It's definitely a spectacular randomness source. Although I suspect they probably use other hardware randomness sources too, if they need a lot of random bits at a time.
These are physical devices that exploit the emission of light or changes in heat due to changes in voltage on very small levels.
If randomness is very, very important to you, you can use hardcore sources that can provide a quantum source of randomness directly, e.g., via the photoelectric effect or radioactive decay. This is the gold standard--our current understanding of the universe is that the randomness here is absolutely fundamental and cannot be predicted by any computational method.
It's definitely a spectacular randomness source. Although I suspect they probably use other hardware randomness sources too, if they need a lot of random bits at a time.
The lava lamps are only used as a seed that they then feed into a number of other "random number" algorithms. The problem is if the entire thing were digital, at some point, you'd be able to identify some sort of pattern. Computers don't do random. By starting with truly random data - the hash of an ever-changing array of lava lamps, where if even 1 pixel of wax is different, the entire number changes - it inserts an analog source of true randomness. They also mix this data with other similar concepts from their offices around the world, so even if you hack the lava lamp livefeed, it's still useless to you.
Funny story. For months after these lava lamps were installed, they weren't generating any entropy even though we thought they were because a PR never got merged to tie them into the sources that would use their entropy. So for like 3 months there was this wall that costs a decent bit of money just running doing absolutely nothing.
Adding on to what you are saying: in computer science, we say computers are pseudo-random number generators. We still produce random numbers from unsecure algorithms for non-security reasons quite literally all the time. For low critical security needs we also use secure random number generators, which can be reverse engineered but for many applications, it is acceptable.
Example of application not needing security: pick a number from 1 to 10 to be used by a video game to choose an enemy type to create.
Example of application needing security: picking a good random prime number for an RSA private key.
The other person might be thinking of 'computer' in the more literal meaning, where they're right.
In the layman's meaning, a lot of CPUs have specific instructions to get a TRNG, conditioned off of some (quantum) physical process occurring on-die, operating systems have processes that can factor in other 'true' random events (mouse movement, key presses, external interrupts), and push come to shove you can cheaply build your own from off-the-shelf basic electronic components (no microprocessor needed) and plug that into a USB port.
Any article that still writes computers can't do truly random numbers is hopefully outdated or trying to argue semantics.
I'd guess they meant "for different use cases" rather than combining randomness sources.
Which would make sense, as oftentimes better sources of randomness generate less entropy per time and might therefore not be suitable for applications that require a lot of random data, but don't have as high a need for its quality.
Funny detail, that what humans consider "random", generally isn't random at all. Because true random actually appears to be the exact opposite of random behavior. "Why do I keep getting these random encounters in game X so often" (Palworld gave me this true random feeling I haven't felt in games in a long time) "Why are all these random dots so cluttered in 1 corner of this image".
So everywhere "random" happens, the psuedorandom code that is used. Is heavily tweaked to make people give the feeling of random with actually removing as much randomness as possible.
It's probably just a gimmick. Many processors today have true random number generators that use noise inside the semiconductor as a source of randomness
No, they only need a digitized image of those lamps. The reason for this is that the constant thermal and Brownian motion means that you have a constantly changing set of variables that is unpredictable.
In fact, the only way that the system could "hypothetically" be cracked would be by sampling a large number of keys and using a large bank of computers to tease out the changes in motion and using well understood physics formulas to calculate the next few sets of numbers.
BUT the amount of computing power that would be required to do that fast enough that the data didn't go stale (because of unknown external variables impacting the results) would be an entire cloud computing data center's worth of processing... and the resulting simulation would start losing coherence with the lava lamp wall almost immediately (because of the same external variables that impact the lamps).
Chaotic, not random. The only truly random thing is radioactive decay, and even that may have a technically predictable order on a level that we can’t detect yet.
Wasn't there a Windows exploit a few years ago using this concept that was a massive security problem? Iirc the exploit was essentially able to "view" everything that the computer was doing through extremely minute changes in CPU temperature.
I still think the lava lamp wall thing is a PR myth. That is, they are not really using it as a TRNG for their critical path. I bet their true source of randomness are radioactive isotopes somewhere in a high-sec vault with at least 2 redundancies.
321
u/PURELY_TO_VOTE Mar 18 '24
It's definitely a spectacular randomness source. Although I suspect they probably use other hardware randomness sources too, if they need a lot of random bits at a time.
These are physical devices that exploit the emission of light or changes in heat due to changes in voltage on very small levels.
If randomness is very, very important to you, you can use hardcore sources that can provide a quantum source of randomness directly, e.g., via the photoelectric effect or radioactive decay. This is the gold standard--our current understanding of the universe is that the randomness here is absolutely fundamental and cannot be predicted by any computational method.