[2012-07-19 22:10:05 -0700] David Hunter: > I'm sure that it's always going to > be "random enough", but I often make use of Archlinux in forensic > environments involving encrypted disks and files or transferring > things over SSL, so I do need to know if there is even a theoretical > weakness in my environment in case my tools and methodologies are > called into question. There are no known weaknesses as far as I know, but you can always question the hypothesis that runtime measurements bear a significant amount of entropy. Now if you are that paranoid you might also want to avoid kernel-gathered entropy and just get yourself a physical entropy generating device. -- Gaetan
