Bonum Certa Men Certa

FreeBSD Lost Trust in Hardware Makers, Alleging NSA Tampering

FreeBSD

Summary: FreeBSD believes that the NSA tampered with hardware-level random number generators

LINUX may have been made vulnerable by the NSA et al. [1, 2, 3, 4]. There are a lot of speculations and even active discussions about random number generation in Linux, especially as implemented in hardware (e.g. by Intel). Without sufficiently high entropy in random number generators, not only would Linux as a kernel be vulnerable; SSL and SSH too would suffer.



Some of these issues we have covered here before, noting that Red Hat works a little too closely with the NSA. Right now we are quite fascinated by the news [1,2] that FreeBSD won't use Intel's and Via's hardware random number generators. Why? NSA.

In other news about FreeBSD, version 10 is approaching [3,4] after 20 years of development and it should have better graphics support [5]. Marking yet more milestones, the operating system "Is Getting Into The Magazine Business" [6], it runs in the record-breaking [7] PS4 (in some sense [8]). and it should be released some time this month [9]. FreeBSD is not the only BSD game in town (DragonFlyBSD gets some attention [10,11]), but it it the leading among the BSDs, so its voice when it comes to privacy and security issues sure counts.

Related/contextual items from the news:



  1. FreeBSD won't use Intel & Via's hardware random number generators, believes NSA has compromised them


  2. “We cannot trust” Intel and Via’s chip-based crypto, FreeBSD developers say
    Developers of the FreeBSD operating system will no longer allow users to trust processors manufactured by Intel and Via Technologies as the sole source of random numbers needed to generate cryptographic keys that can't easily be cracked by government spies and other adversaries.

    The change, which will be effective in the upcoming FreeBSD version 10.0, comes three months after secret documents leaked by former National Security Agency (NSA) subcontractor Edward Snowden said the US spy agency was able to decode vast swaths of the Internet's encrypted traffic. Among other ways, The New York Times, Pro Publica, and The Guardian reported in September, the NSA and its British counterpart defeat encryption technologies by working with chipmakers to insert backdoors, or cryptographic weaknesses, in their products.


  3. FreeBSD 10.0 Beta 4 Has Surfaced
    The final beta build ahead of the long-awaited and delayed FreeBSD 10.0 has now been made available.


  4. It Doesn't Look Like FreeBSD 10 Will Ship This Year


  5. A Roadmap For FreeBSD Graphics Support
    The latest FreeBSD code (for 10.0) supports not only Intel KMS but also the open-source AMD Radeon driver ported from the Linux kernel. This Intel/Radeon KMS support has since trickled into DragonFlyBSD and other BSD platforms. However, not all is up to par when it comes to graphics support on FreeBSD. Here'a a road-map and test matrix with some other items still on the BSD developers' agenda.


  6. FreeBSD Is Getting Into The Magazine Business


  7. Record Breaking Launch For PS4
    Sony's PS4 has well and truly landed, becoming the fastest selling video game console in UK history. It overturns the 8 year record held by the original PSP and eclipses the launch week sales of both PS3 and Xbox One.


  8. It's Official, Playstation 4 Runs FreeBSD Kernel
    Sony has just launched its PlayStation 4 console, and it seems that the rumors about being based on FreeBSD are actually true.
  9. FreeBSD 10.0 Is Still Running Behind Schedule
    There were plans originally to ship FreeBSD 10.0 as stable in November, but that isn't going to happen. It's not even clear if FreeBSD 10.0-RELEASE will be ready to ship before the end of the calendar year, but at least progress is being made and when the release does happen there's a great number of new features.


  10. HAMMER2 File-System Gets Stabilization Improvements
    HAMMER2 file-system improvements have landed hot on the heels of the exciting DragonFlyBSD 3.6 release.


  11. DragonFlyBSD 3.6 Does Intel/AMD KMS, DPorts, Better SMP


Recent Techrights' Posts

Microsoft's Chatbot Strategy Resulted in Massive Losses, So Now It's Trying to Reinvent Itself as 'Hardware Company' (Once Again, Years After XBox, KIN, Windows Phone and Surface Failed Miserably)
revenues associated with Windows has fallen sharply
This Week's Letter to António Campinos About Mean-Spirited Line Managers at the European Patent Office (EPO)
Seems like a way to get rid of staff. Some will resign in anger.
 
Links 23/02/2024: 227 Microsoft Layoffs Noted in Santa Clara and Disaster in Rivian
Links for the day
IRC Proceedings: Thursday, February 22, 2024
IRC logs for Thursday, February 22, 2024
Over at Tux Machines...
GNU/Linux news for the past day
[Meme] It's NOT Your PC
losing control of hardware
Gemini Links 22/02/2024: Removing Radio Ads and Being Seen on the Internet
Links for the day
Mark Shuttleworth and the Question of Liability (Debian Volunteers He Pressured Before the Suicides)
Humanity for me
Mark Shuttleworth's (MS) Canonical Running Microsoft (MS) Ads, Mischaracterising Mass Surveillance as 'Confidential' (the Usual Lie)
The money talks, so the facts are absent
Ads as 'Articles'
Money buys perception manipulation (or reputation laundering) campaigns
Abraham Raji & Debian, DebConf kayak death: search abandoned, evading liability
Reprinted with permission from Daniel Pocock
Links 22/02/2024: Chatbots Failing 'Big Time' and More Condemnations Appear of Bill Gates
Links for the day
There May be Close to 100,000,000 Laptops and Desktops Running GNU/Linux Around the World in 2024
hard to track the number
Search Engine Market Share Worldwide Shows How Badly Microsoft's Chatbot Strategy (Hopes) and Vapourware Have Failed
Bing, which was marketed as the forefront "product" for chatbots (Microsoft paid the media a lot of money for hype campaigns), gained nothing at Google's expense
[Meme] Demoralising and Putting Down Your Staff
unproductive and dangerous approach
Software in the Public Interest (SPI) & Debian obfuscated structure fooled suicide victim's family: the ultimate example of bad faith
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, February 21, 2024
IRC logs for Wednesday, February 21, 2024
Gemini Links 22/02/2024: What We Pass On and HTTP Header Viewer
Links for the day
Manuel Estrada Sainz (ranty), Andres Garcia (ErConde) & Debian Deaths overworking
Reprinted with permission from Daniel Pocock
GNU/Linux Rising to 8% of Desktops/Laptops in Jordan?
what statCounter shows
[Meme] If Iraq Launches an Investigation Into How Microsoft Bought OpenAI Without Paying for It
fake "money" from Microsoft
Windows Has Fallen to 13% Market Share in Iraq (It was 100% Just 15 Years Ago), GNU/Linux Rose Sharply in Recent Years
In recent years Iraq was developing its own GNU/Linux distro
Springtime is Next, Here's What We Plan for March and April
This month and next month we expect to publish something unique about EPO abuses every day
Studying the Freedom of firefox-123.0.tar.bz2
The "F" in Firefox
Abraham Raji, Jens Schmalzing & debian-private cover-ups after deaths, accidents, suicides
Reprinted with permission from Daniel Pocock
Microsoft Bribes, Keeping Regulators at Bay
crime and corruption
[Meme] The Quotas Came From Above
EPO targets
EPO Talent Planning & Architecture is Another Attack on EPO Staff and the Central Staff Committee (CSC) Explains Why
ignore the flowery words
[Meme] Just Following Orders From "The Fu**ing President" António Campinos
Salary? OBEY!
Links 21/02/2024: China Working on West-less Tech Future, More Bounties on Patent Troll Leigh M. Rothschild (Which IBM et al Failed to Dismantle at the Root)
Links for the day
Links 21/02/2024: Encryption Backdoors Deemed Not Legal, Decentralised Web Under Attack
Links for the day
Games:Steam Audio as Free Software, Hazard Pay, ChipWits, and More
7 stories for today
Julian Assange, Wikileaks & Debian-private
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, February 20, 2024
IRC logs for Tuesday, February 20, 2024
Links 21/02/2024: Microsoft Sued for Monopolistic Policies, More Layoffs Planned for Next Month
Links for the day