designed in house is half of the story
Where is it manufactured? I can bet it is TSMC so Google is not actually in 100% control over it.
How is the fact that the silicon matches the design verified?
Google has unveiled more details about how security built into its custom silicon chips underpins the integrity of its servers and cloud-based services. A blog post details how Google's custom Titan chip provides a hardware-verified boot and end-to-end authenticated root of trust for the internet giant's computing workhorses …
You don't do chips, do you?
TSMC has several modes of operation. One where you pass off RTL to them and they do the synthesis, P&R, etc. This is the "handholding for newbie startups" mode. TSMC could, if it desired, change your logic and hide it from you since they also design the test patterns.
The other mode is where they take GDS2 (geometric trapezoids) and hand you back silicon. This is the one that serious companies use. In this case TSMC is practically locked out since they'd have to decompile the GDS, make changes, and hope like h*ll that they didn't change the test patterns you've already generated. The odds of this are infinitesimal on any practically sized SoC.
I expect Google is a serious company, with serious money to spend given that they are going to this extent for security so TSMC isn't a practical attack vector. Your better bet would be to corrupt one of Google's IP suppliers and try to inject a vulnerability there. I seriously doubt Google is designing the microcontroller, for example, so that's where I'd start if I wanted to corrupt this sequence, although you could do it on any of several IP blocks they use.
Anonymizing collected data from users and selling it to advertisiers (yes, you are the important bit), is done by pretty much all major companies now, on a scale that you cannot even begin to imagine. It's far from just Google, although they're one of the originals, so you hope they've perfected a lot of the security side. The real evil, underhand basterds in all this though are Microsoft. Win10 is their data collection machine, so they damn well want to get it onto as many machines as possible. Sure, it's secure - secure from everyone else except MS themselves. They'll suck you dry.
Intel CPUs support all the same - we just don't boot directly into signed code with the full root of trust. But they can do that, if you want. Apple's SoCs do the same, and I'll bet Qualcomm's SoCs support it as well though like Intel CPUs probably the OEMs don't take full advantage of it.
Now if there's no way to turn it off then they'd have bit of a leg up on others, but that makes testing a lot bigger pain in the ass. Otherwise requiring a signed bootloader and up doesn't guarantee perfect security, as the holes found that allow jailbreaking on iPhones demonstrate.
Can you provide me with detailed instructions on how I can stop you from acquiring all sorts of information about me, my family and my friends?
Well [redacted] off! I do not want to help you make money on the data that I never agreed for you to have.
Yours Anonymous Google hater.
"You don't want Google to do that? Fine, no problem, all you have to do is never use Google, Chrome, Android or YouTube ever again. "
I can certainly try to do that, but there are way too many sites which use googleapis, googlefonts and the like to display their own content.
You're going to have to switch tack. Google may be the symbol of the problem, but no way in hell are they the ones you should worry most about. There are things out there that have developed tech to pierce Chrome's Incognito mode, and they aren't Google. Even bringing Google down may only make things worse.
Users have basically lost control of their apps/browser. You have no idea who it's visiting, what it's giving others, where they are, or who they're working with. Every time an app/extension is installed, you individualise, and become more identifiable, and your attack surface increases.
You wanted detailed instructions? To lie to your enemies, you'll need to lie to your browser, about the machine it's on, the timezone, the time, the clockdrift of your PC, your history, your latency, your network topology, your bandwidth and packetloss, your hardware media acceleration, etc.
And you need to tell a different lie-set for every separate site you told a Truth to. There. This is the true depth of the swamp you live in with Google. But Google didn't make this swamp, and it won't go away when you kill them.
This is the true depth of the swamp you live in with Google. But Google didn't make this swamp, and it won't go away when you kill them. ..... Daggerchild
Google provides dark crafts and SMARTR weapons and blunt tools for Swamp RATs. ....... whether they want to or not. 'Tis the nature of the beast they feed and seed with novel ventures and zeroday vulnerability exploit opportunities.
Until the bug is in the ROM code. The i.MX7 does this, but a bug in the ROM means that any firmware can be booted if the firmware image has a malicious cert.
But otherwise, it's a great idea. The chip can have certificate hashes burned into it, and then to boot the firmware, it has to have a signed cert. Once the firmware is booted, the Linux kernel is checked to make sure it is signed. Once that's done, it all boots normally.
Mind you, none of this prevents evil behaviour on Google's, or any other company's, part. It just means that a rootkit will be harder to plant on the machines.
I did microprocessor validation at AMD & IBM. Verifying that the Si matches the gates matches the design is a solved problem. You can use formal methods down to the gates. And when the Si comes back, you actually cut some of them up if necessary. But in general, you don't. Cycle accurate simulators are required for serious designs, and you can compare results. This can be quite difficult on a full CPU, but on a boot processor--I expect that making this step easy is one of the design criteria.
I'll make an effort to dig a little deeper and compare/contrast what Google is implementing with the TPM invented by IBM in ~2002ish, but I'm guardedly confident that the deltas won't be too much. That TPM chip (the HW implementation) is licensed to and implemented by many, many OEMs.
The only real story then would be that Google is rolling their own version of a TPM.
If I'm wrong, please let me know where I've fallen short and I'll thank folks in advance for any corrections or clarifications.
"We harden our architecture at multiple layers, with components that include Google-designed hardware, a Google-controlled firmware stack, Google-curated OS images, a Google-hardened hypervisor, as well as data center physical security and services," the team of senior Google techies explain.
A Leading AI Question would encourage Fabless Answers to …. To what Ultimate End and NEUKlearer HyperRadioProACTive Beginning?
Is Google expanding Universal Search to Spin and Span Perfectly Timed Novel Content, for AI to Supply for Heavenly Product Placements in Future Builder Live Operational Virtual Environments ….. You can be assured such is easily possible with myriad stable and secure platforms and planforms already performing spectacularly.
Does anyone know if/where there is a point in discovery where search is realised as being irrelevant and unnecessary when fundamental immaculate truths are sought and found. The task then evolves and transforms into passionate supply for mass media sharing.
And that is, and with IT charged and overflowing with Supplies, can be your future taken care of too …….. and all shared online in plain text for easy foreign translation of paths taken and obstacles avoided and/or overcome.
DeepMind Territory methinks, and an APT Space where more details of the above is not unknown, for the seeds of its growth are already sown there with wonderful words drawing pictures with alphabets.
Here's looking at you too, Elon Musk ....... https://www.rt.com/usa/401052-elon-musk-neuralink-funding/
I Script Kid Not, I Kid U Not.
Just imagine the danger in connecting a WrongUn Mind to computer networks. Ye Olde PEBKAC Conundrum re-imagined and re-engineered to server Problems Exist Before Minds Alter Matters.
Intel TXT, AMD similar stuff and now Google. However, what they promote, and even in metal, is just a promise not TESTED solution. Had anybody seem these big guys ever mentioned any testing against root-kit hypervisor/malicious hypervisor?
Yes, correct, whatever is in their firmware is BIG question. Russians found a hypervisor acting from Intel BMC BIOS management software actually working as nested hypervisor with the user own hypervisor. . That happened around 2008 ... Intel never commented on that. How many such hypervisors for silent collection of all and any information from system management level had been installed around the globe?
System management software is claimed by vendors (Intel, AMD, etc.) always as proprietary and they are not going to release the code. But, we all depend on its quality and what they EMBEDDED in. Can we trust guys? I do not think so. System management software should be publicly disclosed.
Except you can never be certain there isn't a hypervisor BEHIND the hypervisor. Turtles all the way down and all... ..... Anonymous Coward
There are always superhypervisors behind hypervisors, AC ..... SMARTR Monitors Mentoring Memes with and for Fabless Command and Control for Earthly Power with Cosmic Energy????
Things nowadays certainly aren't like they used to be, with only a Chosen Few able to direct and effect future travel plans to selected choice prime destinations without competition.
And what if there's an ULTRAhypervisor behind the superhypervisor. Still haven't solved the Turtles All The Way Down problem. .... Anonymous Coward
At that stage, AC, there is no problem to solve. The fields before you are Virgin See and Novel LandScapes on which you deliver Perfect Product with Private Pirate Supply of Heavenly Goods.