4 members / 168 guests (24 hours)
$0.00 (0.00%)
High: $0.00
Low: $0.00
Volume: 0


Our fund raising round was not successful.  As a result, IDB will be going off line and into cold storage.  If our competitors should stumble, I may re-active the site in the future but for now, we're turning out the lights.

I had planned to go off-line on April 4th.  Due to some important and unplanned changes in our maintenance schedule, I am now bumping that up to next Tuesday morning, March 27th, 2018.  PM 'admin' if you need to reach me. 

You should use the next 5 days to find a new home for your community.

Running IDB has been fun over the years and I hope you enjoyed your time here as well.  Sincerely,  Paul

P.S. News on IDB Funding -- this is now on it's own page to clean up the site a bit.

Recapping Google Next '17: Making Security Seamless



In a world in which not a day goes by without another massive data breach or government hacking revelation, it was noteworthy to see how much Google emphasized security at its Next ’17 cloud conference this month, making it an ever-present theme throughout its keynotes and product announcements. From the physical security of its data centers to its custom Titan TPM chip and its army of security engineers on through its customer-facing solutions like instant two factor authentication, new testing tools and its new DLP API, Google made security, specifically seamless security, a center point of its conference.

Cybersecurity starts with physical security and Google appears to have made heavy investments here. In addition to the myriad surveillance cameras, motion sensors and iris scanners Google has previously touted (along with metal detectors to ensure equipment does not leave the data center floor without authorization), Google added that a single one of its data centers employs more than 175 physical security guards. This is on top of the more than 700 security engineers employed by the company to secure its products and networks.


Servers in its data centers are stripped to the bare number of essential parts, both to reduce cost and power/cooling requirements, but also to minimize the number of potential physical attack vectors, such as rogue chipsets. In an email, Google noted that it purpose-builds its own hardware systems both to ensure maximal performance and to “guarantee the heritage” of its equipment, offering it full visibility into its global supply chain and where each piece of each of its systems came from and the hands it passed through.


To add even greater physical security to its systems, Google unveiled at Next a custom Google-designed Trusted Platform Module called Titan. While the company revealed few details about the chip’s technical specifications, it responded by email that “Titan authenticates software installed on hardware, including BIOS software. It sits between ROM and RAM and authenticates each boot-up and each new BIOS install. Titan contains a Random number generator, Crypto engine and Monotonic counter. The latter makes log tampering evident. Each Titan chip is fused with an inventory tracker number.”

Of course, even the most hardened data center infrastructure can be undone by user complacence (using the same password across many sites), sloppiness (simplistic passwords), ignorance (blindly handing passwords over in a phishing attack) and error (typing a password in the wrong box and mistakenly posting it to Twitter). Just as it has expended immense effort physically securing its data centers, Google has also invested heavily in securing the connection between its own employees and those data centers. While even some of the biggest Silicon Valley companies still rely on VPNs to connect remote employee laptops to the corporate network and make them “trusted” nodes, Google has gone entirely the opposite direction, treating networks as untrusted and focusing instead on authenticating users at the application level through efforts like BeyondCorp (the externalization of its own zero trust network model). Tools like Cloud Identity-Aware Proxy make it relatively trivial for corporate administrators to build applications that trust users rather than networks.


continued at link