The perils of `rm -rf`

I came across this question on Stack Exchange about how to recover from an accidental rm -rf /*.

The questioner says he runs a small web-hosting service, and accidentally deleted all the files on his servers, and all the files on his backup drives. He asks how to recover. (The answer: it’s difficult.)

This made me smile, because I, like everyone who programs for a living, have an rm -rf story too.

Continue reading “The perils of `rm -rf`”

Entropy at Black Hat 2015

At Black Hat USA 2015, I gave a briefing on entropy use and management in the Linux kernel, along with Bruce Potter, CTO of KEYW Corporation.

You need random numbers to do many things on modern computers. For instance, all the cryptography that secures your web transactions is powered by random numbers. This cryptography means that only Amazon can use your credit card details and that only you can tell your bank to transfer money out of your account. But random numbers are hard to come by on a computer. Computers are, by nature, pretty deterministic machines.

You can generate mostly random numbers by things like measuring temperature very accurately and looking only at the last decimal place, which fluctuates a lot. Or measuring the RF radiation passing by, and again, looking only at the last decimal place. Your computer generates mostly random numbers by looking at the time that various things happen – you press a key on the keyboard, a packet arrives on the network – and looking only at the last decimal place of the time that that even happen.

Continue reading “Entropy at Black Hat 2015”