Google Releases Project Shield To Fight Against DDoS Attacks

An anonymous reader writes: Google has launched a free tool to help all media sites and and other organisations protect themselves against Distributed Denial of Service (DDoS) attacks. The Project Shield initiative allows websites to redirect traffic through Google's existing infrastructure, in order to keep their content online in the face of such attacks. Google will aim to work with smaller sites which do not necessarily have the money or are not fully equipped with strong enough infrastructure to the attacks. However, the Shield tool has also been made available to larger outlets, such as popular news sites and human rights platforms.

Free?

Nothing is free citizen.

Seriously, the size of some of the DDoS attempts is massive. That's a lot of bandwidth wasted, and there will be a dollar impact associated with this. What additional angle will google be targeting to make money off this?

Re:Free?

[shawn2772]

They'll probably show ads on the shielded version of the website.

From https://support.google.com/pro...

Does Project Shield place ads on content?

No, Project Shield doesn’t place ads on websites it protects.

Project Shield doesn’t change the content of your website in any way. It also doesn’t impact the ability for your website to target advertising or analyze ads-related data.

Re:Free?

[shawn2772]

Seriously, the size of some of the DDoS attempts is massive. That's a lot of bandwidth wasted, and there will be a dollar impact associated with this.

Not as much as you might think. Google has really excellent DDoS resistance systems that recognize and simply terminate a lot of DDoS connections, because DDoS traffic looks very different from normal traffic. Also, as I understand it, Google doesn't really pay for bandwidth. It peers with the various backbone providers rather than buying service from anyone. And Google obviously has enough bandwidth capacity to deal with any DDoS attack without trouble; Google's normal traffic volumes are vastly larger than even the biggest DDoS attacks. Google measures bandwidth in petabits per second.

So, the real cost is just capacity of the proxy servers used to provide project shield... but I'm sure these are the same proxy servers which are used to front all of Google's own services. They have tremendous capacity and, again, their normal workload looks much like what anyone else would see as a massive DDoS attack. My guess is that the additional load is negligible.

What additional angle will google be targeting to make money off this?

For now, it's purely altruistic, providing protection for news, human rights and election monitoring websites. If it works well for them, Google could easily turn it into a service offering for any sort of organization who wants DDoS protection. It could be a very nice business for Google, actually, since it's unlikely to add noticeable load to Google's infrastructure.

(Disclaimer: I'm a Google engineer. I've written code that runs in the proxy servers I'm sure are being used for this. However, I'm speaking for myself, not for Google, and the above contains some suppositions about how the shield system will work which may not be correct. I've deliberately avoided searching out the internal design documentation until after posting this. But I'm curious so I'm sure I'll go look later :-) )

Re:Free?

[MachineShedFred]

Or by intentionally allowing them to man-in-the-middle your site, allowing them to track and analyze every visitor, regardless of if you are using their Analytics product?

Re:Free?

[shawn2772]

What about getting to know who want to visit what website which is protected through the system?

That's a good enough reason to do it?

Google has explicitly stated that data on visitors will not be used for advertising or search purposes, and that Google will not retain any of the data beyond two weeks, and then only in aggregated form and only for the purpose of improving the shield service.

I realize that people really don't want to believe a corporation could every do anything nice, but I really don't see any room for nefarious hidden motives here (and such would be pretty out of character for Google anyway). Of course, that just seems to make people look harder and stretch further to find the diabolical plot underneath, and the further they have to stretch the more diabolical the plot they "discover".

Re: Free?

[bill_mcgonigle]

A broken WWW earns Google no money. Until we can defeat the botnet scourge, clean up reflection / amplification problems, and secure all the end points, offering stop-gap assistance may well aid their long-term revenue picture. It's perfectly rational to be nice and seek profit in the same venture.

Redirect through Google's servers

[ickleberry]

More information for them to mine, which is what they really crave. Also this just seems like another step along the way for Google to become the internet. They don't actually like the decentralised nature of the internet so they try to crush the competition by giving away free stuff for a while with the hope of getting people dependent on that service and later charging for it. What would the likes of cloudflare have to say about this?

Re:Redirect through Google's servers

[LWATCDR]

Remove tin foil hat and read the story.
"“Project Shield only uses the data we obtain (such as logs from the Project Shield servers) for DDoS mitigation and caching and to improve the Project Shield service,” the company added."
Seems like they are aware of what people might worry about and have posted a policy statement to put people at ease.

Re:Redirect through Google's servers

[shawn2772]

More information for them to mine, which is what they really crave.

From https://support.google.com/pro..., emphasis mine:

What data does Project Shield collect?

We collect traffic metadata and cached content for website traffic passed through Project Shield. This helps us detect and defend against DDoS attacks.

We also ask for your website’s configuration data — your website's origin server, domains, and subdomains — to set up Project Shield. We hold on to this for as long as you have an account with Project Shield. You can delete your Project Shield account at any time.

Data and web traffic may be processed and stored in the US or other countries.

How do you use my website and website visitors’ data?

Project Shield collects web traffic logs, and other data on how we serve your traffic, to help improve Project Shield's service and performance.

Project Shield does not collect data to improve search results or target advertising.

Does Google’s Privacy Policy apply to visitors to my website?

No. Your website’s own policies and terms of service — including how you manage user data and privacy — apply to people visiting your site, not Google’s privacy policy and terms of service.

Can people tell that I’m using Project Shield?

Yes. Domain Name System (DNS) records are public information and will show that you are pointed at Project Shield servers. When you set up Project Shield, you point your traffic at Project Shield servers. Anyone can use a public website to look up your DNS records and see what IP address or host name your website points to.

Re:Redirect through Google's servers

[shawn2772]

For now, until users get comfortable with the service. Once it gains traction they will be re-writing the terms and conditions.

Want to bet? Seriously, care to put money on that? I'll take that action in a heartbeat, assuming we can work out a way to do it.

Also just because a company has a policy, doesn't mean there isn't someone violating it behind the scenes

Pursuant to the consent decree signed after the Buzz fiasco, the Federal Trade Commission regularly audits Google to verify compliance with the terms of the decree, which includes compliance with Google's publicly-stated privacy policies. It would be very, very risky for Google to do anything to violate those terms.

Google also applies strictly-limited and closely-audited access controls on all such data, so it's virtually impossible for a "rogue" employee to do what you describe without approval from both his or her own manager, and from a separate organization that is tasked with monitoring and minimizing access. Attempting to bypass any of these controls is both very hard and is a firing offense.

(Disclosure: I'm a Google engineer. Security is my gig, not privacy, but the two overlap a bit so I see a lot of what goes on around privacy.)

Re:Redirect through Google's servers

[shawn2772]

separate organization that is tasked with monitoring and minimizing access

How about for someone already part of that organization. It would just be themselves and their manager's approval (if one is needed at all for their org, and even may be just themselves if they are the head). It all comes to the culture in the organization. I cant comment on google, but I bet these things happen even organizations with similar policies.

It's possible, though it also would surprise me if there aren't defenses in place against that... such as that the systems do not allow anyone in the access management organization to have access themselves (which pushes the question off on the managers of those systems... and I know there are many eyes positioned to watch them). In this case, though, it's hard to see why someone in such an organization would want access to data that flowed through Project Shield. You could see the ads guys wanting it, and maybe the search guys (though that's not so clear), but an employee in the access control org would have no business motive at all. It would have to be a personal motive... and they'd have to be ready to risk their job and perhaps even prosecution for it.

It's not inconceivable that data that could generate such an interest in someone who happens to be in a position to abuse it (at significant personal risk) could pass through Project Shield, but I think it's really, really unlikely. I think it's much more likely that other Google services would have data that might motivate someone to take the risk.

"Give Google visibility into who's visiting..."

[DaveyJJ]

From the engadget/Wired article ...

"To use Project Shield, a site has to give Google visibility into who's visiting -- something likely to rankle the company's privacy critics. But Google says that it'll only keep logs for two weeks, after which the data will be stored in aggregate and used to learn more about attacks. The company also notes that the data it collects won't be used in its advertising programs."

The company also notes that the data it collects won't be used in its advertising programs. [But by using Project Shield you and your agents and seven generation of your children's children agree and that we can change the Terms and Conditions of use, in a 64 page-long document of legalise, that only 1 in 100 people will ever read and/or notice, at any time.]"

Re:"Give Google visibility into who's visiting..."

[shawn2772]

But by using Project Shield you and your agents and seven generation of your children's children agree and that we can change the Terms and Conditions of use, in a 64 page-long document of legalise, that only 1 in 100 people will ever read and/or notice, at any time.]

From https://support.google.com/pro...:

Does Google’s Privacy Policy apply to visitors to my website?

No. Your website’s own policies and terms of service — including how you manage user data and privacy — apply to people visiting your site, not Google’s privacy policy and terms of service.

How does this differ from Cloudflare?

[JustAnotherOldGuy]

Does anyone know how this differs from Cloudflare?

FWIW, I'm using Cloudflare on several of my sites, and it's been extremely useful so far.

I'd love to see a comparison between Shield and Cloudflare, especially any features that one might have that the other doesn't.