FIGHTING HACKERS... WITH LAVA LAMPS?

Megan Poljacik • December 19, 2024

In the headquarters of Cloudfare, a California based tech company, there is a most wonderous wall of mystery. Towering over the entrance, lies wall of around 100 brightly colored lava lamps. While they may be enticing to the eye, these lava lamps actually have a very important job in the security department. Cloudflare provides content delivery network services and DDoS mitigation, and they are known for using lava lamps in their offices as part of its encryption process. The concept is based on a method called "entropy source," which helps generate truly random numbers for encryption keys.


Entropy sources are used in cryptography to generate randomness for various security-related processes, such as encryption key generation and secure communication protocols. Entropy, in this context, refers to the unpredictability and randomness of data, which is crucial for ensuring security and preventing cryptographic attacks.




Developers can improve the strength of their cryptographic systems and minimize the risk of vulnerabilities related to predictable or weak key generation by including a diverse range of entropy sources. In computing, there are two types of entropy sources: hardware and software. Hardware entropy relies on sources such as voltage fluctuations or temperature changes. Software entropy uses sources such as keystrokes or network traffic patterns.


At Cloudflare, a wall of lava lamps are used as part of an array of other entropy sources (such as temperature and voltage fluctuations) to generate unpredictable and random data. A camera across the room picks up the footage of the lamps moving, which is then translated into an algorithm. This data is then utilized in generating cryptographic keys. The smallest change in light or movement will affect the numbers that are used for encryption. Since the wall is located in the building’s lobby, even a person standing in front of it, blocking the camera’s view, will produce changes in the algorithm. By incorporating these physical elements into the process, Cloudflare enhances the security and randomness of its encryption keys, making them more resilient against sophisticated attacks.


Computers are able to create randomness through code but it is inherently not random. In theory if a computer could create it, then a computer could learn the pattern and figure out the encryption key. This is especially true with machine learning and AI being so prevalent today. The movement and changes within the lava lamps produce randomness that is totally unpredictable. This unique approach enables the company to enhance the strength of its encryption mechanisms and bolster the security of its services. Over 10% of the world’s internet traffic flows through Cloudflare’s network so it is critical that they maintain an uncrackable algorithm.


Uncomplicate IT News Blog

WHAT HAPPENS WHEN THE CLOUD GOES DOWN?

By Megan Poljacik & Bryan Doherty November 24, 2025
The internet has had a series of bad days over the last few months. In October, Microsoft 365 briefly went sideways in North America after a network misconfiguration disrupted access to Teams and Exchange Online before service recovered the same day. A few weeks later, Microsoft Azure suffered an outage after a faulty configuration change was pushed to Azure Front Door Configuration, affecting Microsoft 365, Xbox, and other services worldwide. Around the same time Amazon crashed, stating that an AWS disruption stemmed from a DNS automation bug associated with DynamoDB. This is an automated system that directs internet traffic that made a timing mistake, and that small glitch quickly snowballed and knocked parts of the service offline. Most recently, Cloudflare, a service many websites use to load faster and block bad traffic, went down, leaving millions unable to access sites and services. It’s no surprise that many business owners are now asking whether the cloud is still a safe choice for their business. Short answer: yes. For most small and mid-size companies, the cloud is still the safest, most cost-effective place to run everyday tools. It delivers enterprise-grade security, constant patching, and built-in resilience that would be expensive to match on your own. But “safe” doesn’t mean “never fail.”

ESTABLISHING AN AI POLICY FRAMEWORK: BALANCING INNOVATION AND RISK

August 27, 2025
By Bryan Doherty

IMPACTFUL VIRUSES IN HISTORY: STUXNET

By Megan Poljacik July 31, 2025
In the early 2000s, tensions in the middle east were on the rise. Iran’s government had begun expanding its uranium enrichment capabilities, insisting it was for nuclear energy purposes. However many countries around the globe feared it was a coverup for a nuclear weapons program. Despite pressure from United Nations and the International Atomic Energy Agency, Iran continued to enrich uranium. Frustrations reached a fever pitch and it appeared a conflict was imminent, until a mysterious solution came from a completely unexpected source: the Stuxnet Computer Worm.