[tenebrisalietum]

Pure software can't actually generate mathematically-provable random numbers unless given purely random data to start with.

So pseudo removes total dependency on physical events.

Why you don't want to be dependent on physical events:

- You never know if physical events are truly random unless you test them. Your physical RNG source may be broken or compromised.

- A good strategy is to use multiple physical sources of randomness, and this can be any number of things, including modern CPUs with RDRAND (if you trust them), USB attached devices, sampling ADC noise on your sound card, timing network events, etc. Any/all of that has to be combined somehow anyway. Getting data from some of these may be slow.

- So if an operating system needs random numbers quickly, for SSL key generation, UUIDs, nonces, etc. it should use properly seeded pseduorandom numbers.

[ChrisSD]

I'd also emphasise that fortunately most modern cryptography (outside of one time pads) does not rely on truly random numbers. So long as the sequence is unpredictable enough it's fine (i.e. you can't use known values to more reliably guess unknown values).

The PRNG in the linked page isn't very good but in general PRNGs are super useful in the real world even if they aren't truly random, just so long as they have some source of entropy to occasionally mix into the PRNG.

[RobotToaster]

Wasn't there a company that used lava lamps to generate supposedly truly random numbers at one point?

[nocoiner]

I want to say SGI did this 20-25 years ago?

[tenebrisalietum]

I want to say that was Cloudflare.