| Matthew Rosewarne on 4 Mar 2007 04:36:08 -0000 |
|
Equipment needed: 1 _stereo_ FM radio with headphone port 1 audio cable, 3.5mm stereo headphone jack to 3.5mm stereo headphone jack 1 computer with microphone/line-in port I'm setting up a laptop with an encrypted 80GB disk. The laptop's user won't be around for about a week, so I have plenty of time. I an advised that encrypted partitions can be made safer if, before they are formatted, they are filled with random data so that the encrypted parts are difficult to locate for an attack. The problem is, where is this data supposed to come from? As far as I can see, the Linux kernel gets its entropy from input devices, hardware interrupts, and network activity. That may be fine for generating enough random data to make the odd GPG key, but hardly enough to fill 80GB, especially on a computer that doesn't have anyone at the keyboard or any network activity. To the rescue comes the Audio Entropy Daemon, which generates random data from the difference between the two channels of the stereo sound captured by the sound card. http://www.vanheusden.com/aed/ How to use it: 1. Plug one end of the audio cable into the radio's headphone port and the other end into the computer's microphone/line-in port *I chose WHYY National Public Radio for the station, which is probably more random than the pre-recorded music tracks on most stations 2. Adjust the mixer settings until you can hear the radio out of the computer's speakers 3. Turn the speakers off, unless you want to listen to this for quite a while *Don't just mute the sound card, that will render the daemon useless! 4. Download the tarball and run make on the contents (Read the README too) tar xvzf audio-entropyd-0.0.6.tgz cd audio-entropyd-0.0.6 make 5. Make sure the ALSA-OSS modules are loaded modprobe snd-pcm-oss modprobe snd-mixer-oss 6. To see the difference the daemon makes, look at the random data being generated without it. Note how little is written after the buffer empties cat /dev/random 7. Now start the daemon, specifying the appropriate audio device with "-d" ./audio-entropyd -d /dev/dsp0 8. To see how effective the daemon is, look again at the random data. cat /dev/random Now you can have as much random data as you like, and maybe even make The Prairie Home Companion worthwhile. I have to wonder why this functionality isn't built into the kernel, does anyone feel like a spot of hacking? Attachment:
pgpvxiBQzcYyM.pgp ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|