What could be the problem with this seemingly fool-proof scheme for supplying unpredictable random numbers to demanding applications? Nothing, at least not where you would expect it. The numbers generated are indeed difficult to predict.

There is, however, one slight but disastrous mistake in the reasoning of the designer of this technology. Mr. Ts’o’s design assumes that the attacker is interested in predicting random numbers based on knowledge of the machine and its environment. But what if the attacker wants to do quite the opposite?

The attacker with an account on the machine, even though they have no direct access to the information the user is typing, can deduce the exact moment input activity ...