Is generating random numbers using a smartphone camera a good idea?

Using a camera as random source is a good idea (not a new one, but still a good one). However, you should do it correctly: take the photo, then hash it with a cryptographic hash function, e.g. SHA-256. Then use the output as a seed for a cryptograhically secure PRNG to generate as many random bytes as you need.

Using the file size will yield only very few bits of entropy from your picture: if a typical picture compresses to a size around, say, 2 MB, plus or minus 128 kB on average, then you will get at most 18 bits of entropy from the size. With a hash function, you harvest all the entropy that there is in the photo itself, up to the internal limit of the hash function (about 255 bits for a 256-bit output), which is way beyond that which is necessary for all realistic purposes.

A single photo ought to contain a lot of entropy, unless the camera output is covered in some way and the picture is uniformly black. A word of warning, though: if the hash of the photo is used as a secret (and that's the case if you want to use it as seed for a PRNG to produce keys), then that photo must remain confidential: hash it, but never let it be written as a file in the Flash memory of the phone. The photo should be obtained in RAM only, hashed, and then discarded. I don't know what API for photo capture applications have in a typical phone; it seems probable that you can obtain the photo without hitting the Flash in any way, but I invite you to check.

Would taking a photo using a smartphone and using the RAW file's bytes count as a good way to get a large random number quickly?

In and of itself, no. Digital cameras are designed to capture signal rather than noise, so both the dynamic range and palette compression are designed to fit optimal human vision; not uniform noise distribution. While a RAW file image is a good idea, it will need to bypass the camera's firmware as the firmware "helps" by doing a lot of this image optimisation on the chip - the data fed into the operating system might have already been optimised and cleansed according to various criteria.

But if you can directly use the CCD sensor and tune it for maximum noise (and minimum signal) within a lightless container - a decent noise source can be created.

Holder could recognise by sight, and yet could also deny was a key?

Sadly no, unless the key isn't the whole image but instead a steganographic data stream embedded within the image - as a random image will look, well, random. Which would raise questions in itself for a suspicious attacker.

More sensitive cameras ... would this be one way to protect against intentional flaws being introduced?

There are three different things to consider with "more sensitive" cameras and market forces:

1. For customers this means more megapixels; which is an improvement in the bandwidth of the sensor but says nothing about its inherent entropy (or signal-to-noise ratio).
2. For customers "more sensitive" can mean more responsive to varying light conditions. This means more image processing with the intent of reducing sensor noise and artefacts.
3. People and hence market forces tend not to be aware of how good humans are at matching patterns and how bad humans are at detecting random noise.
   • I could manipulate the values of pixel integers in a way that would almost completely subvert their use as a cryptographic random number source without it being apparent to the user's eye. For example, consider a greyscale image of 10x10 pixels with range of 256 values. I could halve or worse (I don't recall the exact maths) the level of entropy by simply rounding each pixel value to the nearest even value. The human eye wouldn't be able to detect such minute differences.

Further thoughts

The public could certainly benefit from a TRNG application for a mobile phone. Mobile phones have a wide variety of useful peripherals for noise collection. The limitation is whether these sources are accessible at a low level of abstraction.

Proving that a analog source is random is rather difficult; an analog source processed by an inherently digital mechanism even more so. Each camera chip might be subtly different (even on a iPhone monoculture), so a TRNG application would have to have these complex statistical metrics built-in so it can "tune" for each phone.

There is an understandable antagonism toward "rolling your own crypto" and creating a RNG is similar; but if no published well-vetted solution exists for the specific problem domain, then one open-source application is as good as another for starting the peer review process.

It is true random, but obviously a little overkill. As launching camera and taking a picture is somewhat slow operation, and the user would be amazed if she found the camera is constantly turning on and off.

Smartphones have a lot of other sensors you can utilize, like the accelerometer, ambient light sensor, I believe these are much more efficient and hopefully more energy efficient. I think I have read somewhere that CPU uses its thermistor to acquire true random data, this is a great idea.