Recently, it was revealed by a somewhat mysterious tweet from CloudFlare – the content delivery and web services giant – that they have a very strange way of protecting our data in the cloud.
Now CloudFlare isn’t exactly a household name, but they’re responsible for delivering content through a vast network of servers, enabling us to serve websites quicker and more efficiently.
They cite that approximately 10% of the billions of internet requests pass through their infrastructure so they definitely offer ‘mission critical’ services.
Why CloudFlare Matters
Traditionally, a website would be served to all of its visitors from one or a small cluster of servers somewhere in the world. A Content Delivery Network (or CDN for short) distributes a website across the world on many different servers.
For example, if someone in the UK goes to a website that was created and is maintained in the US, the person in the UK can be served the website from a server closer to them so it’s quicker to load. Not only does it help improve website loading, it also means that the website is more resilient against DDoS attacks (Distributed Denial of Service).
A DDoS attack is where lots of people make thousands or millions of requests to one server in a short amount of time which would ultimately take the server down as it can’t handle the demand. There have been several high profile examples of this in the media in recent months.
Now, on top of all of that, there are security considerations when dealing with so much data. The most obvious course of action is to encrypt the requests made between the user and the server. This is part of how websites can be securely served over HTTPS (the green padlock in your browser address bar).
When CloudFlare were faced with this problem, they dealt with it in an innovative and brilliant way.
Random Security
So, what is the problem and how did they deal with it?
In order to encrypt requests, you’ll need to create a hash. To put it simply, hashes are strings of random numbers and letters which hide the data. You could create a hash yourself by thinking of say ten random characters – but that’s not very secure!
On the other hand, you could get a computer to do it but even then, computers are not built to be random. Computers are built to do what they’re told which means while random number programs can be effective, they’re not one hundred percent fool proof.
To remedy this, CloudFlare were inspired by engineers from Sun Microsystems – the company behind the programming language Java – who determined that lava lamps were a useful tool for generating randomness, due to how difficult it is to model how fluid moves within them.
CloudFlare took this idea and ran with it. In the reception area of their San Francisco offices, there is a wall with one hundred lava lamps in an array of colours. A camera periodically takes a photo of the wall. The pixels of the image are then converted into a hash of random characters, which is then used to encrypt requests for people using their service.
Entropy, in laymans terms translates to:
lack of order or predictability; gradual decline into disorder
What makes this even more effective is the fact that the wall is placed in the reception area where people may walk in front of the camera from time to time, allowing even more variation to the colour and shapes captured. This makes the hash that is generated completely random and unique. The idea of having your visitors in the office aid your security efforts is very clever and also really fun.
An Innovative Approach to a Well Known Problem
No one needs to tell you the importance of keeping data safe and secure on the web, it’s a fundamental problem that people need to solve each day. Aside from the security aspect though, the Wall of Entropy is a fantastic display of engineering and uniqueness which shows the dedication CloudFlare has taken to keeping your information safe.
Besides, what is cooler than seeing a wall full of different coloured lava lamps, each one slowly shifting in shape and colour? A display of curiosity and intrigue which, unbeknownst to many, is performing crucial behind the scenes functions that many may take for granted.
It will be interesting to see over the next few years how many more companies will turn to wacky and fun ways of securing data online and how things will evolve. Whilst this is just one public example of great security measures being taken, there’s no telling what other things companies have employed to solve similar problems.
What do you think to this unique approach taken by CloudFlare? Has it inspired you to do something different to the norm at your company and if so, what is it? Let us know your thoughts on ‘the wall’ and if you have your own solution!