Bonum Certa Men Certa

FreeBSD Lost Trust in Hardware Makers, Alleging NSA Tampering

FreeBSD

Summary: FreeBSD believes that the NSA tampered with hardware-level random number generators

LINUX may have been made vulnerable by the NSA et al. [1, 2, 3, 4]. There are a lot of speculations and even active discussions about random number generation in Linux, especially as implemented in hardware (e.g. by Intel). Without sufficiently high entropy in random number generators, not only would Linux as a kernel be vulnerable; SSL and SSH too would suffer.



Some of these issues we have covered here before, noting that Red Hat works a little too closely with the NSA. Right now we are quite fascinated by the news [1,2] that FreeBSD won't use Intel's and Via's hardware random number generators. Why? NSA.

In other news about FreeBSD, version 10 is approaching [3,4] after 20 years of development and it should have better graphics support [5]. Marking yet more milestones, the operating system "Is Getting Into The Magazine Business" [6], it runs in the record-breaking [7] PS4 (in some sense [8]). and it should be released some time this month [9]. FreeBSD is not the only BSD game in town (DragonFlyBSD gets some attention [10,11]), but it it the leading among the BSDs, so its voice when it comes to privacy and security issues sure counts.

Related/contextual items from the news:



  1. FreeBSD won't use Intel & Via's hardware random number generators, believes NSA has compromised them


  2. “We cannot trust” Intel and Via’s chip-based crypto, FreeBSD developers say
    Developers of the FreeBSD operating system will no longer allow users to trust processors manufactured by Intel and Via Technologies as the sole source of random numbers needed to generate cryptographic keys that can't easily be cracked by government spies and other adversaries.

    The change, which will be effective in the upcoming FreeBSD version 10.0, comes three months after secret documents leaked by former National Security Agency (NSA) subcontractor Edward Snowden said the US spy agency was able to decode vast swaths of the Internet's encrypted traffic. Among other ways, The New York Times, Pro Publica, and The Guardian reported in September, the NSA and its British counterpart defeat encryption technologies by working with chipmakers to insert backdoors, or cryptographic weaknesses, in their products.


  3. FreeBSD 10.0 Beta 4 Has Surfaced
    The final beta build ahead of the long-awaited and delayed FreeBSD 10.0 has now been made available.


  4. It Doesn't Look Like FreeBSD 10 Will Ship This Year


  5. A Roadmap For FreeBSD Graphics Support
    The latest FreeBSD code (for 10.0) supports not only Intel KMS but also the open-source AMD Radeon driver ported from the Linux kernel. This Intel/Radeon KMS support has since trickled into DragonFlyBSD and other BSD platforms. However, not all is up to par when it comes to graphics support on FreeBSD. Here'a a road-map and test matrix with some other items still on the BSD developers' agenda.


  6. FreeBSD Is Getting Into The Magazine Business


  7. Record Breaking Launch For PS4
    Sony's PS4 has well and truly landed, becoming the fastest selling video game console in UK history. It overturns the 8 year record held by the original PSP and eclipses the launch week sales of both PS3 and Xbox One.


  8. It's Official, Playstation 4 Runs FreeBSD Kernel
    Sony has just launched its PlayStation 4 console, and it seems that the rumors about being based on FreeBSD are actually true.
  9. FreeBSD 10.0 Is Still Running Behind Schedule
    There were plans originally to ship FreeBSD 10.0 as stable in November, but that isn't going to happen. It's not even clear if FreeBSD 10.0-RELEASE will be ready to ship before the end of the calendar year, but at least progress is being made and when the release does happen there's a great number of new features.


  10. HAMMER2 File-System Gets Stabilization Improvements
    HAMMER2 file-system improvements have landed hot on the heels of the exciting DragonFlyBSD 3.6 release.


  11. DragonFlyBSD 3.6 Does Intel/AMD KMS, DPorts, Better SMP


Recent Techrights' Posts

[Video] IBM Shakes Hands of Prince Mohammed bin Salman
handshake of loyalty
The SLAPPs From Microsofters Distract From Serious Copyright Infringement by Microsoft and Apparent Business Crimes
Aside from other issues, such as strangling women
 
Trolls With LLM Slop Are Disrupting Communications About Mass Layoffs at IBM
LLM slop to drown out the signal
Gemini Links 17/05/2025: Happier on Gemini and Manipulating Reddit
Links for the day
ComEd and Microsoft: A Mess of Spaghetti Held Together By Circus Clowns
Reprinted with permission from Ryan Farmer
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 16, 2025
IRC logs for Friday, May 16, 2025
Links 16/05/2025: Microsoft Sacks Pregnant Women, People Fired on Their Birthday; Adobe Censorship Failing
Links for the day
Gemini Links 16/05/2025: "Repairing Our Way out of Commodity Fetishism" and Pre-librebooted Computers
Links for the day
The Microsofters Have Just Shared Privileged Trial Data With Microsoft
There are serious ramifications for liability accountability as Microsoft salaries sponsor these SLAPPs
Enshittification is Everywhere: You Pay More, the Services Get Worse
"Enshittification" is a term coined by an online friend; I increasingly use this term to describe what's happening even outside the realm of technology (which it was adopted to describe)
Microsoft Reduces Office Space Ahead of More Waves of Mass Layoffs
"The Gerstnerisation of Microsoft"
Anti-Linux FUD Produced by Microsoft LLMs to Blame "Linux" for Microsoft's Own Failures
We call out some of the worst culprits
Gemini Links 16/05/2025: Hoking GPS, Grabovac, and Tanana
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, May 15, 2025
IRC logs for Thursday, May 15, 2025
Microsoft WARN Notices Proliferate in the United States
From what we've seen, this wave was more than 3% (a lot more) and the next wave/s will be even bigger (possible as imminent as weeks from now), based on insider leaks
Links 15/05/2025: Google Betrays Publishers Again, Openwashing by Sysdig
Links for the day
Richard Stallman Still Respected by Many in the Libre Graphics Community
Richard Stallman and Professor Moglen never harmed anyone
If You Read Techrights, Then You Probably Want to Read Tux Machines as Well
That site is more active than this one
Gemini Links 15/05/2025: Forced Music in Publicly Accessible Space and ~silv is Online
Links for the day
Links 15/05/2025: KOSA Censorship (USA Becomes More Like KSA) and More National Cuts
Links for the day
Bing Might Shut Down - Just Like Skype Did - Some Time in the Coming Months/Years (Parts of It Already Shut Down)
they try to bring the losses under control
Your Real Ally Would Not Defend the Company of SLAPP and Strangling of Women
who's left to tell us what's true?
Breakdown of Microsoft Layoffs Shows It's About Cost, Not Performance or Hype (Like "AI")
MSN (Microsoft) reposted this with some unnecessary spin
The Lawyers Working for the Serial Strangler From Microsoft on SLAPPing Techrights Have Apparently Lost Their Voice
the moment we mentioned that their media lawyer is leaving they went all quiet in social control media
At IBM, Relocation Can be a Trick or a Trap (IBM Gets Rid of Staff Under the Guise of "Relo")
IBM is not being honest with employees
Microsoft Rumours: This Week's Scale of Layoffs "Higher Than Reported" and More Coming Soon ("A Lot More Severe" Than May's)
The "3%" figure is false
Slopwatch: Sloppy Brian, Brittany Slop, and General Observations
Creative people don't need slop; there's just nothing good about it, slop appeals to lazy people careless about quality
Over at Tux Machines...
GNU/Linux news for the past day
Beyond Mass Layoffs at Microsoft: Entire Units Shut Down for Good
And it's far from over
Links 15/05/2025: Crikvenica, Analog Computer, and Slop 'Hallucinations'
Links for the day
IRC Proceedings: Wednesday, May 14, 2025
IRC logs for Wednesday, May 14, 2025