Good question.

With open source you can audit the way the code creates the random number.

The are a bunch of tried and tested methods that can be used.