Pollinate is Stupid (Ubuntu 14.04)
- Let's talk about Pollinate, and most importantly, why it's a terrible idea.
- Pollinate (the Cloud PRNG Seed) feature in Ubuntu 14.04 was designed by someone who does not understand security: It pulls data from https://entropy.ubuntu.com/ and feeds it into /dev/urandom.
- The premise for Pollinate is that some devices-- VMs especially-- have a hard time generating entropy on their first boot. The problem they are trying to solve is the existence of weak/colliding private keys. This is not an easy problem, nor one with a trivial solution. While I commend the Ubuntu developers for making an effort, their solution is plum-fuck retarded.
- In what threat model is it okay to take data that an attacker can learn (or even falsify) and feed it into your random number generator?
- "But Scott," you might retort, "Pollinate uses HTTPS, so they would have to break SSL to hack Pollinate." That sounds reasonable, until you apply a little bit of logic to the situation.
- If you have enough entropy to facilitate a properly secure HTTPS communication, you have enough entropy to generate a cryptographically secure pseudorandom number. If you don't, then the HTTPS protection means very little and you might as well be transmitting in the clear.
- There's a part of me that deeply suspects that, as a result of the NSA leaks by Edward Snowden, an exodus from insecure proprietary operating systems like Windows and Mac OSX to user-friendly flavors of Linux (namely: Ubuntu) prompted nation state actors to social engineer the Ubuntu devs into this decision. However, Hanlon's Razor applies here: Never attribute to malice that can be explained by stupidity.
- Pollinate is stupid. It cannot solve the problem it's trying to solve, the way it's implemented.
- I don't have a better solution... other than: If you're deploying a service where security matters, do one of the following:
- - Put it on a bare-metal dedicated server
- - Expose it to a hardware RNG
- Fuck Pollinate.
RAW Paste Data Copied