How Cloudflare Uses Lava Lamps to Guard Against Hackers
Credit to Author: Ellen Airhart| Date: Sun, 29 Jul 2018 12:00:00 +0000
Edward Craven Walker lived to see his greatest invention, the lava lamp, make its late-’90s cultural comeback. But the British tinkerer (and famed nudist, incidentally) died before he could witness the 21st-century digital potential of his analog creation. Inside the San Francisco office of the web security company Cloudflare, 100 units of Craven Walker’s groovy hardware help protect wide swaths of the internet from infiltration.
Here’s how it works. Every time you log in to any website, you’re assigned a unique identification number. It should be random, because if hackers can predict the number, they’ll impersonate you. Computers, relying as they do on human-coded patterns, can’t generate true randomness—but nobody can predict the goopy mesmeric swirlings of oil, water, and wax. Cloudflare films the lamps 24/7 and uses the ever-changing arrangement of pixels to help create a superpowered cryptographic key. “Anything that the camera captures gets incorporated into the randomness,” says Nick Sullivan, the company’s head of cryptography, and that includes visitors milling about and light streaming through the windows. (Any change in heat subtly affects the undulations of those glistening globules.)
Sure, theoretically, bad guys could sneak their own camera into Cloudflare’s lobby to capture the same scene, but the company’s prepared for such trickery. It films the movements of a pendulum in its London office and records the measurements of a Geiger counter in Singapore to add more chaos to the equation. Crack that, Russians.
This article appears in the July issue. Subscribe now.