Shachar Shemesh wine-devel@shemesh.biz writes:
*CPGenRandom* is one of the more difficult functions to implement correctly, and it must be done correctly to maintain the security of a CSP. *CPGenRandom* is used internally by the *CPGenKey* http://msdn.microsoft.com/library/en-us/seccrypto/security/cpgenkey.asp function, as well by applications when generating data items used in cryptographic protocols such as challenge strings. A CSP is not producing message security if values of the cryptographic keys or challenge strings produced by a CSP are predictable.
The way I read it, the rest of the discussion further enhances this point. They are basically saying that the seed should be taken from a hardware device, if one is available.
This is *exactly* what /dev/urandom does.