Skip to main content
  1. Home
  2. Emerging Tech
  3. News

Sounds crazy, but this wall of lava lamps keeps you protected from hackers

By
The Lava Lamps That Help Keep The Internet Secure
Computers are supposed to be predictable. In 99.9 percent of cases, that’s exactly what we want from them. The exception to that rule? When we’re trying to get a computer to generate a truly random number, which is crucial for things like encryption. We’ve previously covered some innovative ways to solve this problem, ranging from quantum physics to carbon nanotubes — but Silicon Valley-based web performance and security company Cloudflare has a different and far more fun, solution: lava lamps.

In the lobby of Cloudflare’s global headquarters in San Francisco, there’s a wall packed with 100 lava lamps of various colors. These lamps are recorded with a camera and a live feed sent to the company’s server, so that lava-related data can be extracted from the image and used to generate packets of unpredictable bits. These unpredictable bits are then sent to Cloudflare servers around the world to help generate cryptographic keys, which ultimately encrypt data for around 10 percent of all web requests.

Recommended Videos

In other words, when you browse the internet, the security of the data you’re sending and receiving is, in part, provided by a wall of lava lamps.

Dani Grant
Dani Grant
Please enable Javascript to view this content

“True randomness is difficult to achieve in computers because computers are designed to be predictable,” Nick Sullivan, head of cryptography at Cloudflare, told Digital Trends. “When a computer executes a program, it follows series of predetermined steps. To get truly random numbers, you have to involve the physical world. Most companies rely only on their computer’s operating system to provide randomness, which can sometimes lead to security issues like the recent ROCA vulnerability. It’s always best to mix in multiple sources of randomness.”

Related

Sullivan said the idea for the lava lamp came about in the early days of Cloudflare in discussions between himself, CEO Matthew Prince, CTO John Graham-Cumming, and other early employees — all of whom wanted both to achieve high levels of security and also create some groovy functional art for their office design. “In true startup fashion, we iterated,” he continued. “We started with a single orange lava lamp in the kitchen of the old Cloudflare office, and when we moved to our global headquarters we built an entire wall of them into our lobby.”

News of Cloudflare’s unorthodox (but effective) approach to encryption was recently shared with the world in a video by YouTuber Tom Scott. “I make videos about science, technology, and interesting things in the world — and this was all three,” Scott told us. He’s certainly not wrong on that front!

Editors’ Recommendations

Topics
Luke Dormehl
Luke Dormehl
Former Digital Trends Contributor
I'm a UK-based tech writer covering Cool Tech at Digital Trends. I've also written for Fast Company, Wired, the Guardian…
You’ll never guess what hackers are using Microsoft Calculator for
A depiction of a hacker breaking into a system via the use of code.

Hackers have found an unusual and unconventional method to infect PCs with malware: distributing dangerous code with Windows Calculator.

The individuals behind the well-known QBot malware have managed to find a way to use the program to side-load malicious code on infected systems.

Read more
Update Google Chrome now to protect yourself from an urgent security bug
Google Chrome app on s8 screen.

Google posted a security update for its Chrome browser that fixes what's known as a zero-day bug. The problem affects Chrome on Windows, Mac, and Android. The flaw can lead to arbitrary code execution, a serious security vulnerability, so it's best to download and install the latest version immediately. Zero-day bugs mean that this is a known weakness and, in this case, Google said that the flaw is already being exploited by hackers.

Google did not post a detailed explanation of how the exploit works, but will do so when the majority of people have updated, making the danger of further attacks less severe. The most severe bug is identified as CVE-2022-2294 and the update also patches CVE-2022-2295 and CVE-2022-2296.

Read more
Microsoft Edge’s latest feature keeps you even more secure when browsing
Microsoft Edge browser on a computer screen.

The latest version of Microsoft Edge has a new hidden feature to keep you secure when browsing online. Known as "Super Duper Secure Mode," the feature improves the performance of websites and disables a browser engine commonly abused by hackers.

According to Microsoft, Super Duper Secure Mode works in two ways, balanced and strict. Balanced will learn what websites you use and trust them to use Just in Time Engine (JIT), which speeds up tasks in JavaScript. Strict, meanwhile, can break some websites, but will disable the Just in Time Engine for better security. Edge users can also add their own exceptions as they see fit.

Read more