> On Wed, Sep 29, 2010 at 09:39:06AM -0600, Theo de Raadt wrote: > > > On Wed, Sep 29, 2010 at 9:57 AM, Simon Perreault > > > <simon.perrea...@viagenie.ca> wrote: > > > > I'm trying to use /dev/srandom, but I can't get even a single byte out > > > > of it. > > > > > > Independent of other problems, I don't think you should be using > > > srandom. We should just take that interface away, people see it and > > > then they want to use it, but it doesn't work the way they want. > > > > Taking it away would first require an extensive audit of the ports > > tree -- to make sure that the applications in there don't end up > > choosing something even *worse* than srandom... > > And isn't srandom sometimes (very rarely!) appropriate? E.g. for > generating encryption keys?
hell no! srandom is definately worse than the arc4random generator. oh, but linux people told you it was the best. I get it.