Bonum Certa Men Certa

FreeBSD Lost Trust in Hardware Makers, Alleging NSA Tampering

FreeBSD

Summary: FreeBSD believes that the NSA tampered with hardware-level random number generators

LINUX may have been made vulnerable by the NSA et al. [1, 2, 3, 4]. There are a lot of speculations and even active discussions about random number generation in Linux, especially as implemented in hardware (e.g. by Intel). Without sufficiently high entropy in random number generators, not only would Linux as a kernel be vulnerable; SSL and SSH too would suffer.



Some of these issues we have covered here before, noting that Red Hat works a little too closely with the NSA. Right now we are quite fascinated by the news [1,2] that FreeBSD won't use Intel's and Via's hardware random number generators. Why? NSA.

In other news about FreeBSD, version 10 is approaching [3,4] after 20 years of development and it should have better graphics support [5]. Marking yet more milestones, the operating system "Is Getting Into The Magazine Business" [6], it runs in the record-breaking [7] PS4 (in some sense [8]). and it should be released some time this month [9]. FreeBSD is not the only BSD game in town (DragonFlyBSD gets some attention [10,11]), but it it the leading among the BSDs, so its voice when it comes to privacy and security issues sure counts.

Related/contextual items from the news:



  1. FreeBSD won't use Intel & Via's hardware random number generators, believes NSA has compromised them


  2. “We cannot trust” Intel and Via’s chip-based crypto, FreeBSD developers say
    Developers of the FreeBSD operating system will no longer allow users to trust processors manufactured by Intel and Via Technologies as the sole source of random numbers needed to generate cryptographic keys that can't easily be cracked by government spies and other adversaries.

    The change, which will be effective in the upcoming FreeBSD version 10.0, comes three months after secret documents leaked by former National Security Agency (NSA) subcontractor Edward Snowden said the US spy agency was able to decode vast swaths of the Internet's encrypted traffic. Among other ways, The New York Times, Pro Publica, and The Guardian reported in September, the NSA and its British counterpart defeat encryption technologies by working with chipmakers to insert backdoors, or cryptographic weaknesses, in their products.


  3. FreeBSD 10.0 Beta 4 Has Surfaced
    The final beta build ahead of the long-awaited and delayed FreeBSD 10.0 has now been made available.


  4. It Doesn't Look Like FreeBSD 10 Will Ship This Year


  5. A Roadmap For FreeBSD Graphics Support
    The latest FreeBSD code (for 10.0) supports not only Intel KMS but also the open-source AMD Radeon driver ported from the Linux kernel. This Intel/Radeon KMS support has since trickled into DragonFlyBSD and other BSD platforms. However, not all is up to par when it comes to graphics support on FreeBSD. Here'a a road-map and test matrix with some other items still on the BSD developers' agenda.


  6. FreeBSD Is Getting Into The Magazine Business


  7. Record Breaking Launch For PS4
    Sony's PS4 has well and truly landed, becoming the fastest selling video game console in UK history. It overturns the 8 year record held by the original PSP and eclipses the launch week sales of both PS3 and Xbox One.


  8. It's Official, Playstation 4 Runs FreeBSD Kernel
    Sony has just launched its PlayStation 4 console, and it seems that the rumors about being based on FreeBSD are actually true.
  9. FreeBSD 10.0 Is Still Running Behind Schedule
    There were plans originally to ship FreeBSD 10.0 as stable in November, but that isn't going to happen. It's not even clear if FreeBSD 10.0-RELEASE will be ready to ship before the end of the calendar year, but at least progress is being made and when the release does happen there's a great number of new features.


  10. HAMMER2 File-System Gets Stabilization Improvements
    HAMMER2 file-system improvements have landed hot on the heels of the exciting DragonFlyBSD 3.6 release.


  11. DragonFlyBSD 3.6 Does Intel/AMD KMS, DPorts, Better SMP


Recent Techrights' Posts

Datamation, Where I Used to Publish Articles, Appears to Have Been Sold to TechnologyAdvice Only to Become a Slopfarm
I'd prefer to not associate with that site anymore
 
How Software Patents Were Viewed or Their General Status Changed Over Time
A rough summary
We Are Turning 19 in One Month, FSF Turns 40 in 3 Hours (CET)
For our anniversary next month we still have no concrete plans
Patent Docs (or PatentDocs) Learned the Wrong Lessons From the Death of TypePad
Had they gone ahead with an SSG, they'd become a lot more future-proof
USPTO Patent Bubble Already Imploding, After Decades of Artificial Inflation, Entire Offices Close for Good
we can deduce that financial pressures (lack of "demand" for monopolies) play a role
TikTok is Not Harmless (Being CheeTok in the US Will Advance Orange Agenda)
Social control media isn't "fun and games"; it's a digital weapon that lets hostile groups or nations infiltrate others, then turn them against themselves
Andy Farnell and Helen Plews Explain What "Modern" Tech Does to Old People
Imposing terrible tech "religion" on people is not helping them
Tomorrow the Free Software Foundation (FSF) Turns 40 and Its Web Site is Still Slow Due to DDoS by LLM Slop Bots
For an advocacy group, uptime is important (for its message to remain accessible)
Slopwatch: Google News as a Firehose of LLM Slop About "Linux"
Google News is really bad
Links 03/10/2025: "NPR’s Economics Lessons Come With Neoliberal Spin" and Canada Post at Risk
Links for the day
Gemini Links 03/10/2025: Panic Attacks and Food Adulteration
Links for the day
Links 03/10/2025: Lawyers Caught Using LLM Slop Explain Why They Did It, LibreSSL 4.1.1 and 4.0.1 Released
Links for the day
FSF Board Grew 50% Since Last Year, Has New President, Turns 40 in Two Days
It's a good move for the FSF and - by extension - for software freedom
Links 03/10/2025: Conflicts, Death of TypePad, and TikTok/CheeTok Gives a Boost to Far Right Groups in Europe
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 02, 2025
IRC logs for Thursday, October 02, 2025
Slopwatch: Linux Journal, Google News, and LinuxSecurity
They carry on polluting the Web with fake articles
Gemini Links 02/10/2025: Kubernetes With FreeBSD and robots.txt
Links for the day
Links 02/10/2025: 'Open' 'AI' Resorting to Gimmicks and Fake Funding, Europe’s ‘Drone Wall’ Discussed
Links for the day
Links 02/10/2025: Brave Passes 100M Users Milestone, Kodak Selling Its Own Film Again
Links for the day
Michael “Monty” Widenius: It Started in 1983 With Richard Stallman (RMS)
The other co-founder of MySQL is a bit notorious for confronting RMS rather viciously
For the Second Time in a Few Weeks Microsoft Lunduke Makes False Accusations Against Senior Red Hat Staff to Incite a Despicable 'Troll Army'
Nothing that Microsoft Lunduke claims of says can be trusted
su lisa && rm -rf /home/ibm/power
Novell was ruined by another person from IBM, Ronald Hovsepian
A Record Demand at Microsoft: Demand to Cancel
What we're witnessing is a very ungraceful destruction of XBox
Microsoft is Losing Europe
Hence all the "support" and "discount" offers that are limited to Europe
The Free Software Foundation Starts Fund-raising for 40th Anniversary
New pop-up 2-3 days ahead of the 40th anniversary event
Systemd Breaks Networking in Debian and Microsoft Staff Rushes to Make Face-Saving Excuses in LWN
Microsoft's bluca is already there in the comments, his Microsoft money pays for LWN to let him leave comments early
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 01, 2025
IRC logs for Wednesday, October 01, 2025
What the End of XBox Will Look Like: a Fiery Crash
XBox is the next Skype. It won't last much longer. Expect many more layoffs.
Richard Stallman is Going to Finland to Give a Talk Next Thursday
A day later he speaks in Sweden
Gemini Links 02/10/2025: SMTP Pipelining and End of ROOPHLOCH 2025
Links for the day
Slopwatch: Plagiarism, Fake Articles, and FUD About Linux
not a day goes by without Google News feeding FUD from slopfarms
Gemini Links 01/10/2025: Chat Control and End of Life
Links for the day
Links 01/10/2025: Long Covid Risk Reiterated, "Bitcoin Queen" Caught
Links for the day
Links 01/10/2025: EA $55 Billion Deal is Debt and Slop "Raises Vishing Risks"
Links for the day
Bluewashing at Red Hat Means Redundancies
The man who sold Red Hat to IBM meanwhile became a Microsoft Mono booster
After Killing OpenSource.com, IBM ('Red Hat') and OSI Told Us OpenSource.net Would Replace It (But That Didn't Happen)
Now it's time to move on, perhaps tarnishing the "Open Source" label some more (for whatever sponsor wants this)
Linux is Not a Community Project, It's a Wall Street Product
The core goal should be freedom
Bad Actors Abusing the Free Software Community, Vandalising It Using Rogue Politics and Old Tactics
Oil giants have long attempted to do this; now, the digital equivalent of Big Oil does this in technology
Social Control Media Isn't the Future, The Federation or Fediverse Isn't Growing, People's Accounts Vanish for Good
users' accounts will get deleted, not just become inactive
IBM is Failing, This Helps Show Wall Street is Entirely Detached From Actual Commercial Performance
IBM is unable to grow, it's just constantly shrinking
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, September 30, 2025
IRC logs for Tuesday, September 30, 2025
Clerical Aspects of Publishing and Development
In Free software, the management aspects are considerably reduced
Slopwatch: Fake Articles and Google News Promoting "Linux" Spam or Bot-Generated Fear, Uncertainty, Doubt (FUD)
These slopfarms help misplace blame
Third Wave of Microsoft Layoffs in September, This Time Many in Liverpool Affected
Be ready for more waves of layoffs ahead of the so-called "results" in late October