[technion]

The part of this myth is down to what those circumstances are.

What's generally accepted is that, early during first boot, urandom still produces 'random' data without enough entropy for it to be sufficiently random.

What's a myth is that 'entropy can run out' and somehow a sufficiently seeded CSPRNG needs to block after a few reads while it gathers more entropy.

The problem in these discussions is that one, edge case, but valid concern, becomes a cargo cult of "why you shouldn't use urandom" and introduces a messy anti-pattern.

[rurban]

Which is was exactly described in this paper. It's not cargo cult, it's the exact technical explanation what happens when the entropy runs out, while it should be blocking or in the OpenSSL case just use a proper API to avoid the exact same confusion (this is low entropy as with /dev/urandom ) or add more mixing rounds.

The cargo cult you are describing is exactly the cargo cult trap you are falling into.

[technion]

Question 4 specifically discusses the point tat entropy does not "run out".

[Natanael_L]

Entropy doesn't run out if your CSPRNG is good