Oliver Neukum <[email protected]> writes: > To guard the entropy pool against malicious spoof we assume > the quality of an unverified source's entropy to be 0.
This removes most of the utility of the device, which is to provide entropy to a system early in the boot process. If you have physical security, then a USB device is just as reliable as any other piece of hardware. If you don't have physical security, then the entire system is suspect. -- -keith
signature.asc
Description: PGP signature
