I don't remember their initial post about the lava lamps, but I had assumed that was a marketing gimmick more than anything... a neat visual way to convey what entropy is in a way normal humans can comprehend.

It's certainly not a scalable solution for entropy, and there are so many ways for it to fail as a sole source, as well.

With a one-time pad being, as I understand it, the only really good encryption, I am surprised there is not a market for pairs of matched hard drives—the pair having the same "one time pad" stored on them (how you generate those numbers is left as an exercise for the company marketing them).

A simple app could be used by parties on both ends of the message—an app that relies on an associated drive to act as the pad.

If you become aware that one of the two matched drives has been compromised (stolen perhaps by an outside party), you destroy its partner.

(Perhaps too you can design the drive in such a way as to make it non-trivial to copy—you more or less need possession of the drive itself. That makes it unlikely for there to be a 3rd drive the two parties are unaware of.)

> And if it is broken… then you’re screwed, sorry. See, both your encryption and your CSPRNG relies on a cipher. If either is broken, then so is your whole system.

Not necessarily. The CSPRNG state could in theory be leaked via sidechannels. Your cipher key could be leaked via sidechannels too, but symmetric encryption keys tend to be shorter lived.