I remember using a Windows-95-native PGP years ago that also used keyboard and mouse events to acquire entropy; presumably, there was not that much determinism, or every PGP key generated on Windows is likely to be weak.
Win95 still allowed direct access to underlying hardware. In the XP-and-beyond world, direct hardware access virtually requires a driver.
If it reads /dev/random, you are fine; the Linux kernel collects very good entropy and GPG uses (and has always used) that source. If it does something else, you probably have a problem, possibly a "Debian OpenSSL" problem...
/dev/random didn't exist in 1991-2 when PGP 2.6.3i was written. At least on SGI IRIX, the standard way of getting random bytes was to open an audio device and sample the least significant bits of the input stream...
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
