To generate random numbers via software, a genuine source of randomness must be used, otherwise one is really generating pseudo-random numbers. Using pseudo-random numbers for encryption purposes is considered largely ineffective. The physical world can provide a genuine source of randomness, but it is not accessible via software using traditional computing hardware.
A regular PC offer access to a small amount of randomness due to the physical world acting upon its components. For example, the exact time it takes for a computer to boot and the internal processes that occur each time it is booted are not completely identical each time. They offer a tiny amount (perhaps only a few bits) of entropy that can be exploited by software random number generators. Other sources of randomness are available from a PC's operating system, but these sources do not change much in short time periods, although they do change a lot from one PC to another.
Human interaction with a machine can introduce an exceptional wealth of random numbers. For example, an acceptable source of random numbers can be obtained by asking a human to move a mouse around for a while and to type letters on a keyboard.
The random number generator created by Xceed Software for the Xceed Encryption Library exploits a variety of software-accessible system values that are partly affected by the physical world and largely affected by the PC's setup and operating system status. Depending on the operating system, the Xceed Encryption Library random number generator can offer between 4-bits (Windows 95) to 32-bits (Windows NT) of randomness (or entropy) between fast repeated calls to the random number generator. As you can see, this is not enough to generate effective 128-bit Secret Keys for example. However, between different PCs the random number generator will generate a lot more entropy, and so if a crypto-attacker does not have access to the machine and will only see a single encrypted message, the random number generator will have done a good job.
The system values used are: TickCount (number of milliseconds since the last boot), the network adapter ID (through a UUID which is more secure on Windows 2000), amount of available physical memory, amount of available page file space, amount of available main system disk space, number of milliseconds since the last user input, the current process ID and thread ID as well as a variety of system performance data that also varies from system to system: statistics on the file cache system (read hits %, reads/sec, data flushes/sec, etc.), statistics on memory (available, cached, read, page faults, reads/sec, writes/sec, etc.), statistics on the processor (% interrupt time, % processor time, interrupts/sec, etc.), statistics on the system (exceptions/sec, file data operations, floating emulations/sec, number of processes, system calls/sec, number of threads, etc.).
All this, however, does not really help very much to generate very high entropy between fast repeated calls to the random number generator.
There are devices which you can purchase for a computer that provide random numbers obtained from the physical world. There are computer peripherals you can attach your system to help generate random numbers based on white noise radiation, air pressure, electron behavior in diodes, etc. We know Intel makes a motherboard chipset that performs this function, for example. The Xceed Encryption Library will offer in future versions (this depends on customer demand) the possibility of using these devices to provide the library with a better source of random numbers.