Open Stack

On 28 May 2013 01:23, Jeremy Stanley <fungi at yuggoth.org> wrote:

> Note that this is a not-often-talked-about security risk throughout
> the industry, it's not just an OpenStack baremetal issue.

Indeed! However while it was obscure, esoteric and largely unknown 20
years ago, it's now part of the standard risk profile from a security
perspective - it's precisely what UEFI secure boot targets... The
current bleeding edge of attacks is factory compromised bus devices,
with stock firmware having a hostile mode that isn't even compromised,
but is built-in. *That* I'm willing to ignore for now:). Well, other
than buying good hardware :).

> Many (most? all?) data center hosting companies reuse servers
> between short-term dedicated hardware tenants without doing much
> more than a disk wipe and typical BIOS upgrade. For that matter,
> there's a similar risk when purchasing used or refurbished
> hardware... or even new hardware, depending on how much you trust
> the procurement chain (but in that case there's at least readily
> available legal recourse if you find out the
> manufacturer/distributor/carrier intentionally engaged in
> compromising the hardware).

Yup :).

> Some companies are aware of these possibilities and may have simply
> decided their risk analysis shows it's not worth mitigating in their
> situations, but many are not aware that this attack surface even
> exists to begin with. Now, whether can you trust that the computer
> manufacturing and software industries can solve this problem
> (Trusted Computing and so on) is another question entirely.

Yeah :(. It's not clear that adding a whole new OS to the boot process
is the right answer, but it's the only one with widespread adoption so
far.

-Rob
-- 
Robert Collins <rbtcollins at hp.com>
Distinguished Technologist
HP Cloud Services