homepage

> * We're not reading urandom "a huge number of times per second". This is just one read of 2,500 bytes. What Ted is talking about and what we're doing are as different as night and day.
>
> * We're also not doing this in a loop. It is just once when Random() is initialized. There are no threading issues here.
Well, you don't know how people will use it though: some code spawns
many processes per second (see recent discussion on python-dev).
> * 32 bytes is good but it is not enough. There is a reason that the state space for the Mersenne Twister is so large to begin with. Functions as simple as shuffle() eat through the possibilities very quickly.
As I said, I'm not a cryptography expert, but quoting the link you gave:
"""About 256 bits of entropy are enough to get computationally secure
numbers for a long, long time."""
The kernel's CSPRNG itself considers 256 bits enough, so I'm curious
as to what makes you think that 32 *bytes* is not enough.
openssl itself only reads 32 bytes from /dev/urandom:
"""
$ strace -e open,read openssl genrsa
open("/dev/urandom", O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3
read(3, "336円314円312円355円<305円312円375円244円276円G\n201円^32円236円301円243円327円277円344円320円0円5円3017円-\\346円333円G?",
32) = 32
"""
In short, everyone seems to think that 32bytes seeding is more than enough.