OK guys. We've promoted Open Source for decades. We have to own up to our own problems.
This was a failure in the Open Source process. It is just as likely to happen to closed source software, and more likely to go unrevealed if it does, which is why we aren't already having our heads handed to us.
But we need to look at whether Open Source projects should be providing the world's security without any significant funding to do so.
Conclusion
It is quite obvious in light of the recent revelations from Snowden that this weakness was introduced by purpose by the NSA. It is very elegant and leaks its complete internal state in only 32 bytes of output, which is very impressive knowing it takes 32 bytes of input as a seed.
Here is the Github repo for the PoC code.
This PRNG is not the NSA making a crypto system stronger ala DES, it's a backdoor.
Intel CPUs are not defective, they just act that way. -- Henry Spencer