How these lava lamps are securing the internet


#1

Originally published at: https://boingboing.net/2017/11/07/how-these-lava-lamps-are-secur.html


#2

This was done 21 years ago at Silicon Graphics


#3

Or, if you wanted to be more secure and efficient, you could use the hardware entropy source present in many modern computers.


#4

Or a radioisotope random number generator.


#5

SGI’s prior art is referenced by CloudFlare who also mention that the patent had expired.


#6

They actually namedrop Lavarand in the video.

They also mention that one of their other offices does this, and a third office uses a camera pointed at a double pendulum.

As for being slightly silly, well - consider that adding (well, XORing) together multiple entropy sources will never make your entropy worse. If any one of their inputs is discovered to be predictable in a way that weakens the encryption, then mixing it with another decent entropy source will completely mitigate that. Now, I don’t actually think that the entropy sources in modern CPUs are fundamentally compromised, but this is both an extra level of safety, a neat PR feature, and arguably kind of decorative. (I assume there’s also some entropy from the on-CPU generator in the mix; they mention that they mix these generators into the entropy pool in Linux.)

As for the video, Tom Scott is a treasure.


#7

I used to have a lave lamp, it broke when I left it on (against the instructions in the manual) for longer then 8 (or so) hours. So how do they do this here? Do they turn it off on a timer?


#8

It would be way more efficient to heat these from the data center, maybe put fins on the lamps and have those protrude outside of the room.

This isn’t exactly apples to apples, but I have been thinking about the possible threat to cryptocurrency if the parties to environmental accords look at how bitcoin et al encourage carbon production, and take steps to “outlaw” them or at least forbid their governments and companies from cryptocurrency trade. This stuff’s pretty far outside of my sphere of knowledge, but I do wonder if there’s a sustainable, even “nature-based” way to accomplish the same thing? Or at least…can lava lamp crypto work for bitcoin?


#9

Even on fast computers doing nothing else it only produces 500mbits/second of randomness. This 1) isn’t enough for a site like this and 2) would be a pretty colossal waste of the CPU, since you can use that CPU and another entropy source to generate far more random data for far less cost, both initial and ongoing (electrical, maintenance, etc).

Further, the Intel hardware RNG is not as secure as desired for many random needs, and as such, if it’s used, it’s still combined with other sources to avoid possible exploits. Note that it’s a closed off piece of silicon, and once broken can’t be “fixed”, so even if it were currently believed to be secure and a good source of randomness, it’s not a good practice to allow security to rely on walled gardens and obscurity.

It appears several of them are off in the image, so I suspect they turn individual lamps on and off to prevent failure.


#10

“So, in order to keep their client’s protected” Too bad they don’t actually. Almost a quarter of the “click here to load malware on your system” spam crap I get uses what appear to be compromised sites (PHP scripts) hosted by Cloudflare.

I report them with full details but never even get an auto-ack.


#11

They protect their clients, and you aren’t the client I guess. :confused:


#12

Cloudflare does not host anything at all. They are essentially a reverse proxy service and CDN, that happens to provide DNS and TLS/SSL services. Blaming Cloudflare for the fact that a random site that utilizes their technology happens to be compromised is hugely unfair to Cloudflare, while fundamentally misunderstanding what their technology actually does.

[edit: typo]


#13

This topic was automatically closed after 5 days. New replies are no longer allowed.