Techly NewsGet the app

Get the latest tech news

Firecracker Entropy for VM Clones


Secure and fast microVMs for serverless computing. - firecracker-microvm/firecracker

We start with an overview of the Linux random number generation (RNG) facilities, then go through the potential issues we’ve identified related to cloning state, and finally conclude with a series of recommendations. The/dev/urandom output is considered secure for virtually all purposes, with the caveat that using it before the system gathers sufficient entropy for initialization may indeed produce low quality random numbers. The discussion regarding DRNG state on page 35 mentions the key part, the counter, and the nonce are XORed with the output of the CPU random number generator if one is present.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Firecracker Entropy

Firecracker Entropy

Photo of VM Clones

VM Clones

« Dev Tools Honeytrap: Why We Can't Stop Building Tools Nobody Buys
Ex-OpenAI Staffers File Amicus Brief Opposing the Company's For-Profit Transition »