Remove ekeyd
In a WhisperBack bug report, someone suggested to remove ekeyd from Tails
Tails automatically starts up ekeyd, the Entropy Key Daemon, which looks for any attached Entropy Key device and uses it as a source of randomness for the kernel. This is all well and good, except for one fact: no one uses Entropy Key. Not only is it rare, but it’s been out of stock for a very long time, and unlikely to come back soon. There are far more popular external TRNGs out there, many of which have their own daemons. That makes you think, why should Tails have an extra daemon running as root, who’s purpose is to mess with the kernel entropy pool, if it’s so seldom ever used? All it takes is an attacker to find a bug that allows them to fill the entropy pool with bogus data, which isn’t unlikely when ekeyd has /dev/random open for writing constantly and constantly keeps looking for an Entropy Key.
Please remove ekeyd. It’s unneccessary and its presence just increases the attack surface area of Tails.
Related issues
- Related to #5650 (closed)
- Related to #11703 (closed)
Original created by @sajolida on 7687 (Redmine)