To illustrate this idea, we can imagine various casino attacks, e.g. by the casino owner who programs a dice throwing robot based on the bets placed to minimise payouts on these, or even by a gambler with an invisible cam who is able to capture and predict the future states of moving dice early enough still to be able to place a bet, but with a better chance of winning.
So what's important here for security purposes probably isn't whether the system being used is inherently random but whether the range of states capable of being generated is sufficiently large and probabilities of such states well enough distributed, and the state transition mechanism between system states is effectively invisible and unknowable to any likely attacker.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds