[Cryptography] TRNGs as open source design semiconductors

[Ray Dillinger]

People who deeply care, are already pointing a camera at a fish tank
with a bubbling air filter and registering a stream of hashes of the
resulting video stream as an additional source of entropy with their
opensource software RNG.  Or something. 

You're not going to convince those people that any chip they can't
literally decap and trace can be trusted by itself, whether or not they
see claims or promises or assurances indicating that someone else 
believes that it conforms to an opensource standard design.  Any or all
of those people could be lying, or may have been decieved by some
combination of the others.

That said, they'll happily consider adding its output to the mix, on 
the grounds that that source would be expected to be unpredictable to 
most other attackers, and at least one of the other sources they're
using is expected to be unpredictable to you.  The combination results
in an RNG which they hope is unpredictable to everybody.

In other words?  No new product is going to revolutionize the market,
because the market is about trust, not products.  They are evaluating
whether they can trust you (and you need to overcome a default negative
assumption), before they even consider the possibility that they might
be able to trust your product by itself.

Bear