Edit: I found it for $36 elsewhere. :D

  • Apollo2323@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    24
    ·
    18 days ago

    I dont remember where but I recall that Cloudfare dont use computers to generate random numbers because its literally impossible. It is always mathematics so its predictable , hard yes but predictable. Instead Cloudfare uses lava lamps movements and calculate that , as it is very random. I will look for the article so don’t take my word for it.

    • piccolo [any]@hexbear.net
      cake
      link
      fedilink
      English
      arrow-up
      19
      ·
      18 days ago

      I think CloudFlare uses lava lamps because it’s a cool story, but there are ways you can get truly random bits from other things, like this. Generally, you want to have some sort of physical process going on that provides random entropy, because CPUs by themselves can only produce pseudorandom numbers. For example, random.org uses atmospheric noise, which is random and unpredictable when you look at very tiny variances. You can also use, e.g. a super sensitive Geiger counter to measure random bits of radiation, or if you shoot photons at a semi-reflective surface, sometimes they go through and sometimes they reflect. For the type shown here, though, the most common kind of noise they use is from quantum effects relating to transistors, as far as I know. This is an actual source of randomness, so if it’s done right it can be just as good as lava lamps or Geiger counters or whatever.

      • comrade_pibb [comrade/them]@hexbear.net
        link
        fedilink
        English
        arrow-up
        4
        ·
        18 days ago

        It’s probably similar to a noise generator in a synthesizer, you can push a transistor until it starts to breakup and get white noise from a relatively simple circuit

    • chickentendrils@lemmy.ml
      link
      fedilink
      English
      arrow-up
      13
      ·
      edit-2
      18 days ago

      The noise coming from an open microphone has enough entropy for what we’d usually assume to be random.

      It is possible to hit a bottleneck getting random numbers, but there’s /dev/urandom which shouldn’t block it’ll just keep outputting without enough entropy to guarantee pseudorandomness.

      Usually you’ll know if you’re hitting one of those bottlenecks, probably it’ll only come up in production or hopefully in load testing.

    • TankieTanuki [he/him]@hexbear.netOP
      link
      fedilink
      English
      arrow-up
      10
      ·
      edit-2
      18 days ago

      I heard that story too but it was about BackBlaze.

      Computers can get perfect randomness, but it has to come from an analog source. That’s what this thing does.

    • NaevaTheRat [she/her]@vegantheoryclub.org
      link
      fedilink
      English
      arrow-up
      5
      ·
      18 days ago

      cloudflare uses a wall of lavalamps because it’s a fun project that looks cool and gets free advertising.

      There are so many sources of noise, lavalamps are probably one of the most expensive in set up and running costs.

      It’s a pretty cool wall though, hence the free advertising.

  • Kairos@lemmy.today
    link
    fedilink
    English
    arrow-up
    18
    ·
    edit-2
    18 days ago

    I think a very recent Nobel prize in mathematics Turing award was awarded to someone who proved its impossible to differentiate between (edit: well-programmed) PRNG and TRNG. Mathematically at least.

  • chickentendrils@lemmy.ml
    link
    fedilink
    English
    arrow-up
    17
    ·
    edit-2
    18 days ago

    Yeah, not USB but in principle it’s the same whether it’s PCI or whatever. There’s no way to prove an RNG is truly random really just have to rely on validating subsets of its output look random. NIST has published recommendations for sampling RNGs.

    Here’s the title:

    A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications

    I don’t think there’s a real need unless it’s regulated to need some dedicated HW RNG.

    • TankieTanuki [he/him]@hexbear.netOP
      link
      fedilink
      English
      arrow-up
      5
      ·
      18 days ago

      Very precise answer, thank you.

      How about a simple test to make sure it didn’t break and start spitting out all zeroes. Read a few lines from /dev/random ?

      • piccolo [any]@hexbear.net
        cake
        link
        fedilink
        English
        arrow-up
        8
        ·
        18 days ago

        I might be wrong about this but my understanding is that on Linux you’d pipe the output of this in somewhere and tell the kernel to use it for entropy, and if it gets insufficient entropy it realizes this and starts producing random bits slower. So like normally the Linux kernel samples mouse movements for randomness, and so it makes more random bits the more you jiggle your mouse. These hardware RNGs are best used for headless servers that don’t have as reliable entropy at their disposal.

      • chickentendrils@lemmy.ml
        link
        fedilink
        English
        arrow-up
        4
        ·
        18 days ago

        Yeah as long as the setup for the device symlinked its device path to /dev/random or you did that yourself. Stuff I used had a Java SDK walter-breakdown

    • ReadFanon [any, any]@hexbear.net
      link
      fedilink
      English
      arrow-up
      21
      ·
      edit-2
      18 days ago

      My question us why are all those meteors constantly screaming and how come nobody has ever thought to investigate what’s going on with them?
      Are we just letting them suffer so we can generate random numbers out of it, like some sort of sacrifice to RNGesus?

  • smpl@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    3
    ·
    18 days ago

    Random? I must be the only one left who believes in a deterministic universe ruled by cause and effect… and lizard people - big big lizard people on Mars.

  • blobjim [he/him]@hexbear.net
    link
    fedilink
    English
    arrow-up
    2
    ·
    18 days ago

    No you’d have to trust the manufacturer. I wonder if there are any Chinese or other non-US companies that make that kind of thing.