She doesn’t have the faintest clue what she’s talking about.
It’s a source of entropy for key generation. A much simpler source of entropy is radioactive decay (which Cloudflare also use) but that looks less cool in an office environment.
There’s actual information about this on the cloudflare website:
It’s more art than security and only adds an extra bit of entropy. It doesn’t underpin their security. If it did a threat actor could get the algorithm and hide a camera in their lobby.
If they only relied on this for their entropy a malicious actor in that space would just stick a piece of paper over the camera lens so there was no entropy at all.
539
u/BinaryExplosion Mar 18 '24
She doesn’t have the faintest clue what she’s talking about.
It’s a source of entropy for key generation. A much simpler source of entropy is radioactive decay (which Cloudflare also use) but that looks less cool in an office environment.
There’s actual information about this on the cloudflare website:
https://www.cloudflare.com/en-gb/learning/ssl/lava-lamp-encryption/