[Chugalug] LittleBlackBox -- Default SSL Keys for Embedded devices

Dan Lyke danlyke at flutterby.com
Wed Oct 17 17:38:31 UTC 2012


On Wed, Oct 17, 2012 at 9:58 AM, Dave Brockman <dave at brockmans.com> wrote:
> Did it have network access,  Setting up a network entropy daemon is on my todo.....

Not necessarily, this was mostly for DRM and uniquifying machines.
Network access could make it a bit easier (for one thing: grab time
when the device is first turned on, then hit something like an entropy
server, build your key from that), susceptible to MitM attacks when
it's first turned on, but should be okay for most consumer devices.

Dan


More information about the Chugalug mailing list