I think I never used PRNG in any serious software, but it surprised me as intuitively I would've assumed that using the same RNG in as many places as possible would make it harder to perform such an attack, because it would make it less likely you can observe enough places at which it is updated, but this was a pretty impressive and fun demonstration that this is false.
Yeah it's obviously biased to the field you work in. And I'm aware that libs im using use some form of randomness, be it for uuid-gen, entropy for SSL or whatnot, but I seriously can't remember the last time I called rand() and friends directly for anything.
Hi about pulling a sample of good random every N invocations to still allow for fast PRNG but to ideally defeat these schemes. Maybe use the real signals RNL value to seed the PRNG. Just a thought.
I often find myself sharing the rng in my code for performance reasons, but stories like this definitely make me pause.