Serious question, I don't know much about this - why is it hard to generate a random number? I don't really understand this conversation about needing better entropy.
because a lot of work has gone into making digital systems as deterministic as possible. there's noise everywhere in the real world, but by thresholding voltage values and operating on clock ticks, digital systems are largely impervious to it.
if you run the same program twice, you get the same result. this is the wonderful result of all that work... but now there's no noise so there's no randomness.
random number generators are actually just mathematical functions that produce a stream of output with a flat distribution given a fixed input. the simplest ones give the exact same output given the same input. (sometimes this is exploited in debugging of algorithms that make use of randomness, like monte carlo methods).
newer hardware has hardware support for generating random numbers using analog phenomena, but older hardware doesn't always have this. there are some clever hacks in the kernel that make use of noise found in the clocks that drive the digital system, as well as sampling from a variety of external sources (interrupts from things like network activity, or keyboard/mouse, or other hardware).
the problem here is that they want good randomness early in the boot process when a lot of those interrupts aren't being generated (because the hardware hasn't started), there's no hardware support for randomness, and the clock noise trick doesn't work.
my guess is that they'll probably add a few more random (hah) hacks to try and generate noise when there's no peripherals although the article states that they're going out and trying to fix userland by adding a program that saves/restores some randomness for each boot.
but. enough with this computer stuff. here's the really interesting question: are living creatures deterministic machines?
there's so much random noise in the environment that it is extremely hard to answer.
moreover, we know that early development of sensorimotor systems is driven by random noise. we learn to control our bodies by being stimulated by environmental noise, attempting to use our effectors (muscles), observing how that works out, correcting errors and then improving on it.
what gives rise to consciousness? i'd argue the randomness from the noise in our environments.
The needs for random numbers vary by application. I'm satisfied with the Johnson noise generated by a resistor, feeding an a/d converter, for testing audio circuits. I only need a sampling rate of a few tens of kHz. For applications like encryption, what's important is not just each number in isolation, but ensuring that sequences of random numbers have required properties that make it hard to guess a number in the sequence from its predecessors. Or to guess that two different sequences come from the same computer. You might need to generate sequences at a rate that make it hard to do with purely physical random sources.
And you need to be assured that a sequence meets those needs without being able to test it to exhaustion, which means it has to be provable from inspection of the algorithm and original sources of entropy. At least, provable enough for the application. ;-)
I think the challenge is in generating random numbers that no one else can guess. I could be way off, but I think its the initial setup that is the sticking point, because if you can't get a good random number as your seed then your 'random' numbers stop being random.. because they can be predicted.
I'm no scientist, but it is intuitive to me that a machine ultimately run by rules of precise and discrete voltage would have trouble here. It seems silly because it feels so basic to us meatspace dwellers, but you can't build up something so precisely and demand it to follow our instructions, and then just be like "ok forget about all that."
That said I do also understand why it is relatively easy to make PRNGs. But that is just dissimulation, its just making instructions eat their own tail.
