
Report: Apple building its own servers to prevent snooping - dankohn1
http://9to5mac.com/2016/03/23/apple-cloud-infrastructure-servers-snooping/
======
ryao
Apple might want to talk to IBM about OpenPOWER. The POWER8 chips and chipsets
lack known internal micro controllers that have their own flash unlike Intel's
chips that have the Intel management engine. Consequently, there is nothing
there to flash with malware. Also, all of the system firmware is open source.
That is the motivation behind the Talos workstation board, provided that they
get enough interest for an initial run:

[https://raptorengineeringinc.com/TALOS/prerelease.php](https://raptorengineeringinc.com/TALOS/prerelease.php)

If Apple is concerned about tampering enroute, they could have the flash chips
for the system firmware provided separately by a trusted party and transported
like a bank shipment. Then flash and install them at the datacenter. That
should thwart adversaries who cannot do their own manufacturing runs of
modified versions of the chips, which is just about everyone. I guess the
manufacturer/fabrication plant could do a custom compromised chip, but given
that the costs involved are prohibitive, I doubt that would happen.

Apple could do the same with the firmware and flash for every other component
in their datacenter that has a microprocessor such as the hard drives, the
NICs, etcetera. They are large enough that part manufacturers would likely
turn over the source code for their firmware in order to secure their business
along with anything else that they need/want.

~~~
bogomipz
Doesn't the management engine exist as part of the BIOS on the same NAND?
Couldn't Apple simply have Intel give them a custom BIOS that is signed?

~~~
pgeorgi
Groups more powerful than Apple tried to convince Intel to give them the
opportunity to run only their own custom code on those Intel-signed areas of
the processors they buy. What seems possible is running code on top of and in
addition to the existing system, see CompuTrace.

This isn't "simple" except perhaps for some US (and US only, by virtue of
Intel being head-quartered there) agency with huge procurement budgets and
persuasive legal instruments, and I'd expect push-back even then.

~~~
ryao
Why would they need to convince Intel when they could infiltrate them for what
they want?

~~~
pgeorgi
If you infiltrate, with luck you get a half-assed data sheet.

If you coerce them (with those persuasive legal instruments) you get minimum
compliance to keep people out of jail.

If you actually get some cooperation established, I'll guess that gives a much
better support experience.

~~~
ryao
If you are willing to throw resources at deciphering things, infiltration
could be all you need.

------
uptown
"Apple has long suspected that servers it ordered from the traditional supply
chain were intercepted during shipping, with additional chips and firmware
added to them by unknown third parties in order to make them vulnerable to
infiltration, according to a person familiar with the matter."

I feel like the entire world has gone insane, and every boundary is being
pushed to its limits ... and then pushed beyond those limits. Where does this
end?

~~~
ryao
The world was that way long before you realized it.

~~~
rdancer
No, this is post-9/11\. It only started with the PATRIOT Act. I vividly
remember the Clipper chip debates in Congress. This is that on steroids, with
no disclosure what-so-ever. In the communist block, that was different, of
course. But in the West, you used to laugh and sneer at Stasi and Soviet
"papers, please!".

~~~
trhway
>No, this is post-9/11\. It only started with the PATRIOT Act.

you must be kidding.
[https://en.wikipedia.org/wiki/Crypto_AG#Compromised_machines](https://en.wikipedia.org/wiki/Crypto_AG#Compromised_machines)

~~~
acdha
The Crypto AG case is a stronger argument for his point than yours: the
targets were foreign, which is to say legal for the NSA to spy on, and it was
done with the involvement of the company.

In the current era, the targets are often domestic and they're willing to
compromise U.S. companies on a large scale to do it.

------
samstave
___" Apple has long suspected that servers it ordered from the traditional
supply chain were intercepted during shipping, with additional chips and
firmware added to them by unknown third parties in order to make them
vulnerable to infiltration"_ __

Wow, so this is very interesting given, pretty much, everything that has been
going on.

Will apple actually be the bastion of freedom (both in market and privacy)
that the US supposedly stands for??

Google makes its own machines, as does facebook (actually more interested in
FB's fiber switches/routers, but thats beside the point)....

But Apple has made "servers" for years... I guess they didnt consume them in
their own DCs?? So I basically take it that they are effectively joining their
take on Open Compute (mobos that can be mounted in controlled environments,
where controlled now also means they can ID if anything was modded/changed in
shipping?)

 __ _EDIT: I would really like to know how long "long" is from "apple long
suspected"....

I was informed of NSA back-doors in Cisco gear in 1997 - WTF is Cisco's stance
on any of this -- I haven't heard anything from them at all (or I missed
anything they said)_ __

~~~
jonathankoren
Sounds like NSA's Tailored Access Operations[0], and other equivalent
agencies. When you're a big enough target, state actors bring the full force
of the state's espionage tools to bear.

[0] [http://www.pbs.org/wgbh/frontline/article/how-the-nsas-
secre...](http://www.pbs.org/wgbh/frontline/article/how-the-nsas-secret-elite-
hacking-unit-works/)

~~~
samstave
Exactly!

How many machines have you purchased in your career? I've purchased THOUSANDS
- which of these have been intercepted and compromised?

I have no clue.

~~~
Spooky23
I don't know about spy agency compromise, but I have definately caught
suppliers "accidentally" sticking counterfeit memory into devices.

------
Animats
Is Apple saying anything about what they found? This is a big deal. Who put
something in their servers? NSA? The PLA? Samsung? Did they have any strange
chips analyzed? There are companies that can take an IC apart and see what's
inside.[1][2] It's not cheap, but Apple could afford it.

[1]
[http://www.siliconinvestigations.com/](http://www.siliconinvestigations.com/)
[2]
[http://www.istgroup.com/english/3_service/03_01_detail.php?M...](http://www.istgroup.com/english/3_service/03_01_detail.php?MID=43&SID=86&ID=251)

~~~
bogomipz
The PLA?

~~~
Animats
People's Liberation Army. China's military.

------
siliconviking
Why not just contribute a few designs or some open source software and join
OCP?

[http://opencompute.org/](http://opencompute.org/)

Last time I checked, Apple was not in the business of making data center
equipment, so it's not like they would give up IP that is central to their
business model.

------
RRRA
When will we get secure PC architecture for the consumer market?

~~~
ryao
When consumers start paying for things like Talos:

[https://raptorengineeringinc.com/TALOS/prerelease.php](https://raptorengineeringinc.com/TALOS/prerelease.php)

------
beefsack
No company is static, what will Apple look like in 10 years? What would happen
with my data they recorded today should company policy take a shift?

I'm quite uneasy regardless of who holds my data.

------
tetheno
I don't know how Apple's servers security fares now, but I took a quick look 4
years ago and it was notoriously bad. They were responsive and solved the
exploitable bugs soon after I notified them. No bounties though.

If their software and network security is similar now.. then they should spend
resources there rather than care too much about modified hardware by a
governmental agency.

~~~
hrktb
Wouldn't it be completely separate teams ? I can't imagine the hardware team's
efforts taking away engineers from teams handling software security.

~~~
mc32
An issue at very large companies like Apple is that while they can be superb
in one area or in one core product does not translate into being adept in
other areas under different teams with different management styles, demands
budgets, etc.

So unless Apple are going to put their best and poach other industry bests,
their result will likely not deliver on premise or promise.

~~~
lostlogin
Judging by their rhetoric and their recent win (can it be called that?), there
is certainly widespread interest in them locking themselves down. They would
look a little foolish if not.

------
ikeboy
In theory, does a backdoored firmware run slower? If yes, then can you detect
a backdoor by building one yourself and benchmarking?

Or are the margins of error on repeated benchmarks larger than any performance
hit due to a backdoor, or can something be backdoored without any performance
hit?

What about power consumption?

~~~
strooper
Practically, backdoored firmware doesn't necessarily run services and
communicates to the mothership all the time, nor does it communicate using
conventional protocols. It creates invisible hole in the system beyond OS's
reach to detect and repair it. Furthermore, the hardware (or chip based)
backdoor is way more sophisticated, typically have been in use in the servers
of foreign governments of interest. This chips can be used to take full
control of a server, and the whole network when places strategically.

In another note, hard RTOS are not used in servers, so performance cannot be
compared with benchmarking tools.

~~~
IncRnd
>> In another note, hard RTOS are not used in servers, so performance cannot
be compared with benchmarking tools.

It may seem surprising, but performance is easily determined by side channel
attacks.

[https://www.google.com/search?q=blackhat+side+channel+web+ti...](https://www.google.com/search?q=blackhat+side+channel+web+timing)

------
onRoadAgain23
If this is a trend I guess HP wishes it would never have so readily worked
with the NSA bugging servers.

------
smoser
“[23:06] <ATPtipster> we've gotten Cisco equipment, Supermicro servers, and
Seagate hard drives that have been tampered with [by the NSA]”

------
massemphasis
This is one of the faultier parts of having to answer to share holders. Apple
is finding it more difficult to justify having their own entire supply chain
rather than relying on other companies (i.e. Intel, IBM, Samsung, etc...)

If they didn't make that horrible mistake of their recent multi-billion dollar
purchases, they'd have extra billion atleast towards a fab plant.

I'm laughing at Apple right now. Idiots. You Apple board... are stupid.

~~~
draw_down
What? Why would they care about a billion dollars? They're sitting on around
$200 billion cash.

~~~
massemphasis
They are seen as throwing away cash, and throwing away 1% of cash holdings is
very bad.

------
benmmurphy
if the NSA is doing this in the US against a US company isn't this illegal?

~~~
abysmal_cynic
"Legality", in this context, went out the window long ago. Power relentlessly
weaponises "legality". Power uses it to attack its enemies and to shield the
unethical activities it wishes to protect.

------
sickbeard
So Apple is supposed to safeguard our data now? If you really want privacy
don't expect big corp to keep it for you.

------
dang
Url changed from [http://daringfireball.net/linked/2016/03/23/apple-data-
cente...](http://daringfireball.net/linked/2016/03/23/apple-data-centers),
which points to this.

------
abysmal_cynic
Like the FBI vs Apple case, this looks like marketing hype to me. Apple is
increasingly selling on "security" they can't deliver.

(I mean, I'm sure they'll try to action something, but we all know security is
a compromise not a guarantee).

