Google Reveals Its Servers All Contain Custom Security Silicon (theregister.co.uk) 118
Google has published an Infrastructure Security Design Overview that explains how it secures the cloud it uses for its own operations and for public cloud services. From a report on The Register: The document outlines six layers of security and reveals some interesting factoids about the Alphabet subsidiary's operations, none more so than the disclosure that: "We also design custom chips, including a hardware security chip that is currently being deployed on both servers and peripherals. These chips allow us to securely identify and authenticate legitimate Google devices at the hardware level." That silicon works alongside cryptographic signatures employed "over low-level components like the BIOS, bootloader, kernel, and base operating system image." "These signatures can be validated during each boot or update," the document says, adding that "the components are all Google-controlled, built, and hardened. With each new generation of hardware we strive to continually improve security: for example, depending on the generation of server design, we root the trust of the boot chain in either a lockable firmware chip, a microcontroller running Google-written security code, or the above mentioned Google-designed security chip."
Nice, but (Score:1, Troll)
It won't stop a warrant or a subpoena...
Re: (Score:2)
They presumably try do peer reviews on security software to reduce the chance of sabotaged code from getting through.
Re: Nice, but (Score:2)
how new can you get?
Re: (Score:1)
Protecting the data is part of the show.
Re: (Score:1)
But it is not obvious! e.g. I never even thought about subpoenas! /.
Lets see what else these security chips won't stop:
-tsunamis
-AGW
-taxes
-celestial mechanics
-progress
-bad comments on
etc, ad infnum et nauseam.
Now the question is - why would we even want these chips to stop subpoenas?
Or poenas proper, for that matter.
Re: Nice, but (Score:2)
Re: (Score:2, Insightful)
Re: (Score:1)
Re: (Score:1)
Re:With all that security... (Score:4, Insightful)
So, basically, what you are saying is that open platforms are inherently less secure than closed platforms?
The design considerations are different. If you have numerous customers (cellphone providers), a cookie cutter design works better. If you have single customer (Google), a custom design works better.
Re: (Score:3)
I wonder how much of this is a reaction to Snowden's leaks about NSA hacking. Seems like this sort of thing is designed specifically to deal with the kind of attacks they use, installing bugs in physical hardware or adding malware to low level firmware.
Re: (Score:3)
I wonder how much of this is a reaction to Snowden's leaks about NSA hacking. Seems like this sort of thing is designed specifically to deal with the kind of attacks they use, installing bugs in physical hardware or adding malware to low level firmware.
When I worked at Google in 2008, IT found Chinese backdoors in the firmware for Lenovo laptops. When I was at Google in 2011, all the Lenovo laptops got replaced with Apple laptops.
Re: (Score:3)
That's interesting, because most of the open source security community loves Lenovo laptops as it is easy to install custom, secure firmware. Basically Libreboot plus a new boot ROM that verifies its signature.
Re: (Score:2)
That's interesting, because most of the open source security community loves Lenovo laptops as it is easy to install custom, secure firmware.
I'm not sure if replacing the BIOS was an option in 2008. When I tested wireless 11ac cards at Cisco in 2013, I had to reflash Lenovo laptops with unlocked BIOSes to get the cards to work. I found those unlocked BIOSes in a pretty shady part of the Internet.
Re: (Score:3)
I did the BIOS mod to unlock the wireless on mine too. Rather than download a BIOS I just followed the instructions to hex edit the list of approved cards to include the VID/PID pair of the one I wanted to use.
Re: (Score:1)
That's interesting, because Lenovo laptops were available the entire time at Google between 2006-2014 at least. Maybe you worked for a different Google?
Re: (Score:2)
Maybe you worked for a different Google?
IT help desk in 2007-08 and data center in 2011. I had an interview in 2014 for kiting out the camera cars but I didn't make it to the second round of interviews. In 2011 and 2014, I only saw Apple laptops being used by the engineers.
Re: (Score:2)
For servers, you can keep the hardware security modules updated. For a phone you're stuck with the chips you shipped with. Custom hardware is too expensive for mass market products but is very feasible for in-house use. Even decent commercial HSMs can cost $500 or more.
Re: (Score:2)
It could just be a TPM chip that has been programmed to allow the functions mentioned. Many mother boards have a reserved socket for a tpm chip.
Re: (Score:2)
Sometimes there are tpm type chips that work as follows:
Manufacturer creates the chip and it's OS and access code and turns it over to the vendor.
Vendor creates his access code and destroys the Manufacturer's access code. The manufacturer cannot access the vendor code.
The vendor prepares the software that is required, for the end-user and seals it with his password, he can, if he deems it necessary destroy his code
The end-user can have controlled access to the tpm type device's contents.
The chip can be pro
Neither true nor meaningful (Score:3)
Your statement of "fact" is utterly false, and would be meaningless if it were true.
Mac OS X, Mac iOS, several versions of Windows, several Linux distributions each have more CVEs than Android. Android is in fact #17 on the list of most vulnerabilities (in other words, it's among the most secure popular operating systems, by CVE count).
However, counting the number of reported vulnerabilities is utterly bogus. One day we got a CVE for Linux which was essentially "by running 'ls /*/*/*/*/*/*' a local user c
Re: (Score:3)
An example... the very first thing listed on your source.
1 CVE-2016-7991 388 2016-10-31 2016-12-02 7.8 None Remote Low Not required None Complete None
On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542.#
Is that a problem with
The same primary source your article cites (Score:2)
Actually the exact same source cited by your Bleeping Computer article.
https://www.cvedetails.com/top... [cvedetails.com]
Which is largely a list of "most popular software", of course. The numbers in that list are approximately meaningless.
Re: (Score:3)
As RayMorris replied previously, bleeping computer uses https://www.cvedetails.com/top... [cvedetails.com] as their source.
yes Android had the most CVEs for 2016, but in previous years it was nowhere near as bad, to an alltime placement of 17th.
So you are both right. depending on how you look at the numbers. now, if you look at "total number of vulnerabilites" that the GP said, yeah not even close Raymorris is right for "total number" for ones discovered in 2016, yeah. but look at 2015... or 2014... it was a bad year.
Re: (Score:2)
http://www.cvedetails.com/top-... [cvedetails.com]
Android may be #17 on this all time list but Sun Solaris is also on the list... Last year (2016) Android was #1 for the most new vulnerabilities. Sadly a lot of lower end android phones never or rarely get updates.
from symantec
In 2014, Symantec found that 17 percent of all Android apps (nearly one million total) were actually malware indisguise. Additionally, grayware apps, which aren’t malicious by design but do annoying and inadvertently harmful things like track user behavior, accounted for 36 percent of all mobile apps.
https://www.symantec.com/conte... [symantec.com]
Those are interesting numbers (Score:2)
Those numbers for malicious and questionable apps are interesting, thanks.
Re: (Score:2)
I thought it was interesting as well since it account for over 50% of apps. The Grayware apps sounds like spyware/adware.
Re: (Score:2)
Most of the Android vulnerabilities only affect small ranges of versions, and older devices that don't get updates might fare better than you think!
Re: (Score:3, Interesting)
Google even has a help article [google.com] that tells you how to reuse one when the GSA license expires.
Re: (Score:2)
Any of the modern bits can not be reused they mucked about with them.
Why is this news... (Score:1)
Re: (Score:1)
But he didn't know about this. Below he admits he was basically just trolling
Re: (Score:2)
Below he admits he was basically just trolling
As I pointed out in another comment, I did not. If I was trolling, we would be talking politics.
Re: (Score:2)
I didn't. Know. Or work at Google.
Everything I knew about Google when I worked at Google came from the tech press. Although working in the data center gave me more hands on experience with the actual hardware, especially the $50K optical switch that in a box with two feet of foam cushion on all sides.
I'm pretty sure many companies' employees are privy to said companies trade secrets, don't you think?
The only trade secrets at Google is how much duct tape and baling wire these systems are held together with.
Re: (Score:3)
So then provide links to where this exact information was published previously.
https://blog.codinghorror.com/building-a-computer-the-google-way/ [codinghorror.com]
Re: (Score:1)
Nothing in that article mentions anything about running custom silicon for securing their servers. It's simply a high-level spec sheet. So that doesn't actual answer the GPs question.
Re: (Score:2)
EE: Google Ramps Up Chip Design
http://www.eetimes.com/document.asp?doc_id=1320981 [eetimes.com]
Re: (Score:1)
Again, does not actually address what is mentioned in this submission. Want to try again?
Re: (Score:3)
creimer: life-pro-tip -- it's not all about you and what you know.
You're wrong. If I wasn't an asshole, I wouldn't be working in IT.
Re: (Score:1)
This just in: Company employees will know things people outside the company don't. Film at 11!
Re: (Score:2)
This just in: Company employees will know things people outside the company don't.
My knowledge of Google while working at Google came from the tech press and some books.
Re: (Score:1, Funny)
Cite*. Goddamn phone dictation.
Re: (Score:2)
And yet you fail to side even a single link or book.
If you can't use Google, that's not my problem.
Re: (Score:1)
Translation: I'm just talking out of my ass.
Re: (Score:2)
Translation: I'm just talking out of my ass.
This is Slashdot. You must be new around here.
Re:Why is this news... (Score:2)
A swing and a miss.
Slashdot exist to keep me amused while I'm waiting for a script to finish at work. Today is an exception as Martin Luther King Day is a federal holiday and I'm not at work. I'm waiting to stop being hungover from the weekend so I can get on with my day.
Re: (Score:1)
Cool story, brah. Care to tell us more boring things about your life?
Re: (Score:2)
Care to tell us more boring things about your life?
When I worked the Google IT help desk, I had to walk a Stanford CS graduate through the process of turning on his own workstation because cubicle farms don't have someone standing around to turn on workstations as they do in the university computer labs.
Re:Why is this news... (Score:4, Insightful)
Is this what passes for an entertaining story to you?
What's entertaining is being told by fellow slashdotters that CS programs requires absolutely no knowledge of hardware — or programming. So Google is paying a CS graduate student $100K+ per year and he can't even turn on a workstation without a $40K+ help desk technician telling him how. Mind blowing.
Because I can't help but notice you've said essentially the same thing, verbatim, on other posts.
Then you never want to hear Guy Kawasaki give a speech. It's the same speech about developing a dog food app, the logistical problems of delivering dog food to consumers, and why no one else is rushing to deliver dog food from the Internet.
Re: (Score:2)
He does. Because it's his only story. Nothing else that has ever happened to him has been the least bit interesting, even in passing.
I know many stories. I'm getting ready to write my memoirs as a virtual ditch digger in Silicon Valley.
Re: (Score:1)
I did Google it but the source information is from only a 4-day-old Google blog story.
https://cloud.google.com/secur... [google.com]
So it seems your claims of this information bein published before in numerous tech posts and books was bullshit.
Re: (Score:2)
So it seems your claims of this information bein published before in numerous tech posts and books was bullshit.
I'm talking about Google in general and not a specific security chip. That Google custom designing their own server platform is well known since the company was founded. A specific chip for security, artificial intelligence or machine learning doesn't surprise me at all.
Re: (Score:1)
So then you admit to just trolling. The "news" of this is Google providing specific details about stuff they previously had not disclosed.
Re: (Score:2)
So then you admit to just trolling.
Nope. Nowhere did I mentioned a certain illegitimate president-elect and my signature block is clearly marked as troll bait.
Re: (Score:2)
Sorry to tell you, but she was already impeached. [cnn.com]
Re: (Score:2)
So you're still an idiot with your all thinking we should be sitting around giving a fuck about the minutiae of Google servers.
I'm not an idiot. I'm an asshole. I wouldn't be working in IT if I wasn't.
Used by others for years (Score:3)
Some hardware manufacturers seem to be doing so for quite some time, for various reasons. For example Cisco has been equipping its routers with such chips for many years:
http://www.cisco.com/c/en/us/p... [cisco.com]
They have a whole process for securely booting such devices:
http://www.cisco.com/c/en/us/a... [cisco.com]
Given increasing numbers of counterfeit manufactured devices and NSA tricks this is likely going to become more widespread.
Re: (Score:1)
Some hardware manufacturers seem to be doing so for quite some time, for various reasons.
"various reasons" is the real story: they implemented exclusion of counterfeit hardware _before_ they implemented secure boot. I wouldn't trust the secure boot stuff to be much good because clearly their motivation is shutting down counterfeit modules so they get paid, not security. I would expect by extrapolation the "secure" boot stuff is mostly license enforcement, not response to NSA.
That would be another thing to ask Google: do your security promises hold up if all your network gear from American ve
I'll just stop right here... (Score:2)
...and not even read the article before saying that you "designing" something doesn't mean you're also "manufacturing" it. What you design might be really cool but take into account (no pun) who is actually implementing that design for you and how those "tests" are going to pan out. Media releases of "we're so safe and on top" don't work anymore. Wait, yeah they do. Just like the evening news, they give people things to talk about around the water cooler.
Good work with those designs!!!