Did you include all the details included in res_random.c such as the
code which causes the entire system is reset with whole new seeds
after a fixed period of time (300 seconds is it)? You can predict a
sequence and feed it the next few numbers before the generator reseeds
itself?
Hmm. I'll let Niels comment further ;-)
> And the seeding is terrible -- two years ago Netscape used
> timeofday and pid to seed their PRNG, too, and look what happened to them.
Hey, I make no apologies for operating systems that ship without a
source of strong(ish) random numbers in their libc!
If res_random.c is compiled on a machine that #defines __OpenBSD__ the
source patch does not supply a fake arc4random() routine; instead the
OpenBSD version of the routine is used which uses an RC4 generator
seeded from a source of stronger random data supplied by the kernel.
(OpenBSD also uses this random in a number of other ... interesting
places ;-)
I supplied the arc4random() routine and well, it sucks; I was writing
it as quick as I could. I think it's clear that anyone who wanted to
use the code should replace that part with something a bit better.
I'd invite anyone else who comes up with something better to make it
available. Remember it goes into libc of every program that calls
gethostby*....
I don't think there is a "solution" to the problem. We're talking
bandaids. I've never felt the raw power of a T3, but I suppose they'd
be able to bombard fast enough to still get in via brute force. I
hope what we worked on makes it hard, perhaps someone else can make it
better.