
A good idea with bad usage: /dev/urandom - beefhash
http://insanecoding.blogspot.com/2014/05/a-good-idea-with-bad-usage-devurandom.html
======
geofft
This is from May 2014. Most of the concerns in this article were addressed in
the getrandom syscall for Linux, proposed in July 2014:

[https://lwn.net/Articles/606141/](https://lwn.net/Articles/606141/)

The claims about /dev and chroots indicate that the author doesn't really have
a coherent threat model -- chroots don't work that way, and any attacker who
can subvert /dev can as easily subvert the application's binary itself, read
the application's virtual memory and extract the private key, etc.

