Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Cloudflare Uses Lava Lamps To Encrypt the Internet (zdnet.com)

Posted by BeauHD on from the eeny-meeny-miny-moe dept.

YouTuber Tom Scott was invited to visit Cloudflare's San Francisco headquarters to check out the company's wall of lava lamps. These decorative novelty items -- while neat to look at -- serve a special purpose for the internet security company. Cloudflare takes pictures and video of the lava lamps to turn them into "a stream of random, unpredictable bytes," which is used to help create the keys that encrypt the traffic that flow through Cloudflare's network. ZDNet reports: Cloudflare is a DNS service which also offers distributed denial-of-service (DDoS) attack protection, security, free SSL, encryption, and domain name services. Cloudflare is known for providing good standards of encryption, but it seems the secret is out -- this reputation is built in part on lava lamps. Roughly 10 percent of the Internet's traffic passes through Cloudflare, and as the firm deals with so much encrypted traffic, many random numbers are required. According to Nick Sullivan, Cloudfare's head of cryptography, this is where the lava lamps shine. Instead of relying on code to generate these numbers for cryptographic purposes, the lava lamps and the random lights, swirling blobs and movements are recorded and photographs are taken. The information is then fed into a data center and Linux kernels which then seed random number generators used to create keys to encrypt traffic. "Every time you take a picture with a camera there's going to be some sort of static, some sort of noise," Sullivan said. "So it's not only just where the bubbles are flowing through the lava lamp; it is the state of the air, the ambient light -- every tiny change impacts the stream of data." Cloudflare also reportedly uses a "chaotic pendulum" in its London office to generate randomness, and in Singapore, they use a radioactive source.

110 comments

  1. Also known as LavaRand by XXongo · · Score: 5, Interesting

    https://en.wikipedia.org/wiki/... Lavarand was a hardware random number generator designed by Silicon Graphics that worked by taking pictures of the patterns made by the floating material in lava lamps, extracting random data from the pictures, and using the result to seed a pseudorandom number generator.[1] Although the secondary part of the random number generation uses a pseudorandom number generator, the full process essentially qualifies as a "true" random number generator due to the random seed that is used. However, its applicability is limited by its low bandwidth.

    1. Re:Also known as LavaRand by MikeDataLink · · Score: 1

      Lavarand was a hardware random number generator designed by Silicon Graphics that worked by taking pictures of the patterns made by the floating material in lava lamps

      That's one of the first statements he made in the video.

      --
      Mike @ The Geek Pub. Let's Make Stuff!
    2. Re:Also known as LavaRand by AvitarX · · Score: 1

      I remember reading about it in the 90s in an Economist column in the science section.

      --
      Wow, sent an e-mail as suggested when clicking on "use classic" banner, and got a fast response that addressed my msg
    3. Re:Also known as LavaRand by whh3 · · Score: 1

      In this article from the NY Times, people from SGI say that they eventually gave up on the lava lamps and just took pictures of the lens cap which meant that they were essentially using electronic noise!

      Fascinating!

      I also recall that in the early 2000s Google was using this very technique. You could go online and view images of the lavalamps. Unfortunately I can't find any good references to it. Sorry!

      Will

      --
      remove nospam. to email!
  2. Why not just a hardware random generator ? by Anonymous Coward · · Score: 0

    I mean there is plenty of those off the shelf ?

    1. Re: Why not just a hardware random generator ? by Anonymous Coward · · Score: 4, Funny

      Women are completely unpredictable, just use them.

    2. Re:Why not just a hardware random generator ? by Anonymous Coward · · Score: 0

      What is described is a hardware random number generator.

    3. Re:Why not just a hardware random generator ? by corychristison · · Score: 4, Informative

      I'd say it's a gimmick, if anything.

      Truth is there are other/better/easier sources to generate entropy seeds from.

    4. Re: Why not just a hardware random generator ? by DontBeAMoran · · Score: 0

      You win the Internet for the rest of the day.

      Enjoy.

      --
      #DeleteFacebook
    5. Re:Why not just a hardware random generator ? by Anonymous Coward · · Score: 1

      The lava lamp can’t be backdoored like that hardware can.

    6. Re: Why not just a hardware random generator ? by bickerdyke · · Score: 1

      But ON a shelf. Not OFF the shelf.

      But hey! It is working, easy to explain to anyone brighter than a box of darkness and most important: it's a really cool thing to show visitors on a tour through the office.

      Come on, how many tech companies would show guests actual production hardware and even if, how often would it be some dull boxes in a Datacenter

      --
      bickerdyke
    7. Re:Why not just a hardware random generator ? by Anonymous Coward · · Score: 1


      Truth is there are other/better/easier sources to generate entropy seeds from.

      I thought the same thing at first. Then realized that:
      1. You really only need to generate a new seed very sporadically.
      2. Insiders that can see the damn thing are unlikely to choose this as an attack path since they have so many far better ones.
      3. You can actually SEE that the thing is working correctly, unlike a radioactive source.

      All in all, it sounds like an OK solution, though it does have a gimmicky sort of look to it.

    8. Re:Why not just a hardware random generator ? by Anonymous Coward · · Score: 0

      Well, no. It is hard to actually have randomness from deterministic machines and software. The Radioactive decay method might be logistically easier only because of the task of managing Lava Lamps. True chaos is hard to achieve except in Washington.

    9. Re: Why not just a hardware random generator ? by Anonymous Coward · · Score: 0

      Sure? Turn them off or put some filter between them and the sensor and enjoy your seed of 0x00000000000

    10. Re:Why not just a hardware random generator ? by Anonymous Coward · · Score: 0

      Hell, they'd get more entropy if they just left the lens caps on!

      So yes, it's definitely a gimmick, but it's functional nonetheless, and pretty cool to look at.

      dom

    11. Re: Why not just a hardware random generator ? by Anonymous Coward · · Score: 1

      Because there is no known general analytical solution to the Navier-Stokes equation. It is a hardware rng.

    12. Re:Why not just a hardware random generator ? by Hognoxious · · Score: 3, Funny

      3. You can actually SEE that the thing is working correctly, unlike a radioactive source.

      You can hear it. It makes a clicking sound. Have you never seen a movie?

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
    13. Re:Why not just a hardware random generator ? by hey! · · Score: 1

      Well, it isn't hard to build a simple circuit that generates randomness from semiconductor junction noise, but pointing a video camera at a lava lamp is even easier and more within the skill set of an average software geek.

      --
      Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
    14. Re:Why not just a hardware random generator ? by Anonymous Coward · · Score: 0

      Well, it isn't hard to build a simple circuit that generates randomness from semiconductor junction noise, but pointing a video camera at a lava lamp is even easier and more within the skill set of an average software geek.

      Actually, designing good RNGs isn't in the skill set of an average software geek, no matter the technique.

      RNGs are HARD to get right, it requires lots of specialized knowledge.

    15. Re:Why not just a hardware random generator ? by hey! · · Score: 1

      Yes, but we're not talking about design. We're talking about re-using existing design.

      Only a complete fool would try to gin up his own pseudorandom number generator algorithm; you look a good one up in a book. We're not even talking about that here; we're talking about using somebody else's scheme.

      --
      Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
    16. Re:Why not just a hardware random generator ? by Anonymous Coward · · Score: 0

      >Mentioned Washington
      opinion discarded

    17. Re:Why not just a hardware random generator ? by Wootery · · Score: 1

      opinion discarded

      From an AC? Now I've seen everything.

    18. Re:Why not just a hardware random generator ? by Anonymous Coward · · Score: 0

      Even simpler - amplify the thermal noise in a hot resistor.

      You hear thermal noise if you turn off the input to an audio amplifier and turn the volume up to max. Now, those building amplifiers go out of their way to minimize such noise. Just go the other way - maximise the noise. And if you need lots of randomness, the noise gets worse at higher frequencies - no problem making noise at 1GHz.

    19. Re: Why not just a hardware random generator ? by Anonymous Coward · · Score: 0

      There are some general analytical solutions to Navier-Stokes. However, they are very confined and simple systems. One example is "Couette Flow."

  3. Looks like someone paid attention in physics class by RightwingNutjob · · Score: 2

    The universe is full of randomness that's hard to predict. The triumph of digital electronics is that they eliminate the randomness almost completely when abstracted up from electron/hole pairs in semiconductors to the realm of bits and bytes. That means you can't get randomness out of it, no matter how theoretically secure your algorithm--you need to go back to the messiness of physical space for that. Well done.

  4. Lava lamps are VERY deterministic! by Rick+Schumann · · Score: 3, Interesting

    Have you ever watched a lava lamp for a while? Especially one that's been around for a while? They're incredibly deterministic.
    I would think this would be a better source: http://random.irb.hr/

    1. Re:Lava lamps are VERY deterministic! by 93+Escort+Wagon · · Score: 1

      Yeah, my first thought was - this is more like a random number generator for which you know the salt.

      --
      #DeleteChrome
    2. Re:Lava lamps are VERY deterministic! by DontBeAMoran · · Score: 1

      Did you watch the video? The total sum of all the inputs is extremely random.

      --
      #DeleteFacebook
    3. Re:Lava lamps are VERY deterministic! by Anonymous Coward · · Score: 0

      "Every time you take a picture with a camera there's going to be some sort of static, some sort of noise,"

      How many pixels in the picture? A keyspace measure in millions isn't very large, especially when many of those picture "states" will never be generated (eg cos this red lava lamp is never going to show as blue).

      The whole "wall of lava lamps" seems to be more for show than anything

    4. Re:Lava lamps are VERY deterministic! by zm · · Score: 2

      Have you ever watched a lava lamp for a while? Especially one that's been around for a while?

      Yeah.. Entropy ain't what it used to be... Sigh.

      --
      Sig ?
    5. Re:Lava lamps are VERY deterministic! by perpenso · · Score: 1

      It depends on the sampling period. Once a second, yes, once an hour, no so much. :-)

    6. Re:Lava lamps are VERY deterministic! by viperidaenz · · Score: 1

      yeah, get your random numbers fed from a plain-text source. Sure it's random, but if you want to use it for cryptography, it should problem remain secret.

    7. Re:Lava lamps are VERY deterministic! by barbariccow · · Score: 1

      They could create and deploy a safe truly-random generator, but couldn't do the tier-1 5 minute task of installing an SSL cert? They seem to not even CARE...

      To enable high security, in future, SSL protocol shall be supported, i.e. all data shall be encrypted

    8. Re:Lava lamps are VERY deterministic! by barbariccow · · Score: 2

      No, but it doesn't matter. That's the beauty of using LIGHTS. They affect the parts of the picture which don't change, i.e. the bottom of lamps or the air between the lamps. Including dust and distortion, a high-res picture can provide a lot of entropy. Could even have multiple layers to it. Consider the bits in the raw picture are used modulus 64 to select one of 64 solid colours. Then, you create a diff map of that solid colour vs the pixel value as the final entropy bits. That simplistic example would add a measure of change to even the parts of the picture which could never be covered by dust, are not affected by the light source at the camera resolution used, etc.

    9. Re:Lava lamps are VERY deterministic! by Anonymous Coward · · Score: 0

      If the picture contains (say) 20 million pixels, then the set of all patterns which can be represented is also in the millions. That's a small key space.

    10. Re:Lava lamps are VERY deterministic! by Anonymous Coward · · Score: 0

      They aren't using the pictures for keys. The pictures are used as an additional seed into the kernel's entropy pool to keep /dev/random fast.

      "swirling blobs and movements are recorded and photographs are taken. The information is then fed into a data center and Linux kernels which then seed random number generators used to create keys"

    11. Re:Lava lamps are VERY deterministic! by barbariccow · · Score: 1

      If it was monochromatic, sure. Consider 21 bits for each R-G-B (63 bits total). Now you have (20 million to the power of 64) - 1 possible values. PLENTY of room to seed an algorithm which can extrapolate to a very large keyspace.

    12. Re:Lava lamps are VERY deterministic! by guruevi · · Score: 2

      If you figured out fluid dynamics IN YOUR HEAD, you shouldn't be posting on /. Einstein.

      --
      Custom electronics and digital signage for your business: www.evcircuits.com
    13. Re:Lava lamps are VERY deterministic! by Wootery · · Score: 1

      Either Cloudflare didn't notice that there's a superficial predictability to a lava-lamp, or you don't understand how their RNG leverages lava-lamps and chaotic fluid dynamics.

      Which seems more likely?

    14. Re:Lava lamps are VERY deterministic! by RPI+Geek · · Score: 1

      Even sampling at 1kHz (the actual rate that Cloudflare uses), the predictive errors propagate rather quickly.

      For just one lamp, you would need impractically accurate information of the lamp at a known time to feed into an impractically accurate model of the thermal and fluid dynamics of the lamp to predict its state. Then you'd need to frequently update said impractically accurate information to correct for the drift over time due to other factors that affect the state of the lamp (outside heating/cooling, vibrations, power source fluctuations, etc) or else you'd need to be able to factor those variables into your model.

      Good luck with that.

      --

      - "Nobody came out that night, not one was ever seen. But Old Man Stauf is waiting there, crazy sick and mean!"
  5. bps? by Cajun+Hell · · Score: 3, Interesting

    I'm not saying it's a bad idea, but Cloudflare must need a lot. How many bps of entropy can you get per lava lamp?

    --
    "Believe me!" -- Donald Trump
    1. Re:bps? by Luthair · · Score: 1

      They most likely use it for seeds, its unlikely to change by enough from moment to moment. Maybe raises a question what happens if they need to seed many hosts at once.

    2. Re:bps? by suutar · · Score: 2

      seed one PRNG, pull out N values and use those as seeds for other stuff? Reseed often enough to avoid the PRNG's cycle and what you pull out should stay unpredictable.

    3. Re:bps? by barbariccow · · Score: 1

      The rate of output doesn't have to depend on the rate of input if you just store everything. So if you get 1 million bits per minute (just pulling a number out of the air), run it for a year before going into production, you already have 31557600 million (assuming 365.25 days in a year) bits ready to go before you start using. This would cover bursts, power outages, need to disable the system to change light bulbs, etc.

    4. Re:bps? by barbariccow · · Score: 1

      31557600 should be 525960, but the point remains ( I accidently used seconds in a day instead of minutes)

    5. Re:bps? by AmiMoJo · · Score: 3, Informative

      But why bother? You can use a simple quantum noise source made from a saturated silicon P-N junction (half a transistor) that puts up a few million bits per second. Balance and whiten them and you can easily get a 2 million truly random bits per second for parts costing a couple of Euros. I built one as a little hobby project.

      Just using a microcontroller's built in termperature sensor I've managed to get close to 3Mb/sec. It all passes the standard tests (Diehard, NIST etc.)

      Cloudflare's systems are just gimmicks. Interesting ones, but not serious.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    6. Re:bps? by religionofpeas · · Score: 1

      Or: seed one cryptographically secure RNG with 1024 bits of random state, and pull out as many values as you'd like.

    7. Re:bps? by suutar · · Score: 1

      That's certainly one way to avoid the cycle time :)

    8. Re:bps? by suutar · · Score: 1

      oh, sure, you can use other methods to get the random bits to seed the PRNG. I was just trying to respond to the question of how they can seed a bunch of stuff at once given the effective bit rate of a wall of lava lamps.

  6. Next Version by Zorro · · Score: 1

    Pop Rocks based encryption!

  7. Pseudo-Nerdery by Anonymous Coward · · Score: 5, Interesting

    Lava lamps are giant blobs of cohesive good. Unpredictable as they are, their entropy is pretty low.

    We had an old slashdotter on here a few years ago who made specialised RNG generating cards. They used unpredicatable random static noise and filters to generate extremely high quality random data. Apparently their cards were so good, they discovered flaws in some kind of "Die Hard" suite of statistical tests. I think the cards retailed for ~$30 IIRC.

    That's nerdery. That's going the distance. Using lava lamps? That's hipster shit. Pseudo-nerdery. Someone who, for whatever direction their lives have taken them, thinks they're a nerd, but really they're at best a geek who can follow a cookbook. And most of the internet won't be able to tell the difference.

    The real nerds don't get stories written about them anymore.

    1. Re:Pseudo-Nerdery by TechyImmigrant · · Score: 1

      Dieharder has a handful of suspect tests. You can safely ignore them.

      What's worse is when the certification tests are broken. Here is this old slashdotter's evaluation: https://github.com/dj-on-githu...

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    2. Re:Pseudo-Nerdery by legoleg · · Score: 5, Informative

      From way back in 2006, this looks like the guy you mention:

      https://slashdot.org/comments....

  8. lava lamps really needed? by supernova87a · · Score: 2

    Is the lava lamp really the source of most of the randomness, or is it kind of a gimmick that people can say and understand? I mean, cmon, the noise in the camera itself is probably already enough, right? They're taking the Nth decimal place of some characteristic of the entire image -- the lava really isn't that important, is it?

    1. Re:lava lamps really needed? by apoc.famine · · Score: 1

      I'm guessing not. I was wondering why they didn't just point a webcam out the window. Capture enough busy highway, sky, and pedestrian areas combined with the noise from the camera, and you're probably accomplishing the same thing.

      --
      Velociraptor = Distiraptor / Timeraptor
    2. Re:lava lamps really needed? by TechyImmigrant · · Score: 1

      Is the lava lamp really the source of most of the randomness, or is it kind of a gimmick that people can say and understand? I mean, cmon, the noise in the camera itself is probably already enough, right? They're taking the Nth decimal place of some characteristic of the entire image -- the lava really isn't that important, is it?

      You are correct to question this and your intuition is correct. The noise in the camera provides more entropy by a large margin. The better choice would be to put the cap back on the camera lens, so the gain is cranked up and the noise is maximized.

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
  9. Patented by Bruce+Perens · · Score: 3, Informative

    Lavarand is the subject of this patent and I wonder if CloudFlare has a license? Insert comments on the frivolity of the patent and of the patent system below.

    I suspect that the noise of the camera sensor contributes as much randomness as the lava lamp. And it's thermal or quantum noise, so probably a good random source.

    --
    Bruce Perens.
    1. Re:Patented by Anonymous Coward · · Score: 0

      Patent claims using the random sampled stuff, hashing it, and using it as seed.
      Simply omitting any step, e.g., not hashing before using as seed, or using the data directly instead of as seed, should be sufficient to avoid violation?
      ianal, so reserve the right to be wrong of course.

    2. Re:Patented by viperidaenz · · Score: 1

      Patent expired on Jan 29th 2016

    3. Re:Patented by AvitarX · · Score: 1

      Maybe it's new?

      --
      Wow, sent an e-mail as suggested when clicking on "use classic" banner, and got a fast response that addressed my msg
    4. Re:Patented by Bruce+Perens · · Score: 1

      21 years already? Funny that I didn't even think of looking at that.

      --
      Bruce Perens.
    5. Re:Patented by guruevi · · Score: 1

      We ARE getting old. The patent was filed about the time I first tried Debian and Red Hat from mailer CD's

      --
      Custom electronics and digital signage for your business: www.evcircuits.com
    6. Re:Patented by Anonymous Coward · · Score: 0

      > I suspect that the noise of the camera sensor contributes as much randomness as the lava lamp.

      I assume that you're right. The original Installation use an SGI O2 along with the "Moosecam" that came with it. I have one at home, and it is rather noisy, but it has the advantage that it can actually transmit uncompressed SD video, i.e. 640x480 (or was that 720x480?) at 30Hz.

    7. Re:Patented by DerekLyons · · Score: 1

      Lavarand is the subject of this patent and I wonder if CloudFlare has a license?

      The filing date of the patent (the date it's effective from) is Jan 29, 1996. US patents are good for twenty years. As I write this, it's Nov 8th 2017.

      I'll let you do the math.

  10. Re:Looks like someone paid attention in physics cl by TechyImmigrant · · Score: 2

    The universe is full of randomness that's hard to predict. The triumph of digital electronics is that they eliminate the randomness almost completely when abstracted up from electron/hole pairs in semiconductors to the realm of bits and bytes. That means you can't get randomness out of it, no matter how theoretically secure your algorithm--you need to go back to the messiness of physical space for that. Well done.

    That's what metastability is for. It's how the entropy source in your CPU works and it's a heck of a lot more efficient and fast than a bunch of lava lamps.

    --
    I should use this sig to advertise my book ISBN-13 : 978-1501515132.
  11. rdiculous by Anonymous Coward · · Score: 0

    There is a huge amount of randomness in semiconductor noise. The number of idiots on the planet is also a randomly increasing number.

  12. Obligatory Dilbert by DontBeAMoran · · Score: 1

    http://dilbert.com/strip/2001-...

    --
    #DeleteFacebook
    1. Re:Obligatory Dilbert by Gavagai80 · · Score: 1

      Obligatory XKCD: https://xkcd.com/221/

      --
      This space intentionally left blank
    2. Re:Obligatory Dilbert by DontBeAMoran · · Score: 1

      RFC 1149.5 specifies 4 as the standard IEEE-vetted random number.

      --
      #DeleteFacebook
  13. Your lawn sounds nice... by Anonymous Coward · · Score: 0

    Can I come stand on it?

  14. Another possible source by 93+Escort+Wagon · · Score: 1

    Just have me hit a golf ball off the tee - there's no way you can predict where that sucker's gonna land.

    --
    #DeleteChrome
    1. Re:Another possible source by fisted · · Score: 1

      I think you're on to something! If you use a graphene drone to find out where the golf ball ends up, with some AI and blockchain -- damn that's gonna be huge!

      --
      CLI paste? paste.pr0.tips!
  15. Re:Looks like someone paid attention in physics cl by Waffle+Iron · · Score: 3, Funny

    it's a heck of a lot more efficient and fast than a bunch of lava lamps.

    I made my lava lamp RNG much more efficient by installing LED bulbs in the lamps.

    It's also much faster now. No matter how fast I read out bits, I get the same results.

  16. It is a gimmicky one by Anonymous Coward · · Score: 0

    As the OP I was speaking of the one you just plug in, which are either on a board and/or an USB. They are hardware number generator, and certified so, where as the lava lamp trick is not, and you would have no guarantee your own algorithm did not have an error making the end number LESS random than a hardware certified random number generator. That is the type of solution which is good maybe for a hobbyist, but for a cloud center... ? I have to question why this is used as solution.

    1. Re: It is a gimmicky one by Anonymous Coward · · Score: 0

      You don't know they are using their own algorithm.
      So your post is FUD.

  17. Old news by Flexagon · · Score: 1

    And as the Wikipedia article states later, this technology dates to 1997, and includes a link to the patent from 1998. So this is not news.

    1. Re:Old news by um...+Lucas · · Score: 1

      Well, the patent has either expired or is just about to. So the news is it'll soon be available to anyone.

  18. ... but are they Chinese-made Lava Lamps? by jtara · · Score: 1

    See subject.

  19. ..and in Singapore, they use a radioactive source. by tgibson · · Score: 1

    Like from Caesium atoms?

  20. Darn by mapkinase · · Score: 1

    It's older than /.

    --
    I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
  21. Apple's Lavarand wall would have both color and IR by perpenso · · Score: 1

    The lava lamp can’t be backdoored like that hardware can.

    But the camera software can, and the image processing software can, etc.

    Are the cameras visible color spectrum or IR? The former could be spoofed with a photo, no need to backdoor the software.

    FWIW ... Apple's Lavarand wall would have both color and IR cameras. ;-)

  22. Easy Hack by Anonymous Coward · · Score: 0

    Just put a camera in the room.

    1. Re:Easy Hack by Chatterton · · Score: 1

      Think a little about it. Does your camera is at exactly the same place? Did your camera CMOS chip have exactly the same defects as the one they use? Do you take your still images at exactly the same time? And there is so much parameters that make your easy hack not so easy. The easy hack would be to put some kind of spying apparatus behind their camera that send the information back to you, not putting another camera.

  23. Mostly PR gimmick. by CptLoRes · · Score: 1

    They probably would have gotten as good randomness just from putting the cameras in a dark room and using the analog noise in the camera sensors.

    1. Re:Mostly PR gimmick. by atisss · · Score: 2

      That would also be more secure, as it can't be observed and intercepted.
      There have been several cases when flaw found in PRNG affects the security of resulting cryptographic key.
      If you want secure key, you need secret random seed, not one that can be publicly observed and replayed/repeated

    2. Re:Mostly PR gimmick. by religionofpeas · · Score: 1

      There have been several cases when flaw found in PRNG affects the security of resulting cryptographic key.

      You can simply avoid this by using a PRNG based on a reputable and secure encryption algorithm. No need to do fancy stuff. Take a simple counter, counting 1, 2, 3, 4, 5... and feed that stream into an AES-256 block cipher.

  24. internet by Anonymous Coward · · Score: 0

    On the internet, nobody knows you're a lava lamp.

  25. Modernize: Replace lamp with GPU by perpenso · · Score: 1

    And as the Wikipedia article states later, this technology dates to 1997, and includes a link to the patent from 1998. So this is not news.

    Fine, modernize the system. Replace the incandescent light bulb with a GPU mining cryptocurrency. :-)

    1. Re:Modernize: Replace lamp with GPU by Anonymous Coward · · Score: 0

      The modern succesor to LavaRand was pretty much that. Instead of imaging a lavalamp the last implementation used a cmos imager stripped of its lens, sealed in a light proof box and was using thermal noise in the array to generate bit strings. tape the thing to a Vega and it'll spit out Pi to the last digit at lease once :)

  26. Lava Lamp Randomness by Neuronwelder · · Score: 1

    Makes you wonder if it could detect someone breaking into a video line.

  27. But this book of random numbers gets 4 stars by billrp · · Score: 1

    https://www.amazon.com/Million...

  28. No such thing as random by bug1 · · Score: 1

    Random == An unrecognised pattern

  29. Earthquake! by mnemotronic · · Score: 2

    Power failure!
    Seed = 00000000000000000000000000000000000000000000000000000

    --
    The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
    1. Re:Earthquake! by Anonymous Coward · · Score: 0

      No. Even if we go with the joke and assume, that the Power failure ONLY knocks off the Lava Lamps, there still would be randomness from the noise of the camera...

    2. Re:Earthquake! by Anonymous Coward · · Score: 0

      If the camera by itself provides suitable noise, why have the lamps to begin with? What's the resolution and color scale? 320x480@16bit? mono? That would play a role.

  30. saw it on Star Trek: Discovery by cstacy · · Score: 0

    In one scene, you see an open panel beneath the Communications Officer's station, and sure enough there is a lava lamp there. Freeze frame and you can see the mounting plate where it says "Crypto Source". OK, I made that up. But it's not as stupid as the starship being teleported by interfacing a crewman's DNA with mushroom spores that connect to the infinite mushverse reality plane. And based on what the writers are obviously smoking, both the spore drive and the lava lamp are at least internally consistent technology and practices.

  31. random.org by Anonymous Coward · · Score: 0

    uses atmospheric noise and has a great set of pages explaining it all, and statistics

  32. nerd bait by Anonymous Coward · · Score: 1

    If I were a cryptographer, I think I would literally jerk off at the idea of predicting future states of lava lamps to crack a large % of the world's encryption.

  33. Re: Looks like someone paid attention in physics c by jecowa · · Score: 1

    I trust the lava lamps to be random more than I trust the CPU.

    --
    my opportunity to freely express myself with the potential persecution and hangings and such
  34. Re: Looks like someone paid attention in physics c by RightSaidFred99 · · Score: 1

    Then your trust is misplaced and foolish. You are trusting the CPU to take in all that data and analyze it and extract random data, but you won't trust it to do something they have had in hardware for ages. Serious derp levels going on with this lava lamp nonsense.

  35. No by Anonymous Coward · · Score: 0

    If you're going to encrypt lots and lots of connections, you still need quite a lot of random data. Predictable "random" sources are useful enough that the NSA tried and managed to sneak one into a NIST standard. So at least for some people, mucking up other people's randomness sources was worth the risk of being found out. And no, while you can see that it's being all blobby, that doesn't mean you can see that it is being random at all. It looks seductively cool, is all.

    So no, this is pure geekery (and not nerdery). Plus that the reporting is atrocious. No, cloudflare doesn't "encrypt the internet", they deal in (severely broken) http front-endery, that means they deal in "world-wide web", not "internet". I say their mucking around with lavalamps doesn't exonerate their transgressions, no matter how many 90s retrohip geekery points it scores.

  36. good for them. by Anonymous Coward · · Score: 0

    Finally somebody whom gets it there is no such thing as objective randomness, but there is impractical knowledge just beyond human reasoning.

  37. Re:Apple's Lavarand wall would have both color and by religionofpeas · · Score: 1

    The former could be spoofed with a photo

    No, because even a static photo will still have plenty of sensor noise. You could put the lens cap on, and it would work just as well.

  38. Gimmicky by Anonymous Coward · · Score: 0

    Lights go out, camera goes out, all you get is black. Gimmicky as hell.

  39. That's not a knife. by Anonymous Coward · · Score: 0

    "Starfire casemod".

    But everything is peecee crap these days, so you can mod all you want, it remains peecee crap. No embarrasingly parallel massively redundant array of lava lamps can change that. And cloudflare just isn't cool enough, no matter what they do. Sorry, not sorry.

  40. Morons by Anonymous Coward · · Score: 0

    They have clearly never heard of computational fluid dynamics, which can pretty accurately (probably to within 0.01%) predict the behavior of a lava lamp.

  41. US 5732138 A by Ash-Fox · · Score: 1

    Are they licensed for US 5732138 A patent usage?

    --
    Change is certain; progress is not obligatory.
  42. Better R. seeds from Lava by Anonymous Coward · · Score: 0

    Silicon Graphics Inc (SGI) did this a long time ago.
    They hosted a site called LavaRand for a while.
    Basically, point a digital camera at a bunch of lava lamps, do a simple convolution and create, wait for it, a new and genuine random seed.
    The essential concept is to involve both an analog process with a digital one to get better seeds.
    This was created at an afternoon beer bash at SGI in the early 90's