Hello, welcome to the Friday, September 1st, 2017 edition of the Santernut Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from New York City, New York.

Tom wrote a diary today about having security operations center workers working remotely.

This is an issue that does come up when there

is a major natural disaster like we had this week. A disaster like this can make it difficult

or impossible for workers to travel to the office and having a geographically more distributed

workforce makes it less likely that all of them

are affected by a single event. We had some good comments to the post, so if this is something

that you're considering, take a look and see how others are feeling about this, what the pros and cons are. Personally, I think

there should be at least an option to work remotely. However, in a SOC environment, there may be

advantages to having actually everybody in a room most of the time. And Germany's Federal Information Security Office has completed a review of the latest Linux

kernel's random number generator.

Random numbers, of course, are very important for security, in particular for encryption.

The review was satisfactory stating that the kernel actually uses more entropy than it states.

These reviews have been done for Linux since 2012.

Historically, the Linux kernel actually used Shah-1 to mix the entropy pool and to further

randomize the data it collects, but in recent kernel versions, starting with 4.8, this has

been replaced with the Cha-Cha-20 encryption algorithm, which is considered stronger. The report also lists the sources of entropy

like keystrokes, disc events and the like. The study also conducted some tests by collecting

random numbers and check how they actually turned out. Overall, more than 100 pages to this

report, so too much to cover in this podcast.

But something that if you don't read it cover to cover is definitely worthwhile to sort of skim over.

...