address this issue.

  • by Reliable Windmill ( 2932227 ) on Tuesday September 10, 2013 @10:36AM (#44807859)
    I'm wondering how clever it is for Linus to make statements like "So if you see any, send them my love, and possibly puncture the brake-lines on their car and put a little surprise in their coffee, ok?"

    With stories of kids getting arrested and sent to jail for saying things like "I'm going to kill someone. Nah just kidding." he may be setting himself up for this. I can imagine U.S gov wanting to take that opportunity, with him being so prominent and open source operating systems possibly proving to be the only guaranteed escape from NSA eavesdropping.
  • by Rinikusu ( 28164 ) on Tuesday September 10, 2013 @10:57AM (#44808059)

    I'd read TMZ.

    Man, I can't wait until the /. submitters discover Theo de Raadt.

  • by Okian Warrior ( 537106 ) on Tuesday September 10, 2013 @11:19AM (#44808325) Homepage Journal

    The NSA has apparently compromised random number hardware and software packages throughout the industry.

    Could this be fixed by using an entropy server?

    Suppose some group hosted a random number server. A verified source of true randomness which can be trusted by the reputation of the people involved, in the same way that we trust the people who make Tor, Mozilla, and linux.

    It would be a single point of failure, but also a single point of defense. We could put all the best practices and best ideas of security into one place, by means of technology, software and legalities. It could be hosted in a privacy-friendly country, it could be monitored and defended by the EFF using legal means, it could use the best technology for generating randomness and have open and easily-inspected software and procedures.

    To use the system, a client would:

    • Generate a public/private key using whatever entropy is on hand
    • Encrypt the private key using the server's public key and send it to the server
    • The server returns a packet of random numbers, encrypted using the client's key
    • The client generates a new key pair using the returned entropy
    • The client uses that key pair from then on

    This is slightly weak because the NSA could record the conversation and "simulate" the client computer to recover the generated keys, but doing this is much harder than cracking weak keys. In the server model the weak key is used once, instead of being used all the time. Also, simulating a computer (including nuances of software version and hardware quirks) is much harder than finding weak keys.

    (To find weak keys, gather all the keys you can find and calculate GCD on pairs of keys. In practice, about 1 percent [idquantique.com] of all keys on the net have common factors. Most of these come from systems with low entropy - headless systems (routers, firewalls, servers) with no user interaction for randomness.)

    In one action we could fix the security of much of the software used in the internet.

    Any volunteers?

    (I'd love to, but it has to be outside the US. I'll donate $1000 towards costs if the idea is viable.)

    • Generate a public/private key using whatever entropy is on hand

      I happened to read a discussion of this on Ted Tso's Google+ last night (stayed up way too late...) and the short answer is that there's not enough entropy on the newly booted system to make the strong keys required to bootstrap the equation.

      To paraphrase, Ted called ISC retarded for creating a DNSSEC where the validation of a key required a strong entropy source on the client. He likened it to needing a private key to validate a GPG signature,

    • by steveha ( 103154 ) on Tuesday September 10, 2013 @03:02PM (#44810963) Homepage

      It's an unreasonable idea. First, it requires a reliable Internet connection. Second, the NSA could monitor the traffic, plant back doors in the server, or otherwise compromise an in-the-cloud solution.

      Much better would be a hardware source of randomness, connected to your server, and under your direct control.

      Why not get a cheap webcam and set up your own LavaRnd? There, true random data available to your computer even at boot time.

      http://www.lavarnd.org/what/how-good.html [lavarnd.org]

      LavaRnd has Linux kernel drivers, and it will drop right in and Just Work.

      I'll donate $1000 towards costs if the idea is viable.

      You could buy a lot of cheap webcams for $1000.

"You must have an IQ of at least half a million." -- Popeye