[Whonix-devel] randomsound questions

Daniel Silverstone dsilvers at digital-scurf.org
Sun Nov 24 09:27:48 CET 2019 

On Sat, Nov 23, 2019 at 20:29:48 +0000, procmem at riseup.net wrote:
> Hi Dan. I'm a privacy distro dev and we are thinking of including
> randomsound as an entropy source by default.

I'd recommend against that, reasoning below..

> Questions:
> 
> * Does it gather entropy at all times when a soundcard is connected or
> only when there is sound playing?

It was designed to gather sound at all times it was running.

> * I assume form the package description it relies on sound output and
> not microphone input unlike van Heusden's audio-entropyd

It was meant to use an input line, microphone or line-in.

> * How well can it function in a virtual environment?

Probably not usefully at all.

---

Randomsound was written a long time ago when computer hardware was simpler and
less careful in terms of sound design.  It was common for sound cards to be
fairly (a) electrically noisy and (b) configurable.  As such, I had a server
which had need of entropy and a sound device which had no microphone or line-in
device attached, and a sound card which could decouple its level monitoring
from any controls (leave it floating) -- this combination gave me a source of
electrical and thermal noise I could harvest.

These days sound cards have mandatory filtering and are sufficiently complex
that I would not like to make any assertions about an ability to set one up in
the manner I recommended for use with randomsound.  Virtual devices are even
more controlled and thus even less likely to provide access to the kinds of
entropy randomsound attempted to harvest.

These days I'd recommend ensuring that host systems harvest entropy from as
many sources as possible, optionally sharing them around among themselves (I
believe there's software for this kind of thing) and then qemu has a virtio-rng
device which allows transfer of entropy from host to guest (at a controlled
rate).

There are also devices one can purchase which can increase the available
entropy pool if your hosts are regularly running dry.  For example the chaoskey
by Keith Packard and Bdale Garbee.

Good luck with your quest for entropy, and thank you all for taking privacy so
seriously.

D.

-- 
Daniel Silverstone                         http://www.digital-scurf.org/
PGP mail accepted and encouraged.            Key Id: 3CCE BABE 206C 3B69

More information about the Whonix-devel mailing list