Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Reveals Its Servers All Contain Custom Security Silicon (theregister.co.uk)

Posted by msmash on from the how-they-work dept.

Google has published an Infrastructure Security Design Overview that explains how it secures the cloud it uses for its own operations and for public cloud services. From a report on The Register: The document outlines six layers of security and reveals some interesting factoids about the Alphabet subsidiary's operations, none more so than the disclosure that: "We also design custom chips, including a hardware security chip that is currently being deployed on both servers and peripherals. These chips allow us to securely identify and authenticate legitimate Google devices at the hardware level." That silicon works alongside cryptographic signatures employed "over low-level components like the BIOS, bootloader, kernel, and base operating system image." "These signatures can be validated during each boot or update," the document says, adding that "the components are all Google-controlled, built, and hardened. With each new generation of hardware we strive to continually improve security: for example, depending on the generation of server design, we root the trust of the boot chain in either a lockable firmware chip, a microcontroller running Google-written security code, or the above mentioned Google-designed security chip."

13 of 118 comments (clear)

  1. Re:This has been the case for 10 years, at least by yakatz · · Score: 2, Interesting

    A lot of GSAs are rebranded Dell hardware too (particularly a lot of R710s showing up on eBay recently).
    Google even has a help article that tells you how to reuse one when the GSA license expires.

  2. Re:Why is this news... by __aaclcg7560 · · Score: 2

    creimer: life-pro-tip -- it's not all about you and what you know.

    You're wrong. If I wasn't an asshole, I wouldn't be working in IT.

  3. Re:Why is this news... by __aaclcg7560 · · Score: 2

    So then provide links to where this exact information was published previously.

    https://blog.codinghorror.com/building-a-computer-the-google-way/

  4. Neither true nor meaningful by raymorris · · Score: 2

    Your statement of "fact" is utterly false, and would be meaningless if it were true.

    Mac OS X, Mac iOS, several versions of Windows, several Linux distributions each have more CVEs than Android. Android is in fact #17 on the list of most vulnerabilities (in other words, it's among the most secure popular operating systems, by CVE count).

    However, counting the number of reported vulnerabilities is utterly bogus. One day we got a CVE for Linux which was essentially "by running 'ls /*/*/*/*/*/*' a local user can use up a chunk of their resource allotment. By doing so in a hundred shells at once, they can DOS themselves". That's a pretty stupid, CVE, IMHO, but okay, we put it in our database as an informational. The same day, there was a CVE for Windows remote code execution - an attacker can run whatever code they want, over the network.

    So each of these is one vulnerability:

    On my own Linux machine, I can use the CPU time allotted to me.

    From here, I can connect to your Windows machine over the internet and delete all your stuff.

    Counting those as equal would be just stupid, so "number of vulnerabilities reported" doesn't at all mean a lower count is safer. In fact, there is a significant element that is the opposite: where some software is closely inspected and any behavior that's at all interesting is documented, that system is likely safer than one where only the most egregious security holes are documented. If "omg a local user can choose to waste the resources assigned to them" is considered a vulnerability worth documenting by Linux standards, that may mean Linux is pretty safe - people are documenting even the most minor non-issues because they aren't finding b significant issues.

    1. Re: Neither true nor meaningful by fullmetal55 · · Score: 2

      As RayMorris replied previously, bleeping computer uses https://www.cvedetails.com/top... as their source.

      yes Android had the most CVEs for 2016, but in previous years it was nowhere near as bad, to an alltime placement of 17th.

      So you are both right. depending on how you look at the numbers. now, if you look at "total number of vulnerabilites" that the GP said, yeah not even close Raymorris is right for "total number" for ones discovered in 2016, yeah. but look at 2015... or 2014... it was a bad year.

    2. Re: Neither true nor meaningful by Goose+In+Orbit · · Score: 2

      An example... the very first thing listed on your source.

      1 CVE-2016-7991 388 2016-10-31 2016-12-02 7.8 None Remote Low Not required None Complete None
      On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542.#

      Is that a problem with Android as a whole? No.
      Is it Samsung fucking up some part of their SMS implementation that happens to run on Android? Yes.

  5. Re:With all that security... by __aaclcg7560 · · Score: 3, Insightful

    So, basically, what you are saying is that open platforms are inherently less secure than closed platforms?

    The design considerations are different. If you have numerous customers (cellphone providers), a cookie cutter design works better. If you have single customer (Google), a custom design works better.

  6. Re:With all that security... by AmiMoJo · · Score: 2

    I wonder how much of this is a reaction to Snowden's leaks about NSA hacking. Seems like this sort of thing is designed specifically to deal with the kind of attacks they use, installing bugs in physical hardware or adding malware to low level firmware.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  7. Re:Why is this news... by __aaclcg7560 · · Score: 3, Insightful

    Is this what passes for an entertaining story to you?

    What's entertaining is being told by fellow slashdotters that CS programs requires absolutely no knowledge of hardware — or programming. So Google is paying a CS graduate student $100K+ per year and he can't even turn on a workstation without a $40K+ help desk technician telling him how. Mind blowing.

    Because I can't help but notice you've said essentially the same thing, verbatim, on other posts.

    Then you never want to hear Guy Kawasaki give a speech. It's the same speech about developing a dog food app, the logistical problems of delivering dog food to consumers, and why no one else is rushing to deliver dog food from the Internet.

  8. Re:With all that security... by __aaclcg7560 · · Score: 2

    I wonder how much of this is a reaction to Snowden's leaks about NSA hacking. Seems like this sort of thing is designed specifically to deal with the kind of attacks they use, installing bugs in physical hardware or adding malware to low level firmware.

    When I worked at Google in 2008, IT found Chinese backdoors in the firmware for Lenovo laptops. When I was at Google in 2011, all the Lenovo laptops got replaced with Apple laptops.

  9. Re:With all that security... by AmiMoJo · · Score: 2

    That's interesting, because most of the open source security community loves Lenovo laptops as it is easy to install custom, secure firmware. Basically Libreboot plus a new boot ROM that verifies its signature.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  10. Used by others for years by Moskit · · Score: 2

    Some hardware manufacturers seem to be doing so for quite some time, for various reasons. For example Cisco has been equipping its routers with such chips for many years:
    http://www.cisco.com/c/en/us/p...

    They have a whole process for securely booting such devices:
    http://www.cisco.com/c/en/us/a...

    Given increasing numbers of counterfeit manufactured devices and NSA tricks this is likely going to become more widespread.

  11. Re:With all that security... by AmiMoJo · · Score: 2

    I did the BIOS mod to unlock the wireless on mine too. Rather than download a BIOS I just followed the instructions to hex edit the list of approved cards to include the VID/PID pair of the one I wanted to use.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC