I suppose I should have posted that rand_bytes returns an error if there is insufficient entropy pool, so any answer it returns should be as strongly crypto-random as the first.