Search Images Maps Play YouTube News Gmail Drive More » Send Feedback | Web History | Help | Sign in Home Home Profile People Photos Communities Events Hangouts Pages Local Settings Feedback Help · Region Privacy · Terms · Maps Terms Start a hangout Theodore Ts'o Theodore Ts'o Shared publicly - 2013-09-05 I am so glad I resisted pressure from Intel engineers to let /dev/random rely only on the RDRAND instruction.   To quote from the article below: "By this year, the Sigint Enabling Project had found ways inside some of the encryption chips that scramble information for businesses and governments, either by working with chipmakers to insert back doors...." Relying solely on the hardware random number generator which is using an implementation sealed inside a chip which is impossible to audit is a BAD idea. N.S.A. Foils Much Internet Encryption nytimes.com 647 291 250 comments ...