Slashdot Mirror
Google Reveals Its Servers All Contain Custom Security Silicon (theregister.co.uk)
Google has published an Infrastructure Security Design Overview that explains how it secures the cloud it uses for its own operations and for public cloud services. From a report on The Register: The document outlines six layers of security and reveals some interesting factoids about the Alphabet subsidiary's operations, none more so than the disclosure that: "We also design custom chips, including a hardware security chip that is currently being deployed on both servers and peripherals. These chips allow us to securely identify and authenticate legitimate Google devices at the hardware level." That silicon works alongside cryptographic signatures employed "over low-level components like the BIOS, bootloader, kernel, and base operating system image." "These signatures can be validated during each boot or update," the document says, adding that "the components are all Google-controlled, built, and hardened. With each new generation of hardware we strive to continually improve security: for example, depending on the generation of server design, we root the trust of the boot chain in either a lockable firmware chip, a microcontroller running Google-written security code, or the above mentioned Google-designed security chip."
It won't stop a warrant or a subpoena...
“He’s not deformed, he’s just drunk!”
Android is an open platform subject to cost decisions by third-party providers. Google motherboards are a closed platform with specific design goals that make it more cost effective than using generic motherboards.
A lot of GSAs are rebranded Dell hardware too (particularly a lot of R710s showing up on eBay recently).
Google even has a help article that tells you how to reuse one when the GSA license expires.
exactly, consumer device v. their own device. night and day.
nothing to see here - move along
This just in: Company employees will know things people outside the company don't. Film at 11!
I didn't. Know. Or work at Google.
Everything I knew about Google when I worked at Google came from the tech press. Although working in the data center gave me more hands on experience with the actual hardware, especially the $50K optical switch that in a box with two feet of foam cushion on all sides.
I'm pretty sure many companies' employees are privy to said companies trade secrets, don't you think?
The only trade secrets at Google is how much duct tape and baling wire these systems are held together with.
I should say multiple consumer devices...
nothing to see here - move along
This just in: Company employees will know things people outside the company don't.
My knowledge of Google while working at Google came from the tech press and some books.
creimer: life-pro-tip -- it's not all about you and what you know.
You're wrong. If I wasn't an asshole, I wouldn't be working in IT.
Cite*. Goddamn phone dictation.
So then provide links to where this exact information was published previously.
https://blog.codinghorror.com/building-a-computer-the-google-way/
Nothing in that article mentions anything about running custom silicon for securing their servers. It's simply a high-level spec sheet. So that doesn't actual answer the GPs question.
And yet you fail to side even a single link or book.
If you can't use Google, that's not my problem.
Any of the modern bits can not be reused they mucked about with them.
No sir I dont like it.
Your statement of "fact" is utterly false, and would be meaningless if it were true.
Mac OS X, Mac iOS, several versions of Windows, several Linux distributions each have more CVEs than Android. Android is in fact #17 on the list of most vulnerabilities (in other words, it's among the most secure popular operating systems, by CVE count).
However, counting the number of reported vulnerabilities is utterly bogus. One day we got a CVE for Linux which was essentially "by running 'ls /*/*/*/*/*/*' a local user can use up a chunk of their resource allotment. By doing so in a hundred shells at once, they can DOS themselves". That's a pretty stupid, CVE, IMHO, but okay, we put it in our database as an informational. The same day, there was a CVE for Windows remote code execution - an attacker can run whatever code they want, over the network.
So each of these is one vulnerability:
On my own Linux machine, I can use the CPU time allotted to me.
From here, I can connect to your Windows machine over the internet and delete all your stuff.
Counting those as equal would be just stupid, so "number of vulnerabilities reported" doesn't at all mean a lower count is safer. In fact, there is a significant element that is the opposite: where some software is closely inspected and any behavior that's at all interesting is documented, that system is likely safer than one where only the most egregious security holes are documented. If "omg a local user can choose to waste the resources assigned to them" is considered a vulnerability worth documenting by Linux standards, that may mean Linux is pretty safe - people are documenting even the most minor non-issues because they aren't finding b significant issues.
Translation: I'm just talking out of my ass.
I did Google it but the source information is from only a 4-day-old Google blog story.
https://cloud.google.com/secur...
So it seems your claims of this information bein published before in numerous tech posts and books was bullshit.
EE: Google Ramps Up Chip Design
http://www.eetimes.com/document.asp?doc_id=1320981
Translation: I'm just talking out of my ass.
This is Slashdot. You must be new around here.
So, basically, what you are saying is that open platforms are inherently less secure than closed platforms?
The design considerations are different. If you have numerous customers (cellphone providers), a cookie cutter design works better. If you have single customer (Google), a custom design works better.
Again, does not actually address what is mentioned in this submission. Want to try again?
So it seems your claims of this information bein published before in numerous tech posts and books was bullshit.
I'm talking about Google in general and not a specific security chip. That Google custom designing their own server platform is well known since the company was founded. A specific chip for security, artificial intelligence or machine learning doesn't surprise me at all.
So you're still an idiot with your all thinking we should be sitting around giving a fuck about the minutiae of Google servers.
I'm not an idiot. I'm an asshole. I wouldn't be working in IT if I wasn't.
So then you admit to just trolling. The "news" of this is Google providing specific details about stuff they previously had not disclosed.
A swing and a miss.
Slashdot exist to keep me amused while I'm waiting for a script to finish at work. Today is an exception as Martin Luther King Day is a federal holiday and I'm not at work. I'm waiting to stop being hungover from the weekend so I can get on with my day.
But he didn't know about this. Below he admits he was basically just trolling
Cool story, brah. Care to tell us more boring things about your life?
So then you admit to just trolling.
Nope. Nowhere did I mentioned a certain illegitimate president-elect and my signature block is clearly marked as troll bait.
Care to tell us more boring things about your life?
When I worked the Google IT help desk, I had to walk a Stanford CS graduate through the process of turning on his own workstation because cubicle farms don't have someone standing around to turn on workstations as they do in the university computer labs.
Below he admits he was basically just trolling
As I pointed out in another comment, I did not. If I was trolling, we would be talking politics.
Sorry to tell you, but she was already impeached.
Om, nomnomnom...
I wonder how much of this is a reaction to Snowden's leaks about NSA hacking. Seems like this sort of thing is designed specifically to deal with the kind of attacks they use, installing bugs in physical hardware or adding malware to low level firmware.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Is this what passes for an entertaining story to you?
What's entertaining is being told by fellow slashdotters that CS programs requires absolutely no knowledge of hardware — or programming. So Google is paying a CS graduate student $100K+ per year and he can't even turn on a workstation without a $40K+ help desk technician telling him how. Mind blowing.
Because I can't help but notice you've said essentially the same thing, verbatim, on other posts.
Then you never want to hear Guy Kawasaki give a speech. It's the same speech about developing a dog food app, the logistical problems of delivering dog food to consumers, and why no one else is rushing to deliver dog food from the Internet.
Actually the exact same source cited by your Bleeping Computer article.
https://www.cvedetails.com/top...
Which is largely a list of "most popular software", of course. The numbers in that list are approximately meaningless.
I wonder how much of this is a reaction to Snowden's leaks about NSA hacking. Seems like this sort of thing is designed specifically to deal with the kind of attacks they use, installing bugs in physical hardware or adding malware to low level firmware.
When I worked at Google in 2008, IT found Chinese backdoors in the firmware for Lenovo laptops. When I was at Google in 2011, all the Lenovo laptops got replaced with Apple laptops.
That's interesting, because most of the open source security community loves Lenovo laptops as it is easy to install custom, secure firmware. Basically Libreboot plus a new boot ROM that verifies its signature.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Some hardware manufacturers seem to be doing so for quite some time, for various reasons. For example Cisco has been equipping its routers with such chips for many years:
http://www.cisco.com/c/en/us/p...
They have a whole process for securely booting such devices:
http://www.cisco.com/c/en/us/a...
Given increasing numbers of counterfeit manufactured devices and NSA tricks this is likely going to become more widespread.
Those numbers for malicious and questionable apps are interesting, thanks.
For servers, you can keep the hardware security modules updated. For a phone you're stuck with the chips you shipped with. Custom hardware is too expensive for mass market products but is very feasible for in-house use. Even decent commercial HSMs can cost $500 or more.
That's interesting, because most of the open source security community loves Lenovo laptops as it is easy to install custom, secure firmware.
I'm not sure if replacing the BIOS was an option in 2008. When I tested wireless 11ac cards at Cisco in 2013, I had to reflash Lenovo laptops with unlocked BIOSes to get the cards to work. I found those unlocked BIOSes in a pretty shady part of the Internet.
That's interesting, because Lenovo laptops were available the entire time at Google between 2006-2014 at least. Maybe you worked for a different Google?
I did the BIOS mod to unlock the wireless on mine too. Rather than download a BIOS I just followed the instructions to hex edit the list of approved cards to include the VID/PID pair of the one I wanted to use.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
He does. Because it's his only story. Nothing else that has ever happened to him has been the least bit interesting, even in passing.
I know many stories. I'm getting ready to write my memoirs as a virtual ditch digger in Silicon Valley.
...and not even read the article before saying that you "designing" something doesn't mean you're also "manufacturing" it. What you design might be really cool but take into account (no pun) who is actually implementing that design for you and how those "tests" are going to pan out. Media releases of "we're so safe and on top" don't work anymore. Wait, yeah they do. Just like the evening news, they give people things to talk about around the water cooler.
Good work with those designs!!!
It could just be a TPM chip that has been programmed to allow the functions mentioned. Many mother boards have a reserved socket for a tpm chip.
Leslie Satenstein Montreal Quebec Canada
Sometimes there are tpm type chips that work as follows:
Manufacturer creates the chip and it's OS and access code and turns it over to the vendor.
Vendor creates his access code and destroys the Manufacturer's access code. The manufacturer cannot access the vendor code.
The vendor prepares the software that is required, for the end-user and seals it with his password, he can, if he deems it necessary destroy his code
The end-user can have controlled access to the tpm type device's contents.
The chip can be programmed so that 3 bad access attempts destroys all future access.
Now, use the chip contents to checksum the bios, and some critical security software. If the result is OK, life goes on.
Leslie Satenstein Montreal Quebec Canada
Maybe you worked for a different Google?
IT help desk in 2007-08 and data center in 2011. I had an interview in 2014 for kiting out the camera cars but I didn't make it to the second round of interviews. In 2011 and 2014, I only saw Apple laptops being used by the engineers.