Skip to main content

Sounds crazy, but this wall of lava lamps keeps you protected from hackers

The Lava Lamps That Help Keep The Internet Secure
Computers are supposed to be predictable. In 99.9 percent of cases, that’s exactly what we want from them. The exception to that rule? When we’re trying to get a computer to generate a truly random number, which is crucial for things like encryption. We’ve previously covered some innovative ways to solve this problem, ranging from quantum physics to carbon nanotubes — but Silicon Valley-based web performance and security company Cloudflare has a different and far more fun, solution: lava lamps.

In the lobby of Cloudflare’s global headquarters in San Francisco, there’s a wall packed with 100 lava lamps of various colors. These lamps are recorded with a camera and a live feed sent to the company’s server, so that lava-related data can be extracted from the image and used to generate packets of unpredictable bits. These unpredictable bits are then sent to Cloudflare servers around the world to help generate cryptographic keys, which ultimately encrypt data for around 10 percent of all web requests.

In other words, when you browse the internet, the security of the data you’re sending and receiving is, in part, provided by a wall of lava lamps.

Dani Grant
Dani Grant

“True randomness is difficult to achieve in computers because computers are designed to be predictable,” Nick Sullivan, head of cryptography at Cloudflare, told Digital Trends. “When a computer executes a program, it follows series of predetermined steps. To get truly random numbers, you have to involve the physical world. Most companies rely only on their computer’s operating system to provide randomness, which can sometimes lead to security issues like the recent ROCA vulnerability. It’s always best to mix in multiple sources of randomness.”

Sullivan said the idea for the lava lamp came about in the early days of Cloudflare in discussions between himself, CEO Matthew Prince, CTO John Graham-Cumming, and other early employees — all of whom wanted both to achieve high levels of security and also create some groovy functional art for their office design. “In true startup fashion, we iterated,” he continued. “We started with a single orange lava lamp in the kitchen of the old Cloudflare office, and when we moved to our global headquarters we built an entire wall of them into our lobby.”

News of Cloudflare’s unorthodox (but effective) approach to encryption was recently shared with the world in a video by YouTuber Tom Scott. “I make videos about science, technology, and interesting things in the world — and this was all three,” Scott told us. He’s certainly not wrong on that front!

Editors' Recommendations

Luke Dormehl
I'm a UK-based tech writer covering Cool Tech at Digital Trends. I've also written for Fast Company, Wired, the Guardian…
Microsoft Edge’s latest feature keeps you even more secure when browsing
microsoft edge chromium to roll out automatically soon chrome

The latest version of Microsoft Edge has a new hidden feature to keep you secure when browsing online. Known as "Super Duper Secure Mode," the feature improves the performance of websites and disables a browser engine commonly abused by hackers.

According to Microsoft, Super Duper Secure Mode works in two ways, balanced and strict. Balanced will learn what websites you use and trust them to use Just in Time Engine (JIT), which speeds up tasks in JavaScript. Strict, meanwhile, can break some websites, but will disable the Just in Time Engine for better security. Edge users can also add their own exceptions as they see fit.

Read more
Update Google Chrome now to protect yourself from these severe vulnerabilities
A MacBook with Google Chrome loaded.

You might want to update Google Chrome as soon as you can, as Google has discovered some severe vulnerabilities in the web browser.

Google just issued a total of nine security fixes, covering all desktop versions of Chrome on all operating systems, with Chrome version 92.0.4515.159. The fixes were contributed by activists and external researchers.

Read more
Microsoft Teams will now protect you against phishing attacks
A close-up of someone using Microsoft Teams on a laptop for a videoconference.

One of the dangers of the internet involves clicking links. Even if it appears to be from a trusted source, you never know where a URL might take you once you visit it. That's why Microsoft is now rolling out phishing protections in Microsoft Teams, so you can worry less about hackers stealing your sensitive information with look-alike links and web pages.

With remote and hybrid work models seeing an increase and Teams use booming over the last year, Microsoft says this latest Teams feature is all about ensuring Teams is "the most secure real-time collaboration platform." Officially known as Safe Links, the new Teams feature is powered by Microsoft Defender for Office 365. Under the hood, it works by scanning a URL once it is clicked in Teams to make sure it is legitimate and trusted.

Read more