Bonum Certa Men Certa

FreeBSD Lost Trust in Hardware Makers, Alleging NSA Tampering

FreeBSD

Summary: FreeBSD believes that the NSA tampered with hardware-level random number generators

LINUX may have been made vulnerable by the NSA et al. [1, 2, 3, 4]. There are a lot of speculations and even active discussions about random number generation in Linux, especially as implemented in hardware (e.g. by Intel). Without sufficiently high entropy in random number generators, not only would Linux as a kernel be vulnerable; SSL and SSH too would suffer.



Some of these issues we have covered here before, noting that Red Hat works a little too closely with the NSA. Right now we are quite fascinated by the news [1,2] that FreeBSD won't use Intel's and Via's hardware random number generators. Why? NSA.

In other news about FreeBSD, version 10 is approaching [3,4] after 20 years of development and it should have better graphics support [5]. Marking yet more milestones, the operating system "Is Getting Into The Magazine Business" [6], it runs in the record-breaking [7] PS4 (in some sense [8]). and it should be released some time this month [9]. FreeBSD is not the only BSD game in town (DragonFlyBSD gets some attention [10,11]), but it it the leading among the BSDs, so its voice when it comes to privacy and security issues sure counts.

Related/contextual items from the news:



  1. FreeBSD won't use Intel & Via's hardware random number generators, believes NSA has compromised them


  2. “We cannot trust” Intel and Via’s chip-based crypto, FreeBSD developers say
    Developers of the FreeBSD operating system will no longer allow users to trust processors manufactured by Intel and Via Technologies as the sole source of random numbers needed to generate cryptographic keys that can't easily be cracked by government spies and other adversaries.

    The change, which will be effective in the upcoming FreeBSD version 10.0, comes three months after secret documents leaked by former National Security Agency (NSA) subcontractor Edward Snowden said the US spy agency was able to decode vast swaths of the Internet's encrypted traffic. Among other ways, The New York Times, Pro Publica, and The Guardian reported in September, the NSA and its British counterpart defeat encryption technologies by working with chipmakers to insert backdoors, or cryptographic weaknesses, in their products.


  3. FreeBSD 10.0 Beta 4 Has Surfaced
    The final beta build ahead of the long-awaited and delayed FreeBSD 10.0 has now been made available.


  4. It Doesn't Look Like FreeBSD 10 Will Ship This Year


  5. A Roadmap For FreeBSD Graphics Support
    The latest FreeBSD code (for 10.0) supports not only Intel KMS but also the open-source AMD Radeon driver ported from the Linux kernel. This Intel/Radeon KMS support has since trickled into DragonFlyBSD and other BSD platforms. However, not all is up to par when it comes to graphics support on FreeBSD. Here'a a road-map and test matrix with some other items still on the BSD developers' agenda.


  6. FreeBSD Is Getting Into The Magazine Business


  7. Record Breaking Launch For PS4
    Sony's PS4 has well and truly landed, becoming the fastest selling video game console in UK history. It overturns the 8 year record held by the original PSP and eclipses the launch week sales of both PS3 and Xbox One.


  8. It's Official, Playstation 4 Runs FreeBSD Kernel
    Sony has just launched its PlayStation 4 console, and it seems that the rumors about being based on FreeBSD are actually true.
  9. FreeBSD 10.0 Is Still Running Behind Schedule
    There were plans originally to ship FreeBSD 10.0 as stable in November, but that isn't going to happen. It's not even clear if FreeBSD 10.0-RELEASE will be ready to ship before the end of the calendar year, but at least progress is being made and when the release does happen there's a great number of new features.


  10. HAMMER2 File-System Gets Stabilization Improvements
    HAMMER2 file-system improvements have landed hot on the heels of the exciting DragonFlyBSD 3.6 release.


  11. DragonFlyBSD 3.6 Does Intel/AMD KMS, DPorts, Better SMP


Recent Techrights' Posts

Turns Out LLMs for Code Don't Save Time and Don't Improve Quality
Neither legal nor useful
 
Pissing Contests and Pissing Off Everyone
people who came from Microsoft are trying to vex and divide the community
Microsoft Repeats the Mistakes Made by the EPO After We Exposed a Major Microsoft/EPO Scandal 10 Years Ago
That scandal was all over the media, not just in English
The Demise of LLMs
We've just checked BetaNews again. They've dropped all the slop and went back to human authors.
Gemini Links 13/07/2025: Sonpo Museum of Art and FCEUX
Links for the day
Links 13/07/2025: UnitedHealth's Censorship Campaign, Australia Wary of China
Links for the day
Firing Away With Nonsense
Or fighting fire with fire
Links 13/07/2025: Climate Crisis, GAFAM Poisoning the Water
Links for the day
The Microsofters Will Have an Obligation to Compensate Us
This story isn't just about Microsoft. It's also about corruption, there are many women victims, there is abject "abuse of process", and many more scandals to be illuminated in years to come.
Reproducing at the EPO Instead of Producing Monopolies for Foreign Monopolies With Their Price-Fixing Cartels
Does the EPO recognise the need of well-educated Europeans to bear kids?
Valnet Inc. Dominates Real (Not LLM Slop) GNU/Linux Coverage in 2025
And likely in prior years, too
Free Software Foundation (FSF) Fund Raiser Goes on
Later this month we'll expose another OSI scandal
EPO Staff Representatives Issue a Warning About Staff's Health and Inadequate Care
Even the EPO's own stakeholders (money sources) are openly protesting against what the EPO became
Links 13/07/2025: Partly Assorted News From Deutsche Welle and CBC
Links for the day
Gemini Links 13/07/2025: Board Games and Battle Styles
Gemini Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, July 12, 2025
IRC logs for Saturday, July 12, 2025
Plunder at the Second-Largest Institution in Europe
cuts, neglect, health problems, even early deaths
Links 12/07/2025: Political Developments, Attack on Opposition, Climate Actions
Links for the day
Gemini Links 12/07/2025: Melodic Musings and Small Web July
Links for the day
Links 12/07/2025: Jail in China for Homoerotica, South Korea Discriminates Against Old Workers
Links for the day
If Only Everything Was Rewritten in Rust, We'd Have No More Security Issues?
Nope.
Links 12/07/2025: Birdwatching and Fake/Misleading Wall Street 'Valuation' Figures
Links for the day
Gemini Links 12/07/2025: How to Avoid Writing, Apps for Android
Links for the day
Using SLAPPs to Cover Up Sexual Abuse and Strangulation
The exact same legal team of the Serial Strangler from Microsoft and Garrett already has a history fighting against "metoo"
EPO Staff Committee on Harassment in the Workplace
slides
Adding the Voice of Writers to UK SLAPP Reform
The journey to repair antiquated (monarchy era) laws will likely be long
EPO Takes More Money From Staff for Speculation (Pensions), Actuarial Study Explains the Impact
"The key change in this year’s Actuarial Study, due to cascading the new “risk appetite” from the financial study, is a significant increase of the total pension contribution rate of 5.7 percentage points, up to a total of 37.8%. This is driven by an unprecedented decrease in the discount rate of 105 bps down to 2.2%."
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 11, 2025
IRC logs for Friday, July 11, 2025
Microsoft - Like IBM - Does the "Relocation" Tricks (Start Over Elsewhere, Then Get Sacked by Microsoft)
It is a "low blow" or a "dick move"
After the Free Software Foundation's Campaign to Raise Money Let's See Campaigns to Finish Off Microsoft (Vista 11, GitHub etc.)
Microsoft is in effect collapsing
Your Publications Have No Major Impact Unless or Until You "Get Some Heat"
we're on the right track
Slopwatch: A Cause for Hope, the Hype is Dying
For about a month we showed that becoming a slopfarm - for several weeks - resulted in utter failure and ruin for BetaNews
Links 11/07/2025: Censorship Worsening, 3D Printing Success Stories, UK and France Unite Around Nukes
Links for the day
Gemini Links 11/07/2025: Zorin OS and Scriptonite Updates
Links for the day
Links 11/07/2025: Hardware, Russia, and China
Links for the day
Links 11/07/2025: Intel Collapsing and Microsoft Resorts to Bribery to Push Slop Via Obligatory Education
Links for the day
The EFF Sided With the Team That Strangles Women and Tells Women to Kill Themselves
They say that apathy and inaction are a form of a "stance"
"Nat [Friedman] and [the Serial Strangler From Microsoft] Were Always Exceptionally Close," Says Former Housemate and Colleague
Now Alex (hiding behind another name when that suits him) not only attacks women but also people who merely report what he did to women
Exemplary List of Things That Are Not Artificial Intelligence or Even Intelligence
The "age of AI" or "era of AI" or "AI revolution" mostly boils down to rebranding, just like "the cloud"
New Letter From the European Patent Office Explains How the Office Plots to Grant Many Illegal Patents, a Self-Fulfilling Prophecy of 'Growth'
Open letter to Mr Rowan (VP1) and Mr Aledo Lopez (COO)
Abuse of Process
5RB is employing people who help violent men
What Microsoft's Nat Friedman and Microsoft Lunduke Have in Common
"Get in da car; No time to explain, loser"
Microsoft and IBM Don't Have Much of a Future (They Mostly Pretend at This Point)
IBM and Microsoft are in some ways alike but in many ways different
It's Not Just Twitter (or X.com) That's Dying, Microsoft's Equivalent is Dying Also
Unable to find a business model
GitHub Copilot Can Cause the Bankruptcy of GitHub to Come Sooner and GitHub to be Shut Down Just Like Skype
Some publicly available information suggests that even for each paid subscriber for plagiarism (LLM 'coding') GitHub Copilot still loses more money than it makes
Wayland is Bad for the Planet
If you use Wayland, it'll take you longer to accomplish tasks and you will consume more energy (or battery life)
Legitimising Those Who Sabotage You
Microsoft is a very malicious company
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 10, 2025
IRC logs for Thursday, July 10, 2025
On Microsoft Layoffs
we might be looking at about 60,000 Microsoft layoffs since 2023
EPO Management Already Breaks Its Own Promise (Lie) on "Bringing Teams Together"
This gut-punching move happened just 2 days ago
Gemini Links 11/07/2025: Occupation of 2025 and "Old Man Yells At Soundcloud"
Links for the day
Our Lawsuits Against the 'Cancel Mob' (Ringleaders) Helped Reduce Anti-Free Software Online Abuse
That's not to say that lawsuits are the best way to handle terrible people. But that can help.