/dev/random as a Service: Do you think every random-number-generator is broken? Well, we do! Simply trust us and use our numbers as your only seeding source!
I could see a service that just accepts any HTTP you send to it as being kinda useful for early testing of client-side software. Personally I'd just use netcat, but maybe a service would be easier for some people.
It's almost useful if you need random numbers that aren't secret, but it's useless for crypto, which is probably the major use of good-quality random numbers.
"RANDOM.ORG offers true random numbers to anyone on the Internet. The randomness comes from atmospheric noise, which for many purposes is better than the pseudo-random number algorithms typically used in computer programs. People use RANDOM.ORG for holding drawings, lotteries and sweepstakes, to drive games and gambling sites, for scientific applications and for art and music. The service has existed since 1998 and was built by Dr Mads Haahr of the School of Computer Science and Statistics at Trinity College, Dublin in Ireland. Today, RANDOM.ORG is operated by Randomness and Integrity Services Ltd."
Wow I can't believe that video has gone viral — I remember showing it around to a few friends 2 years ago or so when it only had a few thousand views. Ironically, MongoDB has since become my go-to DB of choice...
I hope not, I've been depending on this service for a while. I have it integrated via FUSE on my prod servers.
We did have some problems of blocking on large files, which is less than ideal for a /dev/null service.
After dealing with their customer support (which has been super helpful), we are looking to move to a named pipe / FIFO.. Which will non-block and cache lolcally, with a watcher service to push it to their site.
At least these guys are honest:
We know that everyone cares about thier privacy these days. We promise we won't let anyone have a look at your data[1].
[1] Anyone excluding the following companies and departments. Just the good guys, you know?: NSA, Nestle, Communist Party of China (CPC), The Coca-Cola Company, the KGB, some of your coworkers and our friends (especially if there is something funny).
A reverse lookup shows that the server is also hosting https://coffeestats.org/ - clearly there's someone here trying to collect vast amounts of data about the general public. I don't think the parents fears are unwarranted, the fact that it's hosted in a German IP block could be to throw people off the trail.
Seems like a genuine joke to me. This is the guy behind it:
http://noqqe.de
"About
Florian Baumann (24). Arbeite bei der GfK SE und interessiere mich für allerhand Dinge unter anderem Debian, BSD, OpenSource, R, Statistik, Scripting, Hacks, Administration.
Was das alles so mit sich bringt schreibe ich manchmal hier auf. Manchmal nicht. Außerdem sammle ich hier ohne Sinn und Schema Zeug das ich nie wieder brauche."
Discard is fundamentally flawed. Because the service does not provide a response the client cannot reliably determine whether the data was successfully discarded.
Without a response there's the possibility that your data could be lost on its way to being thrown away, and you'd never know.
Do you suppose after they successfully implement /dev/random as a service, they might implement /dev/zero or /dev/full next? Or /dev/console might be especially useful.
Privacy
We know that everyone cares about thier privacy these days. We promise we won't let
anyone have a look at your data[1].
[1] Anyone excluding the following companies and departments. Just the good guys,
you know?: NSA, Nestle, Communist Party of China (CPC),
The Coca-Cola Company, the KGB, some of your coworkers and our friends
(especially if there is something funny).
One reason I am not a devfs fan is because I'm a mknod(1) user. For example, FreeBSD has one of those famous "_________ is deprecated" bold warnings regarding mknod.
It is not deprecated in my usage. I use it all the time.
I do not rely on /dev/null.
I make my own null character devices as I need them.
In my case, the reason is because it's shorter to type.
I would expect most longtime UNIX users have experienced what happens when, for one reason or another, /dev/null is not a null character device and you have scripts or programs writing to it as if it was. By the time you realize that this has happened, it's too late -- data has already been saved to this file.
There may be various workarounds for this. I'm not a professional sysadmin.
But in my case, for my own personal usage systems, by using my own null character device in my own tmpfs mounted folders, I can just test for the success/failure of the mknod command before I start redirecting anything to it.
Great. You just gave luser at least read access to a whole lot of your hardware, including your whole hard disks, swap space, and some device nodes which potentially crash the system upon random reading.
My system has only one user: me. I am the only one using it.
Multiuser UNIX is a relic from a long past era of shared computing. The "root" concept creates more security issues than it solves. That's why Plan 9 did away with it.
One often needs mknod to build chroot jails because the program or programs that one intends to run in the chrooted in the jail directory require access to certain device files.
95 comments
[ 2.4 ms ] story [ 158 ms ] thread/dev/random as a Service: Do you think every random-number-generator is broken? Well, we do! Simply trust us and use our numbers as your only seeding source!
"RANDOM.ORG offers true random numbers to anyone on the Internet. The randomness comes from atmospheric noise, which for many purposes is better than the pseudo-random number algorithms typically used in computer programs. People use RANDOM.ORG for holding drawings, lotteries and sweepstakes, to drive games and gambling sites, for scientific applications and for art and music. The service has existed since 1998 and was built by Dr Mads Haahr of the School of Computer Science and Statistics at Trinity College, Dublin in Ireland. Today, RANDOM.ORG is operated by Randomness and Integrity Services Ltd."
https://www.youtube.com/watch?v=b2F-DItXtZs
We did have some problems of blocking on large files, which is less than ideal for a /dev/null service.
After dealing with their customer support (which has been super helpful), we are looking to move to a named pipe / FIFO.. Which will non-block and cache lolcally, with a watcher service to push it to their site.
Happy Customer, A+++, would recommend.
Besides, for POST it is obviously 202 ACCEPTED
[0] - http://en.wikipedia.org/wiki//dev/null
202 assumes a possibility of further processing, but /dev/null can offer none.
.../error.html?aspxerrorpath=/payments/submit/s4/is/a/joke/stop/sending/us/money/readthefineprint.aspx
"The resource you are trying to access cannot be read, due to the following reason: No read operation available. Please try the following:
Make sure you really want to access this file. I mean, is it really that important in the big scheme of things?"
[1] Anyone excluding the following companies and departments. Just the good guys, you know?: NSA, Nestle, Communist Party of China (CPC), The Coca-Cola Company, the KGB, some of your coworkers and our friends (especially if there is something funny).
dig devnull-as-a-service.com
; ANSWER SECTION: devnull-as-a-service.com. 1481 IN A 213.95.21.200
http://whois.domaintools.com/213.95.21.200
Whois Server: whois.psi-usa.info ASN: Germany AS12337 NORIS-NETWORK noris network AG (registered Mar 22, 1999) IP Location: Germany - Bayern - Nuremberg - Noris Network Ag Domain Status: Registered And Active Website
"About Florian Baumann (24). Arbeite bei der GfK SE und interessiere mich für allerhand Dinge unter anderem Debian, BSD, OpenSource, R, Statistik, Scripting, Hacks, Administration.
Was das alles so mit sich bringt schreibe ich manchmal hier auf. Manchmal nicht. Außerdem sammle ich hier ohne Sinn und Schema Zeug das ich nie wieder brauche."
They wrote it.
Without a response there's the possibility that your data could be lost on its way to being thrown away, and you'd never know.
Do you suppose after they successfully implement /dev/random as a service, they might implement /dev/zero or /dev/full next? Or /dev/console might be especially useful.
https://github.com/noqqe/devnull-as-a-service/commit/a305550...
So your data might not really be going to /dev/null - it might be going to a disk. Most likely not want you want at all.
I'll get a CVE allocated for this bug right away.
It is not deprecated in my usage. I use it all the time.
I do not rely on /dev/null.
I make my own null character devices as I need them.
> I make my own null character devices as I need them.
Why? Is there ever a reason to have more than one file on your system which acts as a /dev/null?
In my case, the reason is because it's shorter to type.
I would expect most longtime UNIX users have experienced what happens when, for one reason or another, /dev/null is not a null character device and you have scripts or programs writing to it as if it was. By the time you realize that this has happened, it's too late -- data has already been saved to this file.
There may be various workarounds for this. I'm not a professional sysadmin.
But in my case, for my own personal usage systems, by using my own null character device in my own tmpfs mounted folders, I can just test for the success/failure of the mknod command before I start redirecting anything to it.
I don't need a /dev/null. But I do need mknod.
Multiuser UNIX is a relic from a long past era of shared computing. The "root" concept creates more security issues than it solves. That's why Plan 9 did away with it.
Yes. It's called a chroot jail.
One often needs mknod to build chroot jails because the program or programs that one intends to run in the chrooted in the jail directory require access to certain device files.