talking of crypto usb sticks, theres a new one crowdfunding: https://www.crowdsupply.com/nth-dimension/signet
the dev has been helpful/responsive to my questions too.
the bootloader thing is non-free but that is only used in the factory and for updates it uses its own upgrade software in the firmware.
"There is no proprietary software whatsoever. The only technical exception would be the factory bootloader used to initially flash the device. After initial firmware loading the firmware can be updated live through firmware update in the GPLv3 source base. "
"The factory bootloader is still there but can only be activated by jumpering two to the microcontorller's pins together and rebooting. The signet firmware features an "updgrade firmware" command which is completely free software and does not use the factory bootloader. The best way to describe it is that I have superseded propritatry bootloader but I have not physically destroyed it. I hope that clarifies it. "
just a encrypted database. no pgp cypto done on the device. but maybe possible as stretch goal or something. idea for just passwords and storing other keys and bits.
RNG is a mix of: "When random data is needed it is gathered from three different sources in equal amounts, the host, the hardware RNG on the micro-controller, and clock noise measured between the RTC and processor clocks which have separate oscillators. Once the code has all the three noise values they are XOR'ed together. I think the hardware RNG does have trust issues but by using these sources together even if it has some engineered weaknesses I believe will get a higher quality random data by including it."
had kinda forgotten about nitrokey, arr wondering what to do.... already made a pledge for signet... nitrokey is about same~ price but looks like it does more....
read some technical people reviews of nitrokey err left me feeling unsure about it... :/