#!/bin/sh
rm /dev/random
mknod /dev/random c 1 5
You can't trust the
random number generator on any system you don't control. The above script deletes /dev/random and then recreates it - but instead of using the
device numbers for a character device that outputs random data from the
entropy pool (1,8) it uses the numbers for a device that spits out nothing but
zero (1,5). So when you think you are generating a
4096 bit
secure key using genuine
random data, you are just getting four thousand zeros. And even if your software checks for something like this, there are more sophisticated ways to generate
random looking data that isn't.
While this doesn't matter at all to the most users, it's a potentially major problem for anyone that relies on
encryption for security. The
moral of the story - secure communications requires a lot more than using a very large key.