[Cryptography] Photon beam splitters for "true" random number generation ?

[Jerry Leichter]

> Yes, it is a SSD, and thank you for the grim reminder of how everything
> leaks like a sieve these days.  It's yet another reason why it was a
> good idea to encrypt the entire disk with dm-crypt.
And the key you used with dm-crypt was generated randomly ... how?  :-(

It's turtles all the way down.

> Maybe to do a full cleanse I could run this until it exhausts the file
> space:
> 
> $ cat /dev/zero >giant
> 
> It has to put the zeros *somewhere*, after all.
SSD's are configured with plenty of spare blocks to be swapped in for those that appear to be getting "weak".  If the one where you wrote your secret information looks as if it's failing, it will be moved assigned and you can write zeros all you like, it'll be there forever.

Mind you, you'd have to be unlucky, and effort required to pull it out would probably be beyond the abilities of anyone but the NSA and a few other similarly well-funded organizations.  If you're trying to protect your random bits from them ... you've got real problems.
                                                        -- Jerry