In contrast to all other provider based classes in the Java security frameworks, the SecureRandom class does not have a getAlgorithm() method. This makes it impossible for an application to determine the type of a SecureRandom object.
This is an issue in particular for the default SecureRandom implementations obtained using "new SecureRandom()". This also makes it difficult to determine the default SecureRandom algorithm type.
BugTraq+ Release Management Values
COMMIT TO FIX: