[Taniwha]

It could transmit, there is no transmit code in the firmware, in fact there's no real receive code, we turn on the receiver and sample the LSB of RF noise in the sampling DACs but don't enable any demodulation or framing.

Turning both RNGs on only gets you a about half a bit/byte of extra entropy - but it is a great belt and braces sort of thing, makes it much harder to attack, especially since the sampling clock inside the device for both sources is not visible eternally

Remember we don't use the output data directly, we mix it into the kernel's entropy pool (where it's whitened)