Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Releases Project Shield To Fight Against DDoS Attacks (thestack.com)

Posted by timothy on from the help-from-above dept.

An anonymous reader writes: Google has launched a free tool to help all media sites and and other organisations protect themselves against Distributed Denial of Service (DDoS) attacks. The Project Shield initiative allows websites to redirect traffic through Google's existing infrastructure, in order to keep their content online in the face of such attacks. Google will aim to work with smaller sites which do not necessarily have the money or are not fully equipped with strong enough infrastructure to the attacks. However, the Shield tool has also been made available to larger outlets, such as popular news sites and human rights platforms.

45 of 72 comments (clear)

  1. Free? by Anonymous Coward · · Score: 4, Insightful

    Nothing is free citizen.

    Seriously, the size of some of the DDoS attempts is massive. That's a lot of bandwidth wasted, and there will be a dollar impact associated with this. What additional angle will google be targeting to make money off this?

    1. Re:Free? by U2xhc2hkb3QgU3Vja3M · · Score: 1, Insightful

      They'll probably show ads on the shielded version of the website.

    2. Re:Free? by Godai · · Score: 1

      They offer it for free to news and human right & election monitoring websites for free. I wouldn't be surprised if down the road, anyone else could buy the service. That's where they'd make money.

      --
      Wood Shavings!
      - Godai
    3. Re:Free? by shawn2772 · · Score: 4, Informative

      They'll probably show ads on the shielded version of the website.

      From https://support.google.com/pro...

      Does Project Shield place ads on content?

      No, Project Shield doesn’t place ads on websites it protects.

      Project Shield doesn’t change the content of your website in any way. It also doesn’t impact the ability for your website to target advertising or analyze ads-related data.

    4. Re:Free? by shawn2772 · · Score: 4, Informative

      Seriously, the size of some of the DDoS attempts is massive. That's a lot of bandwidth wasted, and there will be a dollar impact associated with this.

      Not as much as you might think. Google has really excellent DDoS resistance systems that recognize and simply terminate a lot of DDoS connections, because DDoS traffic looks very different from normal traffic. Also, as I understand it, Google doesn't really pay for bandwidth. It peers with the various backbone providers rather than buying service from anyone. And Google obviously has enough bandwidth capacity to deal with any DDoS attack without trouble; Google's normal traffic volumes are vastly larger than even the biggest DDoS attacks. Google measures bandwidth in petabits per second.

      So, the real cost is just capacity of the proxy servers used to provide project shield... but I'm sure these are the same proxy servers which are used to front all of Google's own services. They have tremendous capacity and, again, their normal workload looks much like what anyone else would see as a massive DDoS attack. My guess is that the additional load is negligible.

      What additional angle will google be targeting to make money off this?

      For now, it's purely altruistic, providing protection for news, human rights and election monitoring websites. If it works well for them, Google could easily turn it into a service offering for any sort of organization who wants DDoS protection. It could be a very nice business for Google, actually, since it's unlikely to add noticeable load to Google's infrastructure.

      (Disclaimer: I'm a Google engineer. I've written code that runs in the proxy servers I'm sure are being used for this. However, I'm speaking for myself, not for Google, and the above contains some suppositions about how the shield system will work which may not be correct. I've deliberately avoided searching out the internal design documentation until after posting this. But I'm curious so I'm sure I'll go look later :-) )

    5. Re:Free? by thebes · · Score: 1

      What is "free citizen" you speak of?

    6. Re:Free? by TheRaven64 · · Score: 1

      Tracking. If you don't run Google Ads or Google Analytics, then Google doesn't know who visits your site. Now they will.

      --
      I am TheRaven on Soylent News
    7. Re:Free? by jon3k · · Score: 1

      Google does a lot of stuff just to promote the brand. Google is now the wonderful, friendly company who protects the weak - wouldn't you want to support them by using their search engine?

    8. Re:Free? by aliquis · · Score: 1

      What about getting to know who want to visit what website which is protected through the system?

      That's a good enough reason to do it?

    9. Re:Free? by MachineShedFred · · Score: 2

      Or by intentionally allowing them to man-in-the-middle your site, allowing them to track and analyze every visitor, regardless of if you are using their Analytics product?

      --
      Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
    10. Re:Free? by shawn2772 · · Score: 3, Informative

      What about getting to know who want to visit what website which is protected through the system?

      That's a good enough reason to do it?

      Google has explicitly stated that data on visitors will not be used for advertising or search purposes, and that Google will not retain any of the data beyond two weeks, and then only in aggregated form and only for the purpose of improving the shield service.

      I realize that people really don't want to believe a corporation could every do anything nice, but I really don't see any room for nefarious hidden motives here (and such would be pretty out of character for Google anyway). Of course, that just seems to make people look harder and stretch further to find the diabolical plot underneath, and the further they have to stretch the more diabolical the plot they "discover".

    11. Re:Free? by fulldecent · · Score: 1

      Shawn,

      Thanks for posting on Slashdot about this and sharing your ideas as an engineer (then checking Google documentation afterwards). Part of the reason I trust Google is because my assumption is that people work there that have values like me. If unethical marching orders came in one day then engineers might resist them or one person might leak it. It took just one technician to blow the lid off of Room 641A. Google's past record of exiting mainland China because of Chinese spying should illustrate the commitment of Google to its users. This serves as an effective deterrent to people that might think of coercing Google to abuse its power. (Let's ignore the fact that Google did NOT leave the US market when the NSA tapped its server room interlinks.)

      Unfortunately, this is not enough. The biggest risk to privacy and security is trust itself. The FBI / Apple case has made obvious that Apple has the ability to collect information from iPhones (before 5s). The effort would be herculean, but is it possible.

      Bo Xilai is a political dissident in China and was jailed by premier Xi Jinping for conspiring to take over the national party. The level of assurance provided by Apple's iPhone 5c was not enough for Mr. Bo to conduct his operations. It is assumed that Apple's 5s and on are beyond even the reach of Apple.

      In summary, when considering the privacy and security assurances of a system, it is usually the human element or the implementation details that are weakest. This can be quantified with the "ransom factor":

      How many people would need to be served National Security Letters, served with All Writs Act injunctions or have their children taken ransom would it take to break the system?

      Cross post to: http://privacylog.blogspot.com...

      --

      -- I was raised on the command line, bitch

    12. Re: Free? by bill_mcgonigle · · Score: 4, Interesting

      A broken WWW earns Google no money. Until we can defeat the botnet scourge, clean up reflection / amplification problems, and secure all the end points, offering stop-gap assistance may well aid their long-term revenue picture. It's perfectly rational to be nice and seek profit in the same venture.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    13. Re:Free? by Actually,+I+do+RTFA · · Score: 1

      Some things are free - complimentary goods.

      Printer companies practically give printers away to sell the ink. Razor companies sometimes literally give razors away to sell the blades.

      If Google thinks that many little sites lead to needing to search Google instead of just go to Wikipedia and Facebook, then it's in their interest to pay to have that ecosystem exist.

      Now, I don't know if that's really what's happening in this case, or if they are analyzing the shit out of the data, or if there's a long game involved.

      --
      Your ad here. Ask me how!
    14. Re:Free? by Actually,+I+do+RTFA · · Score: 1

      So, stupid question. What's to stop the DDOS attackers from directly targeting my server, and bypassing this proxy?

      --
      Your ad here. Ask me how!
    15. Re: Free? by johnsnails · · Score: 1

      Google needs to start looking at a revenue model that cannot be quashed by a free browser extension. Down the road there will be a paid version for anyone.

    16. Re:Free? by shawn2772 · · Score: 1

      So, stupid question. What's to stop the DDOS attackers from directly targeting my server, and bypassing this proxy?

      Not knowing your IP address.

    17. Re:Free? by Actually,+I+do+RTFA · · Score: 1

      Wait, that's really it? How hard can it be to figure that out?

      I'm not sure how, but maybe some kind of geolocation based on timing?

      --
      Your ad here. Ask me how!
    18. Re:Free? by shawn2772 · · Score: 1

      Wait, that's really it? How hard can it be to figure that out?

      I'm not sure how, but maybe some kind of geolocation based on timing?

      Since your DNS name will resolve to a Google proxy server IP and that's where requests will go, timing will be hard. Not impossible, but hard. And supposing you did manage to see pass that obfuscation to discover the geolocation of that actual target server. How does that help you direct packets to it? You need the IP.

      For that matter, supposing you did get the IP, it seems like the admins could just configure their firewall to drop all packets except those coming from Google, because all legitimate traffic will go there first.

    19. Re: Free? by shawn2772 · · Score: 1

      Google needs to start looking at a revenue model that cannot be quashed by a free browser extension. Down the road there will be a paid version for anyone.

      I assume you're referring to advertising. Two points: First, Google already has some $6B per year in non-advertising revenues, and growing rapidly. Second, if everyone starts using adblockers, they'll stop working because sites that depend on advertising revenue will start rejecting users that adblock. We've already seen the beginning of that. Adblocking doesn't work if more than a small portion of the world uses adblockers.

      Oh, one more: yours is a funny comment on a discussion about a service that could very obviously be sold as a service. Perhaps what you suggest is exactly what Google is doing?

    20. Re:Free? by Actually,+I+do+RTFA · · Score: 1

      it seems like the admins could just configure their firewall to drop all packets except those coming from Google, because all legitimate traffic will go there first.

      Thanks for answering. This is really interesting.

      And the firewall dropping packets isn't going to subject you to a DDOS-attack? Dropping by origin is that cheap? And spoofing the origin IP address is that hard?

      --
      Your ad here. Ask me how!
    21. Re: Free? by johnsnails · · Score: 1

      I take your point about already having other revenue streams and the adblockers (i have also noticed news sites not allowing me to watch their content), I wasn't trying to be funny, was simply my take on it.

    22. Re:Free? by Waccoon · · Score: 1

      Google will not retain any of the data beyond two weeks, and then only in aggregated form and only for the purpose of improving the shield service.

      I'd like to see someone prove this.

      I recently got an invoice from my new health insurance provider, and was shocked to see that for my convenience, the password for my online account was printed in clear text on the bill. My first reaction was, "that can't possibly be legal, can it?"

      No corporation, no matter how large, can be trusted with your data once they have it in their possession. They can claim that they aggregate the data and keep it for only two weeks, but there's no way I'll believe that.

  2. Redirect through Google's servers by ickleberry · · Score: 2, Insightful

    More information for them to mine, which is what they really crave. Also this just seems like another step along the way for Google to become the internet. They don't actually like the decentralised nature of the internet so they try to crush the competition by giving away free stuff for a while with the hope of getting people dependent on that service and later charging for it. What would the likes of cloudflare have to say about this?

    1. Re:Redirect through Google's servers by LWATCDR · · Score: 3, Informative

      Remove tin foil hat and read the story.
      "“Project Shield only uses the data we obtain (such as logs from the Project Shield servers) for DDoS mitigation and caching and to improve the Project Shield service,” the company added."
      Seems like they are aware of what people might worry about and have posted a policy statement to put people at ease.

      --
      See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
    2. Re:Redirect through Google's servers by shawn2772 · · Score: 4, Informative

      More information for them to mine, which is what they really crave.

      From https://support.google.com/pro..., emphasis mine:

      What data does Project Shield collect?

      We collect traffic metadata and cached content for website traffic passed through Project Shield. This helps us detect and defend against DDoS attacks.

      We also ask for your website’s configuration data — your website's origin server, domains, and subdomains — to set up Project Shield. We hold on to this for as long as you have an account with Project Shield. You can delete your Project Shield account at any time.

      Data and web traffic may be processed and stored in the US or other countries.

      How do you use my website and website visitors’ data?

      Project Shield collects web traffic logs, and other data on how we serve your traffic, to help improve Project Shield's service and performance.

      Project Shield does not collect data to improve search results or target advertising.

      Does Google’s Privacy Policy apply to visitors to my website?

      No. Your website’s own policies and terms of service — including how you manage user data and privacy — apply to people visiting your site, not Google’s privacy policy and terms of service.

      Can people tell that I’m using Project Shield?

      Yes. Domain Name System (DNS) records are public information and will show that you are pointed at Project Shield servers. When you set up Project Shield, you point your traffic at Project Shield servers. Anyone can use a public website to look up your DNS records and see what IP address or host name your website points to.

    3. Re:Redirect through Google's servers by ickleberry · · Score: 1

      For now, until users get comfortable with the service. Once it gains traction they will be re-writing the terms and conditions.

      Also just because a company has a policy, doesn't mean there isn't someone violating it behind the scenes

    4. Re:Redirect through Google's servers by shawn2772 · · Score: 4, Informative

      For now, until users get comfortable with the service. Once it gains traction they will be re-writing the terms and conditions.

      Want to bet? Seriously, care to put money on that? I'll take that action in a heartbeat, assuming we can work out a way to do it.

      Also just because a company has a policy, doesn't mean there isn't someone violating it behind the scenes

      Pursuant to the consent decree signed after the Buzz fiasco, the Federal Trade Commission regularly audits Google to verify compliance with the terms of the decree, which includes compliance with Google's publicly-stated privacy policies. It would be very, very risky for Google to do anything to violate those terms.

      Google also applies strictly-limited and closely-audited access controls on all such data, so it's virtually impossible for a "rogue" employee to do what you describe without approval from both his or her own manager, and from a separate organization that is tasked with monitoring and minimizing access. Attempting to bypass any of these controls is both very hard and is a firing offense.

      (Disclosure: I'm a Google engineer. Security is my gig, not privacy, but the two overlap a bit so I see a lot of what goes on around privacy.)

    5. Re:Redirect through Google's servers by ThatsMyNick · · Score: 1

      separate organization that is tasked with monitoring and minimizing access

      How about for someone already part of that organization. It would just be themselves and their manager's approval (if one is needed at all for their org, and even may be just themselves if they are the head). It all comes to the culture in the organization. I cant comment on google, but I bet these things happen even organizations with similar policies.

    6. Re:Redirect through Google's servers by shawn2772 · · Score: 2

      separate organization that is tasked with monitoring and minimizing access

      How about for someone already part of that organization. It would just be themselves and their manager's approval (if one is needed at all for their org, and even may be just themselves if they are the head). It all comes to the culture in the organization. I cant comment on google, but I bet these things happen even organizations with similar policies.

      It's possible, though it also would surprise me if there aren't defenses in place against that... such as that the systems do not allow anyone in the access management organization to have access themselves (which pushes the question off on the managers of those systems... and I know there are many eyes positioned to watch them). In this case, though, it's hard to see why someone in such an organization would want access to data that flowed through Project Shield. You could see the ads guys wanting it, and maybe the search guys (though that's not so clear), but an employee in the access control org would have no business motive at all. It would have to be a personal motive... and they'd have to be ready to risk their job and perhaps even prosecution for it.

      It's not inconceivable that data that could generate such an interest in someone who happens to be in a position to abuse it (at significant personal risk) could pass through Project Shield, but I think it's really, really unlikely. I think it's much more likely that other Google services would have data that might motivate someone to take the risk.

    7. Re:Redirect through Google's servers by MachineShedFred · · Score: 1

      Yeah, because Google never changes policies after people start using a service.

      --
      Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
    8. Re:Redirect through Google's servers by shawn2772 · · Score: 1

      Good luck with that. I don't have access to that information and couldn't get it if I tried. Also, I like being able to look in the mirror.

    9. Re:Redirect through Google's servers by shawn2772 · · Score: 1

      (Disclosure: I'm a Google engineer. Security is my gig, not privacy, but the two overlap a bit so I see a lot of what goes on around privacy.)

      Including, I assume, all of the privacy that your company systematically violates in order to conduct its core, mission-critical, business and reason for existing,

      Google only wants your data if you want to provide it. It's an exchange of value; you get service, Google gets to advertise to you. If you don't like it, Google provides the tools you need to opt out -- while in most cases still allowing you to use the services!

  3. Skimming? by Bing+Tsher+E · · Score: 1

    Is Google skimming anything off of the data routed through their pipe while the "bad guys" are running the DOS attack?

  4. No thanks Google. by Anonymous Coward · · Score: 1

    I'll stick with Cloudflare.

    1. Re:No thanks Google. by allo · · Score: 1

      blocking tor users? no thanks.

  5. "Give Google visibility into who's visiting..." by DaveyJJ · · Score: 4, Insightful

    From the engadget/Wired article ...

    "To use Project Shield, a site has to give Google visibility into who's visiting -- something likely to rankle the company's privacy critics. But Google says that it'll only keep logs for two weeks, after which the data will be stored in aggregate and used to learn more about attacks. The company also notes that the data it collects won't be used in its advertising programs."

    The company also notes that the data it collects won't be used in its advertising programs. [But by using Project Shield you and your agents and seven generation of your children's children agree and that we can change the Terms and Conditions of use, in a 64 page-long document of legalise, that only 1 in 100 people will ever read and/or notice, at any time.]"

    --
    DaveyJJ
    1. Re:"Give Google visibility into who's visiting..." by shawn2772 · · Score: 3, Informative

      But by using Project Shield you and your agents and seven generation of your children's children agree and that we can change the Terms and Conditions of use, in a 64 page-long document of legalise, that only 1 in 100 people will ever read and/or notice, at any time.]

      From https://support.google.com/pro...:

      Does Google’s Privacy Policy apply to visitors to my website?

      No. Your website’s own policies and terms of service — including how you manage user data and privacy — apply to people visiting your site, not Google’s privacy policy and terms of service.

  6. Fine for highly public sites by drinkypoo · · Score: 1

    If nobody is trying to hide when visiting your site, then there's no good reason to hide that data from Google, is there?

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  7. Election monitoring? by U2xhc2hkb3QgU3Vja3M · · Score: 1

    So, what if they "just happen" to have problems on their own end while the original website is being DDoS'ed?

    People will say "look at the election numbers, Trump is still at the top" while the true numbers just aren't being updated because of the "technical problems" on Google's end. It's a new service after all, there's bound to be some problems. After all, the people working there are only human.

  8. Can't you simply.. by r2rknot · · Score: 1

    ...have your outside router start ignoring IP addresses that exceed some threshold of activity that is not a 'normal' level of activity for, oh say 90 mins? I have a edgeOS router. I could have sworn I saw a part where I could set rules based on an arbitrary number of attempted connections in a period of time.

    --
    "...whenever any Form of Government becomes destructive...it is the Right of the People to alter or to abolish it..."
  9. How does this differ from Cloudflare? by JustAnotherOldGuy · · Score: 3

    Does anyone know how this differs from Cloudflare?

    FWIW, I'm using Cloudflare on several of my sites, and it's been extremely useful so far.

    I'd love to see a comparison between Shield and Cloudflare, especially any features that one might have that the other doesn't.

    --
    Just cruising through this digital world at 33 1/3 rpm...
  10. Re:Better Google infrastructure, weaken everyone e by aliquis · · Score: 1

    Yeah, I totally hate to generate (in my case music) lists of videos just to later find out some of them are gone without being able to see what has been removed!

    They could had kept the title and possibly username, then again others may have different interests there depending on what was uploaded in the first place but .. At-least keep on showing it for the person who made the list so they possibly can find a replacement.

  11. Let Me Count The Ways by Anonymous Coward · · Score: 1

    Google is WAY bigger than CloudFlare.
    Google is offering this free to a small few categories of websites, CloudFlare offers limited free services to all and paid services to everyone.
    Google's sites don't seem to fail. CloudFlare sites fail all the fucking time!

    From a technology perspective Google's Project Shield is a CDN system, just like CloudFlare, Alkamai, and the countless other hopefulls that have popped up over the years.

  12. The solution to the whole DDOS thing. by Mike+Van+Pelt · · Score: 1

    Just about everybody knows this: ISPs need to configure their routers to drop IP packets with source addresses that have no business coming from the interface they came in on. If the DDOSers can't spoof their source address, it puts a big crimp in the main bandwidth amplification methods.

    Of course, they'll find something else at some point, but it should slow them down if they have to be on close to the same network as the one they're attacking, or their bots have to send out packets in something closer to a 1:1 relationship to what the target receives.