dermot
Member of DD Central
Posts: 863 
Likes: 517
|
Post by dermot on Jan 1, 2018 17:10:55 GMT
Ratesetter and several other P2P platforms use Cloudflare cybersecurity. I'm on a number of internet security mailing lists, and this rather amusing article caught my eye detailing how Cloudflare can generate random numbers without using algorithms that might possibly be reverse engineered. www.atlasobscura.com/places/encryption-lava-lamps |
|
michaelc
Member of DD Central
Say No To T.D.S.
Posts: 5,710
Likes: 2,985
|
Post by michaelc on Jan 1, 2018 22:47:31 GMT
It is intuitive to understand it can't be difficult to produce an algorithm that generates a sequence of unpredictable values based on these lava lamp inputs. However, how can they be sure that each value in the sequence has equal chance of being produced?
|
|
|
|
Post by p2player on Jan 5, 2018 8:30:31 GMT
Don’t know what’s sort of security mailing lists you frequent, but someone is pulling your leg (infact both legs, both arms and any other protruding parts) convincing you that anyone, let alone Cloudflare uses lava lamps in this day and age !
edit to add:
have be just done a quick internet search, and I see someone mentions it when visiting their office.
i suspect the reality is just that, it’s a nice art piece for the office wall, and they can spin a great security story behind it. Nice bit of PR.
|
|
dermot
Member of DD Central
Posts: 863
Likes: 517
|
Post by dermot on Jan 16, 2018 10:58:58 GMT
Don’t know what’s sort of security mailing lists you frequent, but someone is pulling your leg (infact both legs, both arms and any other protruding parts) convincing you that anyone, let alone Cloudflare uses lava lamps in this day and age ! edit to add: have be just done a quick internet search, and I see someone mentions it when visiting their office. i suspect the reality is just that, it’s a nice art piece for the office wall, and they can spin a great security story behind it. Nice bit of PR. I'd given it a reasonable amount of credence since it is on Cloudflare's own blog. I suppose one of the larger cyber security outfits in the world could be intentionally lying, a rather odd marketing strategy if so. blog.cloudflare.com/lavarand-in-production-the-nitty-gritty-technical-details/
|
|
|
|
Post by isecguy on Jan 16, 2018 21:00:21 GMT
Don’t know what’s sort of security mailing lists you frequent, but someone is pulling your leg (infact both legs, both arms and any other protruding parts) convincing you that anyone, let alone Cloudflare uses lava lamps in this day and age ! I have no reason to suspect that this is a "fake news" story... although the methods employed in other CloudFlare offices (namely a double-pendulum and radioactive decay) are far more energy efficient! - using lava lamps to generate random data, whilst plausible, is a tremendous waste of energy!
|
|
|
|
Post by jmk on Jan 22, 2018 10:34:00 GMT
Apparently it's not just the lava lamps themselves, but they have a high resolution camera taking a photo of the entire wall, so the randomness is increased by other factors, such as time of day, people walking by, etc.
I think they have other methods as well, and the lava lamps just contribute to the overall entropy, so it wouldn't really matter if they were all turned off.
|
|
