Thanks for the info! > it should be noted that a networked variant of the EGD protocol has been used by at least one hardware RNG vendor, though I am unsure if the builtin EGD code in OpenSSL could ever talk directly to that variant anyway. I don't think so, since all the code does is open a unix-domain socket. > Two other platforms I can think of as potentially affected are Solaris 2.4+ without the /dev/random patch Yeah, my inclination is to say "get the patch." > and CE installations without MS CryptoAPI The EGD code doesn't work on Windows; we use heap-walk to seed it there.