[onerng talk] amusing for USB RNGs :)

ianG iang at iang.org
Sat Aug 2 09:30:44 BST 2014 

On 2/08/2014 09:03 am, Paul Campbell wrote:
> On Sat, 02 Aug 2014 08:47:08 ianG wrote:
>> On that thread, over on the Crypto list it was suggested that we could
>> make a pass-thru USB adaptor that would prevent the rewriting capability.
>>
>> Is that possible? If so, could it be merged with the OneRNG design?
> 
> I think what they're talking about is a device that acts as more than one 
> device - looks like a flash drive acts like a flash drive but presents multiple 
> device interfaces to the system
> 
> For example if you plug a BeagleBone Black into a system it presents a flash 
> drive (with files on it, you can load kernels and stuff into it that way), it 
> also offers up a USB serial interface (for the console)  and a USB network 
> interface (so you can ssh into it) - all over the same USB wire - this is a 
> perfectly valid (and decidedly cool) thing to do
> 
> Modern arduinos offer up a serial console and a USB HID interface (which could 
> emulate a keyboard or mouse).
> 
> My extended programmer (not released) offers 3 serial interfaces (plain serial, 
> device programmer, zigbee RPC)
> 
> We could create a "pass thru" device, essentially a bridge that hides 
> everything but storage interfaces - OneRNG is probably not the guy to do it, 
> I'm more in favour of doing one thing well - a "USB firewall" device should be 
> something different


I'm also a fan of doing one thing well.

But, in all my thinking about RNGs over the last decade it has
strategically ended up in this point:  it is too small a direct market
to make it happen.  The number of people who will buy an RNG is too small.

Indeed if you wrap together the number of people who will buy a great
RNG with those who'll buy a crappy RNG ... it's still too small.

Yet, everyone *everyone needs a great RNG* and nobody will get one.
This is a case of a best-gets-you-nothing market.

So, I speculate that the way to make this happen in the large is to add
the RNG to another device.  Indeed, make RNG designs as open .. so
manufacturers can start to add them in ... flashy adverts "and you get
an RNG for free!!!  why wouldn't you buy???"

It's market-strategic thinking.

And, if you're going to do that ... who else will buy an RNG?  Close
correlation with those who will buy a USB firewall.  I'd reckon.



iang

More information about the Discuss mailing list