I think you're wrong about what "substantial" means here. It doesn't need to be enough entropy to use as the system's only source. It needs to be enough to pervert the data from all the other sources in a way that masks their (potential) weeknesses. That requires surprisingly little data, if it is truly unavailable to attackers.
To that end, the bigger worry here is that it's just the sort of data you might want to stick in SNMP for your monitoring infrastructure to check on.
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds