Anyone ever used something like this? Is it possible to validate it?

Literally just amplify a transistor or diode or something. WTH.

I dont remember where but I recall that Cloudfare dont use computers to generate random numbers because its literally impossible. It is always mathematics so its predictable , hard yes but predictable. Instead Cloudfare uses lava lamps movements and calculate that , as it is very random. I will look for the article so don't take my word for it.

I think CloudFlare uses lava lamps because it's a cool story, but there are ways you can get truly random bits from other things, like this. Generally, you want to have some sort of physical process going on that provides random entropy, because CPUs by themselves can only produce pseudorandom numbers. For example, random.org uses atmospheric noise, which is random and unpredictable when you look at very tiny variances. You can also use, e.g. a super sensitive Geiger counter to measure random bits of radiation, or if you shoot photons at a semi-reflective surface, sometimes they go through and sometimes they reflect. For the type shown here, though, the most common kind of noise they use is from quantum effects relating to transistors, as far as I know. This is an actual source of randomness, so if it's done right it can be just as good as lava lamps or Geiger counters or whatever.
- It's probably similar to a noise generator in a synthesizer, you can push a transistor until it starts to breakup and get white noise from a relatively simple circuit
The noise coming from an open microphone has enough entropy for what we'd usually assume to be random.

It is possible to hit a bottleneck getting random numbers, but there's /dev/urandom which shouldn't block it'll just keep outputting without enough entropy to guarantee pseudorandomness.

Usually you'll know if you're hitting one of those bottlenecks, probably it'll only come up in production or hopefully in load testing.
I heard that story too but it was about BackBlaze.

Computers can get perfect randomness, but it has to come from an analog source. That's what this thing does.
- Permanently Deleted
cloudflare uses a wall of lavalamps because it's a fun project that looks cool and gets free advertising.

There are so many sources of noise, lavalamps are probably one of the most expensive in set up and running costs.

It's a pretty cool wall though, hence the free advertising.

I think a very recent ~~Nobel prize in mathematics~~ Turing award was awarded to someone who proved its impossible to differentiate between (edit: well-programmed) PRNG and TRNG. Mathematically at least.

There is no Nobel Prize in Mathematics. Might be an Abel or Fields medal recipient, though.
- It was actually a turing award for the proof that BPP = P (and probably other stuff around the question of randomness).

Yeah, not USB but in principle it's the same whether it's PCI or whatever. There's no way to prove an RNG is truly random really just have to rely on validating subsets of its output look random. NIST has published recommendations for sampling RNGs.

Here's the title:

A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications

I don't think there's a real need unless it's regulated to need some dedicated HW RNG.

Very precise answer, thank you.

How about a simple test to make sure it didn't break and start spitting out all zeroes. Read a few lines from /dev/random ?
- I might be wrong about this but my understanding is that on Linux you'd pipe the output of this in somewhere and tell the kernel to use it for entropy, and if it gets insufficient entropy it realizes this and starts producing random bits slower. So like normally the Linux kernel samples mouse movements for randomness, and so it makes more random bits the more you jiggle your mouse. These hardware RNGs are best used for headless servers that don't have as reliable entropy at their disposal.
- Yeah as long as the setup for the device symlinked its device path to /dev/random or you did that yourself. Stuff I used had a Java SDK
- I might be wrong about this but my understanding is that on Linux you'd pipe the output of this in somewhere and tell the kernel to use it for entropy, and if it gets insufficient entropy it realizes this and starts producing random bits slower. So like normally the Linux kernel samples mouse movements for randomness, and so it makes more random bits the more you jiggle your mouse. These hardware RNGs are best used for headless servers that don't have as reliable entropy at their disposal.

There's also random.org which uses noise in meteorological measurements.

My question us why are all those meteors constantly screaming and how come nobody has ever thought to investigate what's going on with them?
Are we just letting them suffer so we can generate random numbers out of it, like some sort of sacrifice to RNGesus?
- They're actually going "wheeeeeee!" because falling into the atmosphere is very exciting.

Random? I must be the only one left who believes in a deterministic universe ruled by cause and effect... and lizard people - big big lizard people on Mars.

No you'd have to trust the manufacturer. I wonder if there are any Chinese or other non-US companies that make that kind of thing.