> I heard that since 4.9, there has been some changes to the > /dev/randoms in OpenBSD. I'm unsure of what the changes exactly are, > but for confidentiality in terms of entire hard drives (talking > terabytes of SATAII hard drives), would /dev/srandom still be the best > suitable for this task?
There is now only one random device, /dev/random. It is all PRNG, but our PRNG is very good. The pool management has a set of nested data recursions that mix newly collected randomness (from interrupts and such) with the timing of extractions, of course at the same time that all entropy requests are being segmented in invisible ways amongst many consumers (especially those small requests made so often by our kernel code). It acted like that before, but it is now even better. And yes, it is a lot faster. > Last I remember, /dev/arandom was much too > slow since I could not do enough on my computer to create enough > entropy to randomize my disks before an entire year passed, heh I'm seeing 150MB/sec of output on a fairly fast machine. It was slower before, but not that much slower. I think you are exaggerating.
