rich salz posted to this list a message i sent him about a portable way to gather disk-noise for a true rng. he also was kind enough to forward a reply to me from the list, because i wasn't subscribed at the time. the reply's author pointed out that my approach is not a practical one, and that NOISE.SYS gathers disk timings and other noise more efficiently, anyway. now that i'm subscribed, i'll answer on my own behalf: i agree that my algorithm isn't practical. in fact, that's why i agreed to rich's request that i let him post my message here. i don't recommend paging-timings to my clients, because it's not a workable approach for production-quality code. memory-paging's only virtue as a noise-source is that it's uniquely portable. i failed to emphasize this, in the message rich forwarded for me. the code needs no device-specific calls, and the only OS-specific call is the gettime() call. even with this virtue, i don't recommend it as a production-quality algorithm, unless the process that needs the rng is already memory-bound. i'm sorry that my original msg was unclear on this point; that's my fault, not rich's. by the way, i think the "interesting work" of mine to which rich referred, is my paper on disk randomness, which appeared in the crypto '94 proceedings. it presents work i did at mit from '88-9, and shows mathematically why disk-timings can contain true entropy: a disk's speed variations come from air turbulence, which now is known mathematically to be unpredictable in the long run. my coauthors were p.r. fenstermacher, a chaos-theory physicist, and r. ihaka, a statistician. -don davis, boston