[Whonix-devel] randomsound questions
procmem at riseup.net
procmem at riseup.net
Sun Nov 24 15:21:21 CET 2019
Thanks for the detailed reply.
On 11/24/19 8:27 AM, Daniel Silverstone wrote:
> On Sat, Nov 23, 2019 at 20:29:48 +0000, procmem at riseup.net wrote:
>> Hi Dan. I'm a privacy distro dev and we are thinking of including
>> randomsound as an entropy source by default.
> I'd recommend against that, reasoning below..
>
>> Questions:
>>
>> * Does it gather entropy at all times when a soundcard is connected or
>> only when there is sound playing?
> It was designed to gather sound at all times it was running.
>
>> * I assume form the package description it relies on sound output and
>> not microphone input unlike van Heusden's audio-entropyd
> It was meant to use an input line, microphone or line-in.
>
>> * How well can it function in a virtual environment?
> Probably not usefully at all.
>
> ---
>
> Randomsound was written a long time ago when computer hardware was simpler and
> less careful in terms of sound design. It was common for sound cards to be
> fairly (a) electrically noisy and (b) configurable. As such, I had a server
> which had need of entropy and a sound device which had no microphone or line-in
> device attached, and a sound card which could decouple its level monitoring
> from any controls (leave it floating) -- this combination gave me a source of
> electrical and thermal noise I could harvest.
>
> These days sound cards have mandatory filtering and are sufficiently complex
> that I would not like to make any assertions about an ability to set one up in
> the manner I recommended for use with randomsound. Virtual devices are even
> more controlled and thus even less likely to provide access to the kinds of
> entropy randomsound attempted to harvest.
>
> These days I'd recommend ensuring that host systems harvest entropy from as
> many sources as possible, optionally sharing them around among themselves (I
> believe there's software for this kind of thing) and then qemu has a virtio-rng
> device which allows transfer of entropy from host to guest (at a controlled
> rate).
>
> There are also devices one can purchase which can increase the available
> entropy pool if your hosts are regularly running dry. For example the chaoskey
> by Keith Packard and Bdale Garbee.
>
> Good luck with your quest for entropy, and thank you all for taking privacy so
> seriously.
>
> D.
>
More information about the Whonix-devel
mailing list