Comment by ori_b
12 years ago
> Google was letting information flow between its data center completely unencrypted until last month. http://www.washingtonpost.com/business/technology/google-enc.... Last month!
Over their own private WAN. The analogy would be sending things in the clear over your LAN. [Citation: http://www.eecs.berkeley.edu/~rcs/research/google-onrc-slide...]
The likelihood miles and miles of cabling, much of it presumably leased, will be compromised is nowhere near comparable to the likelihood a normal, single-location office/home ethernet LAN will be compromised. (And if you think both are easily compromised, that only adds to my original point.)
"much of it presumably leased,"
This is a very interesting assumption
http://www.howstuffworks.com/tech-myths/5-myths-about-google...
http://www.lightreading.com/document.asp?doc_id=633236
Fiber optic links are not so easily compromised. Not without service interruption, which will raise quite a few eyebrows.
The US has submarines which are entirely designed to splice fiber optics without interruption.
They literally bring part of the cable into the sub and work on it from there.
6 replies →
http://en.wikipedia.org/wiki/Fiber_tapping
http://motherboard.vice.com/blog/undersea-cable-surveillance...
Fwiw Micheal Crighton wrote about this ("piggyback slurp") in Congo:
http://goo.gl/KSf78p
Google doesn't actually own the underwater cables though. So isn't the analogy more like sending things through a LAN in a building that you're renting?
http://gigaom.com/2008/02/25/googlenet-update-google-buys-a-...
From the link:
> Google is buying a piece of a new transpacific fiber optic cable
Only a half dozen or so companies actually own undersea fiber. It requires a huge amount of effort to lay and maintain including hundred million dollar cable ships.
Everyone (even Google) leases, or in this case buys, capacity on shared cables.
3 replies →
Do not trust that your internal networks are secure. Any links carrying business or customer data should be encrypted.
I remember over a decade ago talking with the security head of a university where I was working, about a new system design. I made some comment like "well this is all on the machine room network" and his response was "I wouldn't trust the machine room network." Pretty eye-opening since he was the person responsible for its security.
http://www.cs.uccs.edu/~xzhou/teaching/CS522/Projects/SIGCOM...
There's the actual paper google wrote. It's very good. OpenFlow is a terrific piece of technology.
Do they actually own and operate all of the wires between various datacenters? That sounds like a huge undertaking.
I doubt they own all of the links they use worldwide, but Google did go on a buying binge a few years ago, acquiring large amounts of "dark fiber". There's some discussion about that whole topic here:
http://www.howstuffworks.com/tech-myths/5-myths-about-google...
http://news.cnet.com/Google-wants-dark-fiber/2100-1034_3-553...
http://www.lightreading.com/document.asp?doc_id=633236
Assuming that the fiber end points only touch Google data centers, this would be ok, I guess.