This is epicenter episode 264 with guest mix Sullivan. This episode of epicenter is brought to you by Microsoft Azure configure and deploy a Consortium blockchain Network in just a few clicks with pre-built configurations and enterprise-grade infrastructure, spend less time on blockchain scaffolding and more time building your application to learn more visit aka.ms/offweb Ascender. Hi welcome to Enter, my name is Sebastien Boucher and my name is Santiago. Hey Sonny.
How's it going going? Well, how are you pretty good. It's been a while since we've done this the guy. Yeah, definitely. I think I think it made most last one but you said you've done some great episodes as I congratulations on the coral episode. It was terrific. I thank you. I listened to it twice. That's a good one.
Yeah, yeah. So today we're speaking with mix all oven and make Sullivan is the head of Cryptography at cloudflare and cloudflare is not, you know one of your typical companies that we usually cover on the podcast. It's more of a traditional internet company but they're doing some like really, really interesting stuff with cryptography that I really wasn't quite aware of before recording this podcast. Yeah.
And they're like you a lot too. Like especially like help bring like a lot of like the centralization Technologies like tour and ITF bass and whatnot. To like sort of the masses. Like, you know, a lot of like watching companies are like, you know, building really cool Tech but like it's really hard to get this stuff into the hands of like everyday users and you know, Cloud fair is literally like making this a lot of the stuff a lot more accessible. Yeah, absolutely.
I mean I think just the fact that a company like cloudflare is is writing the blog posts quite like long and detailed blog post about what is ipfs and how they're using it. And you know, these posts are read by him, probably, tens of thousands of people outside of the crypto. Space is just great for the ecosystem, I think. And yeah, make Nick was a great, great hope, great guests.
Very articulate. And I mean, I really am a huge fan of, like, Always been a huge fan of like decentralization projects that aren't necessarily like blockchain focus. And so Cloud for has been working a lot with tour and ipfs or like you know really excited me. Yeah. So hope you enjoyed this episode with Nick and that we do have a couple of announcements so I think in the last episode I was on, I mentioned the be at the hopper Ledger global forum. It is from the 12th to the 15th.
I'll be there on the 12th and the 13th and I have the discount. Code now. And so if you're interested in attending it is in Basel. Switzerland, Brian's Hometown and mayor's old city where he used to live. I've never been there so. Yeah, I'm excited at, there's a discount for 15%. It is hgf 18 Muse. So hgf 18 Muse, you can go to the events page. If you do, if you search for hydrologic global forum, you'll find it and if you can't
remember this, Scout code. We tweeted it a few days ago so you can see it. It was tweeted on on the 23rd of November. So you can always go back to our Twitter feed and see it. So hopefully, if you're there, come say hi. We got to say, see you and Sonny you mentioned, you re also attending some events. Yeah. So next month, December 11th. There's a company called Dora hacks which has hosted a bunch
of like really. Cool blockchain hackathons throughout the world in China and Berlin and Toronto. And so they're actually holding their first event here in SF on December 11th. It's completely free to anyone to attend. I'll be speaking and mentoring at this event. So if you want to come back with me on some cool stuff, definitely check it out free and it just look it up. On Eventbrite Dora hacks, SF. I got a question for you. I've never attended a hackathon.
Hmm. What would you, what would you suggest? Like for some I mean I'm particularly I know how to code. I don't code like every day anymore but you know, at some point in my life, I was like a front end developer and I have some experience with stuff like node, my smart contract development skills or near zero. But you know, practically speak a, you know, if I'm interested in like learning how to do, things is a hackathon, a good
place to stay. To sort of like just, you know, jump in both feet first or is that not recommended for someone like me? I would say that there's usually often, like two classes of people who attend hackathons, just people who are there to, like, you know, go win. Like, they want to build a cool project and end up with something at the end of the, at the end of the weekend and like actually, like, or there's often people who are there just to
like, learn something. And, you know, I I've worn both hats throughout my hackathon career, if you will And so, you know some so sometimes I know I go in with a project, I really want to build and I'm like, I want to get this done in this weekend and so I'll do that. But then there's some times where it's like, you know, I just want to like learn a new
piece of technology. And so I just like try to choose like a very, very simple product project and that's like, and honestly like when you were at hackathons like when your experiment with a new technology, like anyone who's done this before, you know that like half a Time, get goes into just, like, installing the software which is, you know, not
not not fun. But yeah, definitely like, you know, look at checkout like tutorials and like, you know, I would say, I would say they spend a lot of the hackathon instead of like building the product. First, spend like half the first half almost like going through tutorials and then the second half, if you're feeling comfortable, then struck start to like try to work on a project directly. Yeah, right.
Okay. So and maybe like a good exercise to it's like properly, take some time and go do some tutorials around people that can prepare Each Mentor, you and this sort of thing, so a good opportunity to learn. If you're not going to build like a proper project. And one of the hackathons is often a lot of mentors there, and I think that's honestly, sometimes one of like the most underused, like amenities that hackathons offers.
So definitely talk to the mentors and then also, you know, especially when I'm doing one of like the more learning style, I really like to not show up with a team and I really like to like get to the hackathon and like, find new people there to work with it just makes it a much more A fun experience in my opinion. Cool, thanks. Thanks for the tips. I think. I'll, maybe I'll look out for some hackathons to attend.
Then sure. All right, so without further Ado, here's your snake solvent of cloudflare. Hi. So we're here today with Nick Sullivan. Who's had a cryptography at cloudflare. Make thanks for joining us today. Absolutely thanks for having me. Yeah, we're really excited about the show when I found out that the cloudflare was sort of dabbling with ipfs.
It led me to like do a bit more research about what you guys are doing in the area of Photography and it turns out that you guys are doing a lot of really, really cool. Interesting stuff. And I'm always really fascinated when like companies and the more traditional web space and sort of intersect with like companies that were more familiar with in the Block Chain space and projects and companies like in
the sense of ipfs. So that's why I was really, really happy to have you on. So let's maybe start off by talking a bit about your background and how you got involved in cryptography and how you landed it as ahead of cryptography at Koffler sure. Well, I have always been interested in math and Mathematics and Solving problems and puzzles and cryptography in general.
So, when I went to school in Canada University of Waterloo, I did a pure math degree, and was really kind of enthralled by the abstract notion of, you know, taking understanding the, the mathematical World understanding, how objects fit together. How prime numbers worked, how you could, you could take something like as simple as you. No, two and three and five and seven. And you have the sort of infinite number of interesting problems and challenges to go through to discover this.
And after I did a master's degree in cryptography, I got into the computer security world and worked for a little bit at Symantec. I wrote some documents basically on the Internet Internet Security, in general, they have this thing called the internet security threat report, that kind of help analyze what's going on online online.
My kind of two passions were the internet and understanding you know what people are doing in this really kind of amazing interconnected Network that we all enjoy as the internet and and cryptography which is this, the science of secret information and so after after leaving somatic, I joined Apple where I worked on a lot of some sort of secret cryptography related efforts for about six years or so.
And And eventually I learned about this company called cloudflare, which was a very young startup at the time, but was doing some really interesting things. For example, they had withstood what was at the time, the largest distributed denial-of-service in history. And so a lot of what Club there was doing, was really interesting to me, because they were offering a free service to help accelerate the web as well as protect it from threats.
And they're kind of, kind of at the center of everything that was going on all online. So when I joined cryptography, I was the first kind of security engineering focused person at the company. And I've been here for about five and a half years. Growing the team that the company has grown tremendously since then. We're now, you know, a big startup if you will still private company. But so I started the
cryptography team. I cloudflare in order to use this really interesting tool which is cryptography, encryption hash functions. All this sort of really cool math science that that lets you protect information online as well as provide properties like integrity and non-repudiation. And I started building a team to help take cryptography and apply it to some of the bigger problems that cloud service facing and to basically spearhead a new research in this area. And so this is what I've been
doing ever since. So when you are in college studying or university as us Canadians say and studying geography in Waterloo and in your, you know, you know, getting into the your career did you have any idea that I cryptography would become such an important thing like today? I mean, just just if you think a block chains It's such a central place after Central role in the functioning of that technology. And also just generally the web. Did you think that this was
something that would become? So massively, important for the world? Well, it's very hard to hard to see what happened, right? It's hard to predict what happened. Like, for example, my thesis was on elliptic curve cryptography which at the time was barely. Barely ever used for anything in production, it was sort of you could you could use SSL for your Website, right?
You had you'd have encryption for your website, but everything that people were using was based on diffie-hellman and RSA, which were the two standard algorithms developed in the 70s, and elliptic curves, were this kind of new thing. And now, this is actually the fundamental glue that holds together Bitcoin as well as the theory.
I'm and, you know, and it's also the the most fundamental cryptography for protecting information online, when you're browsing the internet, so it was very hard to see See at the time that you know this interest of mine would become one of the one of the key Technologies to enable technology in the 21st century. Could you like, give us a little bit of a brief Lowdown on like what cloudflare is overall? You know, it's like talking to a traditional boxing companies to
some of our listeners. I'm sure I'd like heard of cloudflare but maybe don't know. Quite exactly what they do and, you know, it relatively young company actually write, like I think only nine years and like, somehow it's grown to become this. Like almost like centerpiece, like, very integral part of the entire, like, web infrastructure. So could you tell us a little bit about what? The different kind of things Cloud for is working on and what not sure.
Yes. Well, claw Muffler is a Internet Security and performance company. The mission of cloudflare is to help build a better internet and that's really what we're trying to do is folks who operate websites and who operate web services and who offer services online. Whether you're sort of a smart, the smallest sort of individual, hosting your own blog to a very large corporation. Large Enterprise that has massive, massive sets of customers.
And, you know, very, very high requirements will Koffler does is just help make your site or your your property faster, more secure, more available and to give you insights. So, the way that clefts are does, this is using I guess the two main traditional protocols on the internet, HTTP or https, the encrypted version and DNS. So clubs are has data centers distributed all around the world over 150.
I don't have the exact number now but in basically every continent except for Antarctica. And so the way it works is if you sign up for cloudflare rather than visitors to your site going directly to your site, which could have to travel across the entire world, which do to speed of light considerations can actually, you know, slow things down, you connect to the nearest cobbler, Kitchen. And if we have, if you have sort of static content on your site, we can serve it directly from there.
So we can also apply rules, so rules to protect against different types of attacks. So, if you think of people doing SQL injections, or cross-site scripting attacks, or all these sort of web security things by being able to inspect the traffic, we can block these attacks and the part that's
closer to my responsibilities. Is that we also So can provide encryption so in the early days of the web and and some of the more challenging things that have web administrator has to do, is set up encryption and encryption security for your
website. So, to move from HTTP to https, you have to buy a certificate or get a certificate issued and you know, manage the configuration and do these sort of things that are better little tricky and cloudflare makes that kind of dead simple and handles it on your behalf so clever.
Service has grown tremendously and one of the reasons for that is that we offer a free service, so there's over 11 million domains or so that use cloud floats free service, which is probably why, so many people have heard it. And so, yeah, you can sign up for cloudflare and get, you know, denial-of-service protection. So if someone's trying to knock you off, the internet, will sit in front, right? And we can see the bad traffic and we can kind of keep you online while other people are
trying to eat. To take you off. And so it's, it's great because having all of these different customers gives us some visibility into what's really happening on the internet. And we take what we see from the general General set of customers. And and if you see an attack against One customer, you can use it to protect other people. So it's a, it's a real, it's a real center of the internet, kind of thing, where it things go through us and we learn about it, and we helped make the
internet better. And we're not only involved in just providing this service, we're all. So we really care about making the internet scale going forward and to make the making the internet better. So we're involved in standards for example, TLS 1.3, which is the recent encryption standard for for websites. We were closely involved with that and and my team we do a lot of research on the cryptography side to see what new Ways we
can, we can change things. So that in the future, using the internet is safer, more secure faster than it is today and are using your own dark fiber between data centers. Now, we use the, we use the internet, which is why we rely on strong encryption so much. So every one of clubs there's
data centers, is independent. And I guess you could say technically decentralized, although administratively centralized and And we communicate over the Internet over different interconnections with different networks. So Koffler is actually the most connected Network on the internet. We have more peering sessions with other networks than than anybody else online. Yes, I we use cloud Fair on our website and we use the the paid service. And I also use it on some other
websites like the free service. And I kind of see cloudflare, as this, like, nice blanket of security, but the also provides like a bunch of optimizations like it, serves your CSS and JavaScript super fast in your HTML. And, and it has these like, built-in, you know, like this built-in fortress-like that you can call upon it will, if you're, if you're being attacked that, you know, sort of like coming, I'm into action. If certain rules are being are
being triggered. So yeah, it's a really great service in like, no wonder that a lot of people are using it and it does show up at the in a lot of places on the internet and you very often see cloudflare landing pages and like capture landing pages quite a bit of mine. So we'll come back to the capture thing.
But later when in September you and some colleagues of yours wrote a series of blog posts and we'll link to these in the show notes and I strongly encourage I remember listening to this to check out these blog posts because the really terrific. So it's called crypto week. So welcome to prefer week in which you described. So all the different things that classifiers doing with crypto, would like to sort of innovative
stuff. I so like with ipfs with the rest of tour, like DNS SEC and reading this blog post, I was like these are great primers for anybody that's really looking to understand fundamentally how this stuff works like. How does it DNA like how does your HTTP requests? Function. Like, when you call a website, Like what, who are the different parties at play here, where the trust points, you know, where the vulnerabilities and how is
cloudflare doing it better? So, I thought these these posters really terrific but in this post, you mentioned through the trust relationships that one has to engage in when using the internet. So whether that's like visiting a website or, you know, chatting online or is like using social media, what are your thoughts about how we trust the internet
sort of a broad scale? Do you think most people have a good understanding of where the trust points are on the internet and if and if not how can how can companies like Cloud fire? Like help, make that better. Yeah. So I would say in general people don't understand the trust relationships online you enter in a website and you go to that website and it comes to you you enter in host name or URL and it goes to you click on a link or open an app and you just get
content. But there's a lot of interesting things that go on behind the scenes and a lot of these have to do with trust and trusting. And actually Lee the implicit trust that is built into the technology that you're using to browse the internet to, to show you what you expect. And to make sure that what you're getting is something that you're intending to get. And so there are a lot of parties that are involved in this, and some of the very
obvious ones are registrar's. So a registrar's a company that you use to buy a Name. And so if you if you if you buy google.com or mysite.com then you have a registrar and you kind of work with this registrar to to make sure that your website is advertised and your web registers connected to a DNS provider. And so when you type in cloudflare.com into your browser behind the scenes, you have to know what IP address is cloud. For.com is on.
So there's this entire Our system called DNS which is a name system which which is managed by a lot of different entities around. It's sort of one of the first decentralized systems or I guess hierarchical systems out there. So you have to look at where who.com is and then.com tells you who example.com minutes and then you talk to example.com and then it'll tell you what IP address, you actually use to
connect to two example.com. So from just a Just the names, two numbers perspective, the internet is based on IP addresses. Your numbers DNS is kind of the phone book that goes from your name to a number of other pieces that you have to have to trust involved when you're doing
encrypted connections. So if you're going to an HTTP version of a site that site has a cryptographic key, and at this is embedded into a certificate and so, they present you A certificate and you do the sort of handshake and then you have a secure Channel. And so, one of the things that your browser has to do is know how to trust, which certificates, correspond to which websites and this is a another system, another sort of system of different
organizations that make up something called the public key infrastructure. And so your browser, trusts a bunch of certificate authorities, who are the only ones that are allowed to Mint, certificates for different host names. And so the system has been around since the 90s and there's been some problems with it over time certificate authorities have been compromised and that's put a lot of people at risk certificates.
Themselves need to have an expiration period or else you know certificates from the 1990s using old cryptography that's been broken would still be valid. So there's there's a lot of challenges with with trusting this and and and we don't even need anything. To this even more. But but even at the lower layers of the internet IP addresses, the internet is set of, you know, hundreds of thousands of interconnected networks that
have to actually exchange data. So when you, when you're one network and you say, hey this IP address to dot-to-dot 2.2 or 1234 belongs to me then. Well, you need to be Authority, you need to actually, you know, trust that when someone says yeah, you know, send that traffic to me that it actually belongs to you. So there's there's multiple different layers and and the intro blog post, really goes
into this in-depth. And so, as a general user, all of this is happening behind the scenes and and you really have to trust it. There's you know, there's the very minimal thing that you have in browsers which is that padlock Which doesn't apply some things.
It implies that you know the certificate is that you're getting is valid for the site and this is the site that you that you're trying to go to. But there's a lot of threats out there and there's a lot of ways that people try to manipulate this and hijack this and you know, steal people's traffic but generally this is not a well understood Thing by the public.
So companies like cloudflare are investing in various technologies that, you know, helps hopefully this for folks like help make it so that if we are connecting with other entities around around the internet that we can trust them and we have to agree on protocols to do this and Define these protocols and Implement them and get everyone to kind of agree on standards and so that's that's one of the one of the interesting organizational challenges and Inter
organizational challenges that we have to deal with right now but luckily For our security. And for people's privacy online is that there are a lot of organizations who do care about this into, you know, are impacted when malicious things happen. So companies like cloudflare and others are working to help improve the situation.
If you've listened to previous episodes with Marley gray and Matt koerner, you know, that Microsoft is committed to providing enterprise-grade tools and infrastructure for blockchain developers. Well, the Azure blockchain workbench is perfect for organizations building, Consortium networks, take the etherium proof of authority template, for example, it's ideal for permission that works for consensus, participants are known and reputable.
Etherium on Azure has on chain Network governance, that leverages parodies extensible, proof of authority. Client, each Consortium member has the power to govern the network or delegate their consensus. Disciplines to a trusted operator and parodies.
Webassembly support allows developers to write smart contracts and familiar languages like C C++ and rust as your blockchain workbench was created on the same principles that drive all Production Services in Azure, so, you know, you're relying on secure redundant infrastructure, that can scale and we built in services. Like authenticating apis off chain databases and secure Key Management Services.
You can scaffold your infrastructure in just a few hours to learn more about Azure blockchain workbench and how Microsoft is Dancing. Blockchain usability, and Enterprise, check out, aka.ms/offweb the center and start building today. We'd like to thank Microsoft Azure for their support of epicenter. A lot of these authorities that you mentioned like, you know, for example, the certificate authorities or, you know, you mentioned, DNS is like, a hierarchical system.
Where do these, where do these authorities come from? Like, sort of, who decided them and like, you know, was it just happened to be like all the companies were around. Like, back in the 80s, like they just happen to, like be grandfathered in. How does that process work? Well yeah, the internet has evolved over the years, in
various different ways. And you know, originally we can go into like the origins of the internet as a DARPA project and and the the switch to TCP IP in the 80s and the the evolution of the DNS, but it's really sort of happened organically over time and then some organizational body. He's have been put in place to help guide this. And so for example internet protocols there's a volunteer group called the internet engineering task force ietf.
So if you've heard about rfcs when people say oh RFC, whatever whatever this is a certain protocol, like DNS is, is a set of rfc's. That's what the ietf does. There's I Anna, which is an organization that is associated with, with managing names and numbers and They have lots of processes around that. There's I can there's a there's the set of regional Registries. So there's a, the entire IP
space. North America has a group called Aaron and they distribute up the IPS to different organizations
by different bids. So these these are often organizations that are a mix of profit nonprofit but generally have a mandate to be good stewards for the Annette and to make sure that this is this technology that we all rely on to something that is available for everyone in the world, that enables kind of equal access and that, you know, continues to to grow in terms of having both commercial and non-commercial
uses. So one thing I find interesting is often when people are talking about like cryptography / blockchain things there seems to often be like three somewhat independent goals that often get like correlated together. But I think actually should often be thought of as somewhat independent and I think the three here, what I see is like privacy security and like decentralization and the third one decentralization is just like very vague kind of concept that came up in the last few years.
Along with the Block Chain space. And so, you know, the reading through your blocked through your blog, post are the welcome to crypto week. You talked about like, you know, a lot of the stuff about like they're mutability that ipfs. Provide was kind of goes along with security. You talked about the Privacy that tour provides but not too much to talk about like
decentralization. And so, you know, whether it be a fair characteristic to say that, like, when you guys are approaching this like cryptography on the internet, you guys are really much more folk. They almost like you're willing to accept.
Kept this like these like authorities and centralization that exist on the internet but are trying to focus primarily on improving and almost you know, like kind of becoming one of the central authorities on the internet but really trying to focus on pushing the security and privacy side of things but that be like a fair characterization.
Well I would say that cloudflare is trying to serve its customers and Club. Fleurs customers are not only websites and web services that use cloudflare but you think of users of the internet as a whole and if the internet becomes more functional and if people are happier online and are more likely to to do business online, then then it leads to the growth
of the entire industry. So security is one of the one of the very, very, very most important things for the company is if you get Where somebody steals data from your website or someone tries to mess around with your users. This is going to impact trust, and it's going to impact the bottom line for bunch of businesses and and same with privacy. If you think of how people are really waking up to privacy online and you know what you
share. And what the motivations of organizations that are based on monetizing individuals, actions online have done and how that how that's Groan. I think it's a it's another really big really big Salient thing to human so security and privacy. I think are things that human beings understand and relate to and businesses. Understand decentralization is is it's more of a more of a second-order goal, right?
I mean, if you don't have decentralisation, you have these If you have, if you have sort of fully centralized systems, you have these really, really inherent risks to to, to your
system. So it if you sort of think back to the mid 20th century the telephone system, the United States there was a bell, had this massive Monopoly over over over the way that Communications telecommunications happened and that led to a lot of really fascinating and amazing Innovations. You think of the trend Stir like a lot of radio communications and all the sorts of amazing things. They they created.
And they actually did connect everybody online but but until Bell was broken up. We didn't have this disability for all of these internet companies to kind of come out of nowhere and be able to compete with each other. So you have centralization. And I guess if you think in the corporate terms, Ali's are, are ways to waste it. Kind of build wealth, and make something really good, but it also leads to the ability, the tendency to kind of abuse abuse
power. And having a diversity of participants, A diversity of views in a diversity of components in the system. And I guess decentralization is one component of that is, is I guess a result of having a lot of different participants. Is something that actually really helps Innovation helps competition and helps things grow. So it's less relevant to individual customers and people but but it's it is a second-order goal and it is something that that we think
about as well. And when talking about the cloud computing space and how people are running Services, we we do worry about companies that are kind of massive Central points of lock-in, right? I mean, if you think of the U.s. reinvent conference is going on this. This year, it's the largest trade conference in United States. And that's that's a company that, you know, wants everybody to put all of their Computing workloads onto a single company and there's that there's a lot
of locking associated with that. So I think from a cryptography perspective decentralization is important, but I think also from a business perspective having a lot of different options is important for healthy ecosystem. Yeah there's a thing that you might be familiar with which is Zuko's triangle Zuko Wilcox a in the founders, he cash and Zuko's triangle is like you have security decentralization and human readable names.
I think there's a lot of overlap with with this question here, where I think like a user experience also plays a big role or should be considered and like how we build systems. And so if you have a system that's like secure and and Easy to use, but where you don't have this robustness, which is it's meant to be brought on by the centralization. Then really, you know, you you might have to choose between two of those in a 3 points on the triangle.
I don't know if someone will actually solve that but it seems difficult. Yeah, it is difficult. And there are, there are trade-offs in that you can make in any one of these little corners and, and finding the right ones are fighting right. Coughs are hard to do but considering where we are as a status quo, there's, there's always improvements to be made to try to, you know, Square, Zuko's triangle, if you will. Yeah, so let's move on to the,
the core topic. Today, we want to bring you on to discuss and that's ipfs. So, we then this crypto week series of blog posts, or was two blog posts about ipfs one that sort of explained what ipfs is for the, for the, the average person who doesn't necessarily know, but ipfs and another post. That describe this experiment is based on this concept of end-to-end Integrity. So, could you describe like wise cloudflare experimenting with the up with ipfs and what you
guys are? What are you guys doing here? Here. Yeah, so I think one of the important things that clubs are trying to do is to well as I mentioned, make the internet better.
But one of the aspects of this is connecting users of the web to some of these new networks that have values and have properties that the what current web doesn't have and ipfs is one of them as a Content. Addressed Network, every piece of content has a hash, As a specific unique fingerprint associated with it. And unlike the web where you look things up by a names with ipfs, you can look things up via a fingerprint of what they are and so the traditional web is is
not necessarily immutable. You you have different things that can happen. You have a lot of very Dynamic web pages and you you have services like, Cloud flare that can see and detect things going wrong and sort of modify and optimize Things on the Fly, which is great. But, with ipfs, there are certain use cases that people have for this, where they just want things to absolutely be guaranteed, that you're getting exactly what you were set.
And if you think of things like package managers, or image sharing, or things like this, where you have something that's static, that's never going to change, then. Ipfs makes a lot of sense. The ipfs Gateway vote is, is the I guess the first of what, we're calling the distributed web Gateway, which is a way to access ipfs as a network through HTTP. And so people have web browsers. People don't necessarily on I guess the broadest sense.
There's a lot of there's a lot of experts and people who are interested in the space who are really keen on on these descent. Wise networks who run nodes and and are happy to do these sort of things. But the general populace has a web browser and they know how to use a web browser. And so what this Gateway does is allows people with web browsers to, you know, connect directly to ipfs and as ipfs is static.
Cloud flares are really, really great service for that because we can do caching, we can keep copies of data really close to people. We can distribute data all around the world. And so, You mentioned the experiment that we did, which is a browser plugin for intent Integrity. I guess, one of the purists complained about having a gateway to something like ipfs, is that as a question is, you know what, if the Gateway
changes the value? I mean, the value of or changes, the content and the value of ipfs is in the fact that it's content addressed. So, if you build a website, it's Is guaranteed to be the same for every single person who sees it. There's no censorship, there's nothing like that. It's just you publish one thing once and then it becomes, you know, there in the universe forever and this is why it's called the interplanetary file system.
Or one of the reasons is that, you know, publish something, once it's available at all times. And if you have a Gateway HTTP is as I mentioned, it's not really based on this sentence Integrity concept, but with And ipfs Gateway. You can put the hash as part of the URL and with this extension, you actually can validate that that hash in the URL matches. The hash that you expect and the way that it's actually chained into way that it's actually
change together as with DNS. So, if you have a have a website, you can say in the typical sense, you have. Here's my host name and it gives you an IP address and that gives you the address. So this is this is about routing with our ipfs experiment, you have this is the hostname. This is the hash that represents the content on this website and so what the browser extension does is it just valid.
Make sure that you know what you're seeing on the site matches exactly what was published in the DNS. And it's kind of ties in with our with our other efforts of the week, especially DNS SEC, which is just signatures in the DN. A, in the DN s itself. So if you trust the DNS and you've trusted DNS, Central Authority, then this is a way to, you know, put the put ipfs into an existing system to help kind of Validate the Integrity from within the browser. How is like the adoption been of
this cloudflare like ipfs seat? You know, you can almost consider like ipfs as a CDN of sorts like a Content delivery Network. And so have you seen that like Cloud flares? Offering has like help increase the adoption because you know I actually tried to put my website onto ipfs. It's been a while actually spent probably over a year now, so the technologist will be a little
bit more immature. ER, and, you know, I had a quite a hard time doing so and so like, you know, you guys have built a lot of the tooling to make this easier and stuff has been like, the public reception and stuff to this. Yeah, I think people are really excited about the ipfs Gateway and they're really excited because of the possibilities that that it unlocks and content hosting site on ipfs. I agree. It's, it's relatively immature.
So if you want to host something on ipfs, Can you know, host it from your your local laptop? Or you can use one of these Services. That's a pinning pinning service. But, um, but yeah, the the publishing side of it, I think needs needs some some development. But actually integrating the access side is, is where the Gateway really shines? So, we've seen all sorts of different customers or websites or Properties or that that really, you know, believe in.
Centralization and believe in having a source of Truth for the other data that is distributed beyond their own data centers. This is actually good for things like disaster recovery and they need a way to bootstrap their app or they need a way to bootstrap their application and like the fundamental you know, belief is that we want to build this in a distributed way but We don't necessarily, you know, it's one of the drawbacks of ipfs as it is. Is it's relatively slow to
actually get content. And so having this Gateway is a way to speed things up. You get all the benefits of cloud flare in front of this network that you have integrity protection and you have decentralization. So it's it's been coming up. We've definitely seen a lot more adoptions since since we launched this and said, Once ago and and it not just from the distributed application space.
But also from more traditional companies as well that have have have an interested in decentralization. So if I can just sort of rephrase what you guys are doing here because those different components, I think that need to be separated out. So yeah, the first is an IPS Gateway and there are tons of ipfs gateways out there and I think most of our listeners are probably familiar with them. So there are these websites that you Go to this URL.
So example, Dash Gateway.com, I think is one of them, you go to this website, you you pop in a you just add the the IDS hash to the URL and it serves like this. Gateway is in the back end connected to an IPS node and it is serving to you the content on the ipfs network. And the vulnerability here is that perhaps this website is sort of doing a man-in-the-middle type of attack, where it's serving you, another piece of content than the one that you initially.
Question and you haven't really no way of doing the knowing that unless like you, you know, do like an MP5 or they verify the hash of the content once you've downloaded it, that it verifies that it matches with the, hash, the address. That's right. Well, you guys are doing is like a Step Beyond that you're actually putting one of those gateways in the cloudflare sort of wrapper.
So all the ipfs, all content on igfs is now available super fast in one of these 150 data centers that you mentioned earlier. Yeah, that's right. So that's the cloudflare ipfs. Gateway is yeah, it's like you take any typical Gateway and then you Cloud certify it. Okay. So that's great because all of a sudden you have this really fast
content at work. Its content delivery Network that's serving up ipfs content and it's kind of similar I guess like it reminds me of this project we had a few weeks ago called blocks route which is like content delivery networks for blockchains but yeah it's sort of similar to that but then the issue with Is that if you're using it and maybe you trust example Gateway.com because some nice crypto persons hosting it,
or I don't know. Something you made meet at a conference associate, you might trust that person. The issue here. Is that people when I might not trust cloudflare or at least popular would like to prove that the content that they're delivering to you is actually the content that you requested. So what you feel here is is a browser plug-in that checks the ipfs Work and make sure that that content matches the hash that you requested.
What more specifically it checks that the hat if you're using the clubs or Gateway, as you know, cloudflare Dash ipfs.com, / your hash value, it checks the value of the content against that hash the the really, really cool part that I didn't actually go into detail but so just sorry. So he checks the value of the content against the hash. So it does this in the browser, it there's no like browser, right?
It doesn't Sort of like go and do an ipf S request, you know, a parallel requests to verify it. Checks the hash and it does sort of the crypto, the hashing, algorithm internally, and verifies that it matches. It's kind of like doing a navy and md5 verification. It's it's like md5 but better hash function and B5 s is a little breakable right now. But the other really cool thing that you can do with cloud storage, Gateway is bring your own host name.
So rather than have cloudflare Dash ipfs.com. Um so whatever you can just have you know my website.com and you just say my website, I'll cam is on ipfs. Here's the hash of the root file of my website. Okay so this is the third thing I want to talk about. So there's that there's the the Gateway was the verification tool but then what wraps This Together saying, okay?
Now as it cloudflare user as someone who has a website hosted on cloud flyer like like epicenter for instance, but you can, you can Can you can set this thing up on your website or in your cloudflare account, the Tells cloudflare index, might like, your guys are running and ipfs node and and it creates basically a copy of your website and all the web pages on your website, static content on this ipfs node, that is now available to the entire ipfs ecosystem. Yeah, it's it's sort of like
that. It's more. It's more that you have to put your content onto ipfs some way. And if someone tries to access your website through cloudflare, we will fetch it from ipfs. So cloudflare as a service doesn't host content. And and this is, this is sort of a very important key, part of what clubs are does, is we cache
content, and so we need a place. They're sort of some root of source of Truth. And so if you're going to use this service, you can run a local note on your computer and say, I'm going to host you here and we will grab it from there. We'll keep a copy around as long as we can and and serve it from cobblers, cash. Alternatively, you could pay a service to keep a copy of your content on ipfs and that's
that's the host. And then cloudflare just goes on to ipfs fetches, your content puts it around the world and anybody who wants it. Can can get it through us. That makes sense. Yeah, yeah, that makes sense. We're not actually hosting things on IP address, although if you fetch something through ipfs, our node will have a copy of it. So it actually helps improve the, the duplication of content in IPS, which is really
important. Because if there's only one copy of your content in the ipfs network, then it affect that copy goes offline, then you know, the contents no longer available. And so essentially what you guys have done is, you know, allowed for that third part of this like project it you kind of allowed ipfs almost integrate well with
the existing DNS system, right? So I can now like I can have my website accessible ipfs hosted website accessible through like my own personal like domain name, but still going through Cloud flares. Like CDN, yeah, that's right. And because we are so good at issuing. Certificates and kind of managing that then you also get get encryption for that website. So sort of automatically. How do you like see, like the future of, like ipfs?
Do you see like it being like sort of a complimentary service to like har protocol to http or more Rich more competitive? Do you see like, you know, maybe websites will be served over HTTP but like certain assets on the website are over ipfs. How do you see this like amalgamation of these two
protocols going forward. It's an it's an interesting question because nobody really knows the hope is that you know, ipfs provides a specific niche in a specific property that each be doesn't and that be expectation, would be that they would both kind of live in parallel. You can't necessarily do a lot of dynamic stuff with IP ipfs, but but the Integrity protection, that it has. And then the actual distributed nature of the hosting I think makes it useful for Specific application.
So I think you'll find applications that are mostly GDP applications that are mostly ivfs and applications that are sort of a mix of the two and it really depends on how well browsers and other other Technologies adopt this. So if you have like a mobile app that has native ipfs support or mobile SDK that comes out with that native ipfs support then maybe it'll it'll become more popular and apps that would need this. But yeah, I tend to see them as
complementary. They both have their advantages and disadvantages. Yeah I just thought I was speaking with one Binet at level 3 kind of bumped into him and asking him about about this very thing. And from his perspective I mean like browser support is at least partly possible so I guess like chromium is supporting it now and like they're diversions and maybe Firefox will support it
sooner. Can't remember exactly but you know browser support is coming and I was sexually quite surprised to see that how fast that had come. I mean when we had him on Guess was episode 100? Well a hundred sixty three weeks ago or something like that. I thought this is like years to get integrated in the browsers but it seems like it's moving much faster than Yeah, my understanding is that the path that they're taking his first exposing ipfs as of first-order protocol.
So you have HTTP colon slash slash whatever you could have ipfs colon slash slash whatever and the transition to get there is is that if you have ipfs colon slash slash you can you can register a plug-in that is able to handle that for you. And that's that's sort of the first step. And then, Eventually down the line, the ipfs node will potentially be made of in the browser, but right now it's all browser extensions. So what did you learn from this?
Well, I guess we learned a lot. First that latency is really an issue when it comes to user experience. So if you are the first person to ever fetch something through the ipfs gateway, then it has to go back to our node. And then our node has to search on the internet and find it and then get the copy and then send it to the cash.
And then it can eventually take, you know, a long time for Want to show up. And so for certain applications, it's The user experience is potentially problematic if you if you don't have a lot of cashing in a lot of ability to serve things immediately. The other thing we learned is that you can build some pretty interesting unexpected applications even on a platform that is for essentially for static content as ipfs is as in its current Incarnation.
So one of the examples that we did with the ipfs gateways, we built a Tribble mirror of Wikipedia. So you can actually link to this site. It's on ipfs and you can build essentially search type capabilities into ipfs, because a search has essentially a table, which is a static file, and then you can, you can put Javascript into there. So you can, you can do some really cool interactive things with ipfs. It's not just about serving up, static images. It's a it's a fully-fledged platform.
So I think those those are the two things that we learned about ipfs. The other thing that we learned is just just the, the interest in this area is huge.
A lot of people are really trying to figure out how to engage with and take advantage of and, you know, have reaped the benefits of of new technology and that provide provides new features like having having resilience to single two failures is a big thing, having integrity and and people are really Billy thinking about trust and hosting websites and hosting web services, and running things online. It's more and more important for for people to be able to trust
what you're doing. And as the infrastructure grows, there's just so many more participants that. It's hard to hard to actually, you know, implicitly, trust everything that you're doing online. So we have to have to build these technical measures and, and there's a lot of interest in this. From lots of ankles. Cool. So one of my favorite stories actually regarding like ipfs and gateways is, I was talking to Jeremy Johnson from protocol
Labs about a year ago. Last Devcon Defcon 3, so November 2017. And this was like, right around like, right after like the whole like, Catalonia and Catalan referendum around Independence, I was going on. And so what was happening during that, Process was the Spanish
government. So, you know, there were a lot of like Pro referendum website, people like website showing people like how to go vote and like you know just like reasons why I like you know, just general pro website and the Spanish government was like sort of censoring these and shutting a lot of them down and what was really cool was ipfs was actually being used to keep some of these websites up and so people were like hosting them on ipfs.
And I thought it was really cool because it was one of like, I don't know. I think one of the first times that like, this generation of like, decentralization Technologies has really been used to like, cause lack of physical, like a tangible impact on like, current unlike world on
world politics or whatnot. But then there was something interesting happening where the website were being hosted on ipfs, but everyone was accessing them through the ipfs dot IO Gateway. What the Spanish government essentially ended up, Charlie doing was actually censoring the ipfs dot IO domain Gateway. And so now people weren't and most people weren't even aware of any any other gateways and people didn't have the soft and you know it's not easy to
install the ipfs software and so it just suddenly became very inaccessible to them. And so this kind of like leads into the other one of the other kind of centerpieces of your crypto week that you had was about tour and So how do you see this like interesting relationship between ipfs and tour and like what can I be a fast gain by being served over
tour? Yeah so I think I think of tour as in the same family of Technologies as ipfs and a lot of these new blockchain distributed web type Technologies because it really is a lot of independent nodes that work together to provide a property that you wouldn't get with a with with the regular web. So with tour, what it does is it provides you with routing and anonymity and it uses a Weird encryption approach to do so, and, and in terms of their trade offs latency is one that they
just don't really care about. It's actually. Anonymity is much more important than getting things quick. So the typical web, I mean, the unencrypted web and potentially even ipfs. If you're talking about Distributing this content, it's the opposite of a not Anonymous, right? You're connecting. Directly with another person and requesting a very specific thing. And they know what you're asking and they know who you are. But but it provides Integrity.
So you have one network that provides integrity and one network that provides anonymity. Then it sort of makes sense to me. If you want both, you can kind of put one on top of the other and what cloudflare launched during crypto week, was essentially a way to access the Tor Network. It's kind of like Cloudflare put an ipfs node into the ipfs network clubs, or put a Tor node
into the Tor Network as well. And this Tor Network or note is, is used to Route any traffic to any site that's on cloudflare. So, if you connect through Cloud flares, Tor node, which is a DOT onion address, we've got about 10 of them. If you connect any one of those and make a request for any site, that's on cloudflare, it kind of goes through.
And so, the yeah, the, the bottom of the diagram that I think you're referencing on the page shows user going through tour, and then connecting out the tour Point through cloudflare, and then to the club, flyer, ipfs Gateway, and then to ipfs. So I think if you're doing, so you're going to get a very slow connection, but it's going to be very private even cloudflare doesn't know who you are, but, but you also gain, you know, the end-to-end Integrity properties
of ipfs. I think they're pretty cool complementary Technologies. If you're okay with things being extremely slow, I see. So this whole like onion routing service that you guys built that week, you know, I know and like the past year, especially on, like, Hacker News and stop. There's a lot of people like to, like blame Cloud flares, like, like, especially the recapture features for some sort of, like, the degradation of the user experience on tour.
I always thought that it is a bit of like, an unfair blaming. But could you explain a little bit of why this whole recapture system is like so necessary in the torrent or and then how your onion routing service protocol like helps resolve some of those pain points? Yeah, absolutely. So as I mentioned, people come to cloudflare for security insights acceleration, things like this security is one of the
main things. And if you talk to you, the average webmaster or the person running a website, they actually do. Really have a very favorable opinion of tour, because as an anonymity Network, it's very easy to send abusive traffic through it and not have to deal with the consequences. So a lot of the traffic that actually comes through Tor and comes through exit nodes, is, is attack traffic and we it hits our web application firewall. And we say, what is this? And, and sort of block it.
So, the way that the Clusters currently set up and And we're hoping to improve the system is, is to use something called IP reputation and IP reputation databases to help make a determination as to how likely appear HTTP request is going to be malicious or not, or part of a flood or not.
Is this an attack or not? And so what we do is we use a captcha to kind of prove that it's a to force the user coming through to force to prove They are a human or at least able to solve one of these human interaction puzzles and sort of once they've proved that their person, then we say, okay, great. You can come through do whatever you want with this website but where you're coming from seems to have a lot of bad requests. And so the kind of danger level
gets elevated. And and this is something that our customers expect is that they have to pay for bandwidth. They have to pay for You know what, it takes to administer site and run it and deal with comment, spam, and, and deal with all these sort of things. And, and, you know, this IP reputation is a very coarse way of lowering, the amount of crap that you get, if you will on the site. So because of how tour works is that?
There's there's a couple. There's a small set of computers that are called, Tor exit nodes where the traffic goes into the Tor Network and then exit out of those exits, out of those nodes into The internet. These IPS tend to be given a pretty bad reputation because there's so much bad stuff coming from them. So, this is kind of the Crux of the reason why people see so many captures while using Tor. And why cloudflare is, is sort of being blamed for the
degradation of this network. And we didn't like that. We think that, you know, towards a valuable tool, we still need to protect our customers from attacks and we and like these are just, this is, this is who were building The service for in this is these are the people who, you know, we want to use cloudflare, we still want to give them that service. But we also think that the the secondary effects on the internet as a whole, it's are important as well.
So having more people use, an anonymity Network. Make having people use, gain these properties of these alternative networks, if they choose to use them and not be punished for it is something that we're really interested in. So, What art or Gateway does is it allows folks who are browsing websites on tour to actually access cloudflare websites
through. As I mentioned a node that's running in the Tor Network that has an onion address and if I guess every time that you connect through the Tor Network to an onion service you connect through a circuit. So there's an entry node, there's a Transit node, there's a third node, and then you then you can connect to the site. So every one of these circuits is unique for every person.
And when you run an onion service, you actually get a circuit ID. You get to know whether or not two different connections to the same, to the same service are from two different people. And because of that, you can actually apply policies on a very selective basis, right? So, if someone is actually sending a lot of comment, spam, then you can say, you know, this circuit, the circuit is bad, you can block this. Without blocking legitimate
people. And I think this is, this is one of the one of the great things that we helped put together with this. With this tour thing we work with the Tor Browser team as well to help implement this.
So, if you visit a site that's on cloudflare, will send an HTTP header that says, hey by the way, if you want, if you're going to reconnect, we have all these onion addresses and you can just use these in Connect router instead of connecting through an IP address and And this has been very, very successful actually we turn it on for all cloudflare Sites with all of this. And I mean, you guys are it seems like quite quite involve in.
So the open source space. In fact, Sonny was mentioning earlier and I wasn't aware of this, but you guys have quite a few crypto libraries that that are open source. In fact, some of them are being used by ethereum and a bunch of other websites like pretty much off. The internet is using your crypto libraries. How does this? This and this experimentation with ipfs and this tour stuff you guys are working on. Like how does this all fit into like your business model?
Is there are there specific businesses here that you're looking to develop? Or is it more just sort of being at The Cutting Edge of these Technologies and allowing so the the experience of everybody using the web to be improved. Well it's part of the mission statement of the company which is to help build a better internet and open source is something that's core to what we are. I think cloud flares doesn't necessarily have Secret Sauce in
the software, right? Almost everything that we use we try to open source because it will be usable for for other folks online. So, for example, four years ago, we released a library called CFS. SL. Which was a go based certificate Authority, and you can use it to build certificates and build a pki inside your own organization. And it actually got picked up by, let's encrypt.
And now it's the core of the let's encrypt certificate Authority as well as you know, Salesforce and a bunch of other really big companies are using it and and we've contributed code to the go standard Library. So the P 256, which is One of the most, well, commonly used elliptic curves one of cloud. Fleurs Engineers. You know, we optimized it because we do so much cryptography. So, you know why not share this with the world.
And I think it's it's there's no drawback for everybody having a better version of cryptographic tools and if you have a faster Library that's secure and safe, put it out there for people to use I guess so, so far, we've talked a lot about, you know, two major decentralization technology, which is ipfs and tour. But one that we haven't really talked too much about yet which is probably one of the you know ones that's the most. Well-known is blockchains right?
And so I was wondering how do you guys think about blockchains? You know, I know you have this one protocol, you kind of like dubbed clock chains like as a joke but, you know, and that one you're talking about. Like, you know, a timing system for like SSL certificates, so you can, you know, like, you know, synchronize clocks.
But, you know, another option I actually worked on a project where like, you know, instead of like doing SSL certificate expired, expiration, you can do a system where like, you know, public a blockchain acts as a public bulletin board where you like lists expire or like compromise signing systems. Another use case for I think like blockchains within your within the web infrastructure is Throughout this entire thing, you guys have talked a lot about like using the DNS system,
right? So you talked about how you using DNS for like ipfs like resolution or you know with the your you have this other project called encrypted Sni which you're trying to basically create like a pki and so you know you're using the you're kind of using that DNS system to do that as well. And like we mentioned, the DNS system is a very like hierarchical system. Have you ever thought about maybe exploring the option of
using blockchains to do so? But you know, so we mentioned Zuko's triangle as earlier as well and so you know the cool thing was. So super triangle is this whole thing about human readability and centralization and security. But Aaron Schwartz actually had this like you know he actually made this observation that a blockchain actually is a way to get around as you goes triangle and so that kind of led to projects like namecoin and handshake and things like this.
So yes. Oh my Overall question here is like how do you guys think about like integrating like blockchain technology into some of your offerings or in the just in the general web infrastructure as a whole? Yeah. So I think there's a there's another kind of trilemma that our CEO Matthew prints put out in a in a blog post about tour a few years ago about you know making things usable secure and having low latency and I think when you're in the web context, this is something that's very
underrated. Is the ability to get things fast and to get things. He's immediately. And so when it comes to certificates and time and a lot of different things, if you're connecting to a website, hundred milliseconds is going to kill you. And so there's there's a number of initiatives that were interested in that are blockchain, ask that our block chain, that sort of seemed blockchain blockchain, ask and
one of those is certificate. Transparency. and so, one of the I guess the one of the main differences here is that in a lot of the blockchain technologies that we're talking about. Its we're talking about fully trustless decentralized systems where you have a lot of different peers and then you have to this is, this is why consensus is so important is being able to have all these different pairs and all sort of agree on a specific thing.
I think in the web pki and at least in the website situation, that's Fine. But that's sort of a step too far, or at least it's a step that's a little bigger than the technology is willing to take us right now. So, certificate transparency is an example of one step. So it's essentially a hash tree of all the certificates that have ever been issued and for certificate, transparency to work. You need independent groups to manage these these certificates as well.
So you end up in something with that sort of the analogous of like a permission blockchain and with certificate transparency you have to you actually don't have to do the look up on the machine and you don't have to run a node on your machine and you don't have to synchronize with the blockchain and so the cost of latency to a system like this is not big enough to slow its progress. So I think the main challenge
for integrating web T.i. traditional web Technologies and blockchains is really about being fast and being able to synchronize things fast and being able to transfer data fast and be able to have of fast consensus and having a fully trust list system is is not necessarily conducive to that. Although we seen some some pretty good experimentation experiments in that direction. I see cool.
And earlier, you had mentioned that this ipfs Gateway is just one of the first projects in this larger decentralized web Gateway Series of projects almost. So you know what are what are some of the other projects that are like you have plan in the sphere of decentralized web? One that I thought I think it would be really cool.
Was like, would be like, you know, maybe in your Cloud Fair DNS, like 1.1.11, maybe integrate like namecoin resolution, which I thought would be a really cool idea. But I don't know what are some of the other ones that you guys are thinking about. So we've talked to the Namecoin folks, we've talked to Folks at a theorem we're really kind of testing the waters at this point and right now we're mostly investing in, you know, how can we make the ipfs Gateway better?
And that's what the short-term road map looks like. But but down the road, there's so many interesting Technologies in this space solving different problems. And you shouldn't be surprised to see any one of those pop-up down the line. Yeah, so you mentioned 1.1.1 that one and so that's a basically a free DNS service that you provide, so I guess similar to like Google DNS or
OpenDNS something like that. But but with with privacy apparently and your I was reading your website earlier and I guess KPMG is auditing your servers to make sure that you're not actually like logging anything. And so six privacy is sort of a big deal here. I'm curious like what goes into To buying a with people sort of, hear about flipping domain names and paying an enormous amounts of money for domain names. What goes into buying the IP
address, that went up 1.1.1. Well, we didn't buy 1.10 101. It's actually I mentioned how there's different registration, the different authorities and manage IPS. And the one space is actually owned by 8p Nick, which is the asia-pacific region for Distributing IPS. And And they, they never thought that they would be possible to even give this IP address to anybody because it was so so bad. In terms of the amount of garbage traffic, that would come to it.
So anybody who's building any sort of test for an IP address in, any documentation is going to say 1111, it's just the simplest example that you can, you can use. So there's an enormous amount of background internet background radiation hitting the 1.1.1 IP, Address that they were sort of like we can't allocate this. There's no. There's no reason anybody would ever want to use it.
It's just so it's basically constantly under DDOS from from just the, the background internet radiation and clouds layer was one of the organizations that in the world. One of the few that could have. Actually, you know, that's no no big deal to handle a bunch of unexpected traffic. So we made a deal with ap neck and and they're lending us the IP address for for the For this project and and and it's been a pretty fruitful collaboration with them so far and really
successful project. That's pretty funny. So it kind of shows off your DDOS like capabilities as well protection capabilities. Yeah, absolutely. And one of the thing we should have mentioned earlier but I guess in your office in the maybe like in the lobby or something, there's a bunch of lava lamps. They are like generating entropy. Can you tell us a bit about that?
That sure. Yeah, so anybody who saw the first episode of NCIS this year might recognize they kind of stole the plot idea from from cloud flares office. But yeah, so we have a wall in our front lobby that has, you know, about 100 lava lamps and we record it with a with a digital recorder. And we turn that data stream into a source of random numbers that we actually, you know, send out to our dentist. Centers in our servers and feed it into the as an additional rent source.
So is there any academic research or anything like that? That would suggest that lava lamps are actually random. Well, the lamps themselves are pretty unpredictable II but the main thing is, is it doesn't really matter. If you have a sufficiently Advanced Camera, there's going to be enough noise in in it to actually actually create enough entropy to be a useful useful source.
And also the lighting is also is is a big part of it at any time of day Day, you're going to have different different sources of light and people walking in front of the camera. And there's, there's enough entropy and in like an HD HD film to to use for a lifetime. Right. And I'm sure the temperature fluctuations in the room. Also affect the lava lamp as well. Yeah. It's very hard to predict the levels of the lava lamp but it's to protect everything else.
All the other atmospheric conditions basically impossible And even if they were predictable, we mix it in with other sources such as Hardware rent numbers. Okay, well, with that Nick, I want to thank you for coming on the show. Today was a fascinating discussion and I look forward to seeing what comes out of clouds floating future. I think, now that things are so easy, thanks to cloudflare, might look into making our website available like as an onion domain like available
ipfs. You know, do something like that. Yeah, absolutely. Thanks for having me on Thank you for joining us on this week's episode. We release new episodes every week. You can find And subscribe to the show on iTunes Spotify, YouTube SoundCloud or wherever you listen to podcasts. And if you have a Google home or Alexa device, you can tell it to listen to the latest episode of
the epicenter podcast, go to epicenter, .t V /, subscribe for a full list of places where you can watch and listen. And while you're there, be sure to sign up for the newsletter so you get new episodes in your inbox as they're released. If you want to interact with us, the guest or other podcast listeners, you can Follow us on Twitter and please leave us a review on iTunes helps people find the show and we're always
happy to read them. The thanks so much and we look forward to being back next week.