I've spent the past 5 years of my life fully employed in the design, creation, testing, and deployment of secure RNGs.
Citation needed. Seriously, this is /. where everyone is a world-class programmer (except me, of course).
The world is full of bad PRNGs, NRNGs, CSPRNGs, DRBGs, TRNGs and any other form of RNG.
I will grant you that one.
LibreSSL doesn't have a leg to stand on. A good secure RNG will return unpredictable output.
Bzzzzt! Sorry, you lose. As I have already said, this is not a LibreSSL problem - it's a Linux PRNG problem. Unless I am mistaken, the same issue is non-existent under OpenBSD, because it's PRNG is different from Linux, better seeded and because PIDs are randomized under that OS.
We know how to do these things. It isn't trivial, but it isn't hard either.
You contradict yourself: if programming PRNGs is, let's say, a medium difficulty task (neither trivial nor too hard), how come you have spent years designing and programnming PRNGs (your words, not mine) and how come the world is full of bad bad bad PRNGs? Surely, by now, everyone would have agreed on a reasonable implementation?
The truth is, PRNGs are HARD to program, because computers are not good at generating truly random numbers. Period. The best implementations all rely on some form of hardware generator. But don't take my word for it, go ahead and read this instead.
Allowing someone to extract predictable behavior from the service end of a security library is a gross failure and an exposition of incompetence.
As opposed to the magnificent job OpenSSL has done all these years, with information leakage, bug reports that went uncorrected for years and accumulated cruft for such modern OS as VMS, DOS and Windows 3.1?
I think you need to tone down the hysteria a notch right here.