Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Reveals Its Servers All Contain Custom Security Silicon (theregister.co.uk)

Posted by msmash on from the how-they-work dept.

Google has published an Infrastructure Security Design Overview that explains how it secures the cloud it uses for its own operations and for public cloud services. From a report on The Register: The document outlines six layers of security and reveals some interesting factoids about the Alphabet subsidiary's operations, none more so than the disclosure that: "We also design custom chips, including a hardware security chip that is currently being deployed on both servers and peripherals. These chips allow us to securely identify and authenticate legitimate Google devices at the hardware level." That silicon works alongside cryptographic signatures employed "over low-level components like the BIOS, bootloader, kernel, and base operating system image." "These signatures can be validated during each boot or update," the document says, adding that "the components are all Google-controlled, built, and hardened. With each new generation of hardware we strive to continually improve security: for example, depending on the generation of server design, we root the trust of the boot chain in either a lockable firmware chip, a microcontroller running Google-written security code, or the above mentioned Google-designed security chip."

3 of 118 comments (clear)

  1. Re:With all that security... by __aaclcg7560 · · Score: 1, Insightful

    Android is an open platform subject to cost decisions by third-party providers. Google motherboards are a closed platform with specific design goals that make it more cost effective than using generic motherboards.

  2. Re:With all that security... by __aaclcg7560 · · Score: 3, Insightful

    So, basically, what you are saying is that open platforms are inherently less secure than closed platforms?

    The design considerations are different. If you have numerous customers (cellphone providers), a cookie cutter design works better. If you have single customer (Google), a custom design works better.

  3. Re:Why is this news... by __aaclcg7560 · · Score: 3, Insightful

    Is this what passes for an entertaining story to you?

    What's entertaining is being told by fellow slashdotters that CS programs requires absolutely no knowledge of hardware — or programming. So Google is paying a CS graduate student $100K+ per year and he can't even turn on a workstation without a $40K+ help desk technician telling him how. Mind blowing.

    Because I can't help but notice you've said essentially the same thing, verbatim, on other posts.

    Then you never want to hear Guy Kawasaki give a speech. It's the same speech about developing a dog food app, the logistical problems of delivering dog food to consumers, and why no one else is rushing to deliver dog food from the Internet.