We covered yet another flaw in the entropy supply chain of a widely used cryptoasset wallet.
If you write software that requires secure entropy, you need to find out where it comes from!
Check the library, language, compiler, tools that compiled the compiler, the compiler bootstrap machine code, the implementation of the runtime kernel system calls used, the specific hardware sources used, etc, etc.
https://milksad.info/updates.html
Lance R. Vick /
npub1m9…uvnl4
2024-05-20 05:52:31
Author Public Key
npub1m9dnsslfjpzuq2tmvd8szeljrm4vl8lce7rg7keu9jzacy5kudws5uvnl4Published at
2024-05-20 05:52:31Event JSON
{
"id": "aae445c5ac203fe4556b7cc8a4b7500d58319a5fde14050211710333e31f656d",
"pubkey": "d95b3843e99045c0297b634f0167f21eeacf9ff8cf868f5b3c2c85dc1296e35d",
"created_at": 1716184351,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.social/users/lrvick/statuses/112471857672709685",
"activitypub"
]
],
"content": "We covered yet another flaw in the entropy supply chain of a widely used cryptoasset wallet.\n\nIf you write software that requires secure entropy, you need to find out where it comes from!\n\nCheck the library, language, compiler, tools that compiled the compiler, the compiler bootstrap machine code, the implementation of the runtime kernel system calls used, the specific hardware sources used, etc, etc.\n\nhttps://milksad.info/updates.html",
"sig": "2e004829add170887c973ea40daebcc4c2888cbfbefafa36d14b449ece78605482d73d1349a5395eee196cb6f2b65a3bbc43c82ef2df6dca9e7d758addb63274"
}