...
The java.security.SecureRandom class is widely used for generating cryptographically strong random numbers. According to the java.security file present in the Java Runtime Environment's lib\/security folder [API 20112013]:
Select the source of seed data for
SecureRandom. By default an attempt is made to use the entropy gathering device specified by thesecurerandom.sourceproperty. If an exception occurs when accessing the URL then the traditional system/thread activity algorithm is used.On Solaris and Linux systems, if file:/dev/urandom is specified and it exists, a special SecureRandom implementation is activated by default. This "NativePRNG" reads random bytes directly from /dev/urandom. On Windows systems, the URLs file:/dev/random and file:/dev/urandom enables enable use of the Microsoft CryptoAPI seed functionality.
...
...