In the lobby of Cloudflare’s global headquarters in San Francisco, there’s a wall packed with 100 lava lamps of various colors. These lamps are recorded with a camera and a live feed sent to the company’s server, so that lava-related data can be extracted from the image and used to generate packets of unpredictable bits. These unpredictable bits are then sent to Cloudflare servers around the world to help generate cryptographic keys, which ultimately encrypt data for around 10 percent of all web requests.
In other words, when you browse the internet, the security of the data you’re sending and receiving is, in part, provided by a wall of lava lamps.
“True randomness is difficult to achieve in computers because computers are designed to be predictable,” Nick Sullivan, head of cryptography at Cloudflare, told Digital Trends. “When a computer executes a program, it follows series of predetermined steps. To get truly random numbers, you have to involve the physical world. Most companies rely only on their computer’s operating system to provide randomness, which can sometimes lead to security issues like the recent ROCA vulnerability. It’s always best to mix in multiple sources of randomness.”
Sullivan said the idea for the lava lamp came about in the early days of Cloudflare in discussions between himself, CEO Matthew Prince, CTO John Graham-Cumming, and other early employees — all of whom wanted both to achieve high levels of security and also create some groovy functional art for their office design. “In true startup fashion, we iterated,” he continued. “We started with a single orange lava lamp in the kitchen of the old Cloudflare office, and when we moved to our global headquarters we built an entire wall of them into our lobby.”
News of Cloudflare’s unorthodox (but effective) approach to encryption was recently shared with the world in a video by YouTuber Tom Scott. “I make videos about science, technology, and interesting things in the world — and this was all three,” Scott told us. He’s certainly not wrong on that front!
- Cloudflare’s privacy-enhancing 188.8.131.52 DNS service comes to iOS and Android
- Encryption-busting law passed in Australia may have global privacy implications
- Quora hit by data breach affecting around 100 million users
- Computers will soon outsmart us. Does that make an A.I. rebellion inevitable?
- How to stay anonymous online