In some cases a cracker (malicious attacker) can guess some bits of entropy from the output of a pseudorandom number generator (PRNG), and this happens when not enough entropy is introduced into the PRNG.Commonly used entropy sources include the mouse, keyboard, and IDE timings, but there are other potential sources.Modern CPUs and hardware often feature integrated generators that can provide high-quality and high-speed entropy to operating systems.

dating bad timing-2

Around 2011, two of the random devices were dropped and linked into a single source as it could produce hundreds of megabytes per second of high quality random data on an average system.

This made depletion of random data by userland programs impossible on Open BSD once enough entropy has initially been gathered.

On Debian, one can install the rng-tools package (apt-get install rng-tools) that supports the true random number generators (TRNGs) found in CPUs supporting the Rd Rand instruction, Trusted Platform Modules and in some Intel, AMD, or VIA chipsets, effectively increasing the entropy collected into /dev/random and potentially improving the cryptographic potential.

This is especially useful on headless systems that have no other sources of entropy.

For example, one could collect entropy from the computer's microphone, or by building a sensor to measure the air turbulence inside a disk drive.

However, microphones are usually not available in servers.Microphones are not needed, white noise can be collected from empty microphone, or line in jacks.Webcams are another source of entropy, some are noisy, others can be pointed at lava lamps.As of Solaris 10, administrators can remove existing entropy sources or define new ones via the kernel-level cryptographic framework.A 3rd-party kernel module implementing /dev/random is also available for releases dating back to Solaris 2.4.demonstrated the widespread use of weak keys by finding many embedded systems such as routers using the same keys.