Google Releases Project Shield To Fight Against DDoS Attacks (thestack.com) 72
An anonymous reader writes: Google has launched a free tool to help all media sites and and other organisations protect themselves against Distributed Denial of Service (DDoS) attacks. The Project Shield initiative allows websites to redirect traffic through Google's existing infrastructure, in order to keep their content online in the face of such attacks. Google will aim to work with smaller sites which do not necessarily have the money or are not fully equipped with strong enough infrastructure to the attacks. However, the Shield tool has also been made available to larger outlets, such as popular news sites and human rights platforms.
Free? (Score:4, Insightful)
Nothing is free citizen.
Seriously, the size of some of the DDoS attempts is massive. That's a lot of bandwidth wasted, and there will be a dollar impact associated with this. What additional angle will google be targeting to make money off this?
Re: (Score:2, Insightful)
They'll probably show ads on the shielded version of the website.
Re:Free? (Score:5, Informative)
They'll probably show ads on the shielded version of the website.
From https://support.google.com/pro... [google.com]
Does Project Shield place ads on content?
No, Project Shield doesn’t place ads on websites it protects.
Project Shield doesn’t change the content of your website in any way. It also doesn’t impact the ability for your website to target advertising or analyze ads-related data.
Re: (Score:2)
They offer it for free to news and human right & election monitoring websites for free. I wouldn't be surprised if down the road, anyone else could buy the service. That's where they'd make money.
Re:Free? (Score:5, Informative)
Seriously, the size of some of the DDoS attempts is massive. That's a lot of bandwidth wasted, and there will be a dollar impact associated with this.
Not as much as you might think. Google has really excellent DDoS resistance systems that recognize and simply terminate a lot of DDoS connections, because DDoS traffic looks very different from normal traffic. Also, as I understand it, Google doesn't really pay for bandwidth. It peers with the various backbone providers rather than buying service from anyone. And Google obviously has enough bandwidth capacity to deal with any DDoS attack without trouble; Google's normal traffic volumes are vastly larger than even the biggest DDoS attacks. Google measures bandwidth in petabits per second.
So, the real cost is just capacity of the proxy servers used to provide project shield... but I'm sure these are the same proxy servers which are used to front all of Google's own services. They have tremendous capacity and, again, their normal workload looks much like what anyone else would see as a massive DDoS attack. My guess is that the additional load is negligible.
What additional angle will google be targeting to make money off this?
For now, it's purely altruistic, providing protection for news, human rights and election monitoring websites. If it works well for them, Google could easily turn it into a service offering for any sort of organization who wants DDoS protection. It could be a very nice business for Google, actually, since it's unlikely to add noticeable load to Google's infrastructure.
(Disclaimer: I'm a Google engineer. I've written code that runs in the proxy servers I'm sure are being used for this. However, I'm speaking for myself, not for Google, and the above contains some suppositions about how the shield system will work which may not be correct. I've deliberately avoided searching out the internal design documentation until after posting this. But I'm curious so I'm sure I'll go look later :-) )
Re: (Score:1)
What about getting to know who want to visit what website which is protected through the system?
That's a good enough reason to do it?
Re:Free? (Score:4, Informative)
What about getting to know who want to visit what website which is protected through the system?
That's a good enough reason to do it?
Google has explicitly stated that data on visitors will not be used for advertising or search purposes, and that Google will not retain any of the data beyond two weeks, and then only in aggregated form and only for the purpose of improving the shield service.
I realize that people really don't want to believe a corporation could every do anything nice, but I really don't see any room for nefarious hidden motives here (and such would be pretty out of character for Google anyway). Of course, that just seems to make people look harder and stretch further to find the diabolical plot underneath, and the further they have to stretch the more diabolical the plot they "discover".
Re: (Score:2)
Shawn,
Thanks for posting on Slashdot about this and sharing your ideas as an engineer (then checking Google documentation afterwards). Part of the reason I trust Google is because my assumption is that people work there that have values like me. If unethical marching orders came in one day then engineers might resist them or one person might leak it. It took just one technician to blow the lid off of Room 641A. Google's past record of exiting mainland China because of Chinese spying should illustrate the co
Re: Free? (Score:5, Interesting)
A broken WWW earns Google no money. Until we can defeat the botnet scourge, clean up reflection / amplification problems, and secure all the end points, offering stop-gap assistance may well aid their long-term revenue picture. It's perfectly rational to be nice and seek profit in the same venture.
Re: Free? (Score:2)
Re: (Score:2)
Google needs to start looking at a revenue model that cannot be quashed by a free browser extension. Down the road there will be a paid version for anyone.
I assume you're referring to advertising. Two points: First, Google already has some $6B per year in non-advertising revenues, and growing rapidly. Second, if everyone starts using adblockers, they'll stop working because sites that depend on advertising revenue will start rejecting users that adblock. We've already seen the beginning of that. Adblocking doesn't work if more than a small portion of the world uses adblockers.
Oh, one more: yours is a funny comment on a discussion about a service that could
Re: (Score:2)
Re: (Score:2)
Google will not retain any of the data beyond two weeks, and then only in aggregated form and only for the purpose of improving the shield service.
I'd like to see someone prove this.
I recently got an invoice from my new health insurance provider, and was shocked to see that for my convenience, the password for my online account was printed in clear text on the bill. My first reaction was, "that can't possibly be legal, can it?"
No corporation, no matter how large, can be trusted with your data once they have it in their possession. They can claim that they aggregate the data and keep it for only two weeks, but there's no way I'll believe that.
Re: (Score:2)
So, stupid question. What's to stop the DDOS attackers from directly targeting my server, and bypassing this proxy?
Re: (Score:2)
So, stupid question. What's to stop the DDOS attackers from directly targeting my server, and bypassing this proxy?
Not knowing your IP address.
Re: (Score:2)
Wait, that's really it? How hard can it be to figure that out?
I'm not sure how, but maybe some kind of geolocation based on timing?
Re: (Score:2)
Wait, that's really it? How hard can it be to figure that out?
I'm not sure how, but maybe some kind of geolocation based on timing?
Since your DNS name will resolve to a Google proxy server IP and that's where requests will go, timing will be hard. Not impossible, but hard. And supposing you did manage to see pass that obfuscation to discover the geolocation of that actual target server. How does that help you direct packets to it? You need the IP.
For that matter, supposing you did get the IP, it seems like the admins could just configure their firewall to drop all packets except those coming from Google, because all legitimate traffi
Re: (Score:2)
Thanks for answering. This is really interesting.
And the firewall dropping packets isn't going to subject you to a DDOS-attack? Dropping by origin is that cheap? And spoofing the origin IP address is that hard?
Re: (Score:2)
What is "free citizen" you speak of?
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
Or by intentionally allowing them to man-in-the-middle your site, allowing them to track and analyze every visitor, regardless of if you are using their Analytics product?
Re: (Score:2)
Some things are free - complimentary goods.
Printer companies practically give printers away to sell the ink. Razor companies sometimes literally give razors away to sell the blades.
If Google thinks that many little sites lead to needing to search Google instead of just go to Wikipedia and Facebook, then it's in their interest to pay to have that ecosystem exist.
Now, I don't know if that's really what's happening in this case, or if they are analyzing the shit out of the data, or if there's a long game invo
Redirect through Google's servers (Score:2, Insightful)
Re:Redirect through Google's servers (Score:4, Informative)
Remove tin foil hat and read the story.
"“Project Shield only uses the data we obtain (such as logs from the Project Shield servers) for DDoS mitigation and caching and to improve the Project Shield service,” the company added."
Seems like they are aware of what people might worry about and have posted a policy statement to put people at ease.
Re: (Score:2)
Also just because a company has a policy, doesn't mean there isn't someone violating it behind the scenes
Re:Redirect through Google's servers (Score:5, Informative)
For now, until users get comfortable with the service. Once it gains traction they will be re-writing the terms and conditions.
Want to bet? Seriously, care to put money on that? I'll take that action in a heartbeat, assuming we can work out a way to do it.
Also just because a company has a policy, doesn't mean there isn't someone violating it behind the scenes
Pursuant to the consent decree signed after the Buzz fiasco, the Federal Trade Commission regularly audits Google to verify compliance with the terms of the decree, which includes compliance with Google's publicly-stated privacy policies. It would be very, very risky for Google to do anything to violate those terms.
Google also applies strictly-limited and closely-audited access controls on all such data, so it's virtually impossible for a "rogue" employee to do what you describe without approval from both his or her own manager, and from a separate organization that is tasked with monitoring and minimizing access. Attempting to bypass any of these controls is both very hard and is a firing offense.
(Disclosure: I'm a Google engineer. Security is my gig, not privacy, but the two overlap a bit so I see a lot of what goes on around privacy.)
Re: (Score:2)
separate organization that is tasked with monitoring and minimizing access
How about for someone already part of that organization. It would just be themselves and their manager's approval (if one is needed at all for their org, and even may be just themselves if they are the head). It all comes to the culture in the organization. I cant comment on google, but I bet these things happen even organizations with similar policies.
Re: (Score:3)
separate organization that is tasked with monitoring and minimizing access
How about for someone already part of that organization. It would just be themselves and their manager's approval (if one is needed at all for their org, and even may be just themselves if they are the head). It all comes to the culture in the organization. I cant comment on google, but I bet these things happen even organizations with similar policies.
It's possible, though it also would surprise me if there aren't defenses in place against that... such as that the systems do not allow anyone in the access management organization to have access themselves (which pushes the question off on the managers of those systems... and I know there are many eyes positioned to watch them). In this case, though, it's hard to see why someone in such an organization would want access to data that flowed through Project Shield. You could see the ads guys wanting it, and
Re: (Score:2)
Re: (Score:2)
(Disclosure: I'm a Google engineer. Security is my gig, not privacy, but the two overlap a bit so I see a lot of what goes on around privacy.)
Including, I assume, all of the privacy that your company systematically violates in order to conduct its core, mission-critical, business and reason for existing,
Google only wants your data if you want to provide it. It's an exchange of value; you get service, Google gets to advertise to you. If you don't like it, Google provides the tools you need to opt out -- while in most cases still allowing you to use the services!
Re: (Score:2)
Yeah, because Google never changes policies after people start using a service.
Re:Redirect through Google's servers (Score:5, Informative)
More information for them to mine, which is what they really crave.
From https://support.google.com/pro... [google.com], emphasis mine:
What data does Project Shield collect?
We collect traffic metadata and cached content for website traffic passed through Project Shield. This helps us detect and defend against DDoS attacks.
We also ask for your website’s configuration data — your website's origin server, domains, and subdomains — to set up Project Shield. We hold on to this for as long as you have an account with Project Shield. You can delete your Project Shield account at any time.
Data and web traffic may be processed and stored in the US or other countries.
How do you use my website and website visitors’ data?
Project Shield collects web traffic logs, and other data on how we serve your traffic, to help improve Project Shield's service and performance.
Project Shield does not collect data to improve search results or target advertising.
Does Google’s Privacy Policy apply to visitors to my website?
No. Your website’s own policies and terms of service — including how you manage user data and privacy — apply to people visiting your site, not Google’s privacy policy and terms of service.
Can people tell that I’m using Project Shield?
Yes. Domain Name System (DNS) records are public information and will show that you are pointed at Project Shield servers. When you set up Project Shield, you point your traffic at Project Shield servers. Anyone can use a public website to look up your DNS records and see what IP address or host name your website points to.
Skimming? (Score:1)
Is Google skimming anything off of the data routed through their pipe while the "bad guys" are running the DOS attack?
No thanks Google. (Score:1)
I'll stick with Cloudflare.
Re: (Score:2)
blocking tor users? no thanks.
almighty goog will know everthing do everything (Score:1)
aim of google seems to be, not to make money, but be god, omniscient and almighty; to know everything at very point of information creation, transmission, storage and even deletion; to do everything from gossiping to make humans immortal.
hubris much?
enjoy the greek tragedy in the making.
"Give Google visibility into who's visiting..." (Score:5, Insightful)
From the engadget/Wired article ...
"To use Project Shield, a site has to give Google visibility into who's visiting -- something likely to rankle the company's privacy critics. But Google says that it'll only keep logs for two weeks, after which the data will be stored in aggregate and used to learn more about attacks. The company also notes that the data it collects won't be used in its advertising programs."
The company also notes that the data it collects won't be used in its advertising programs. [But by using Project Shield you and your agents and seven generation of your children's children agree and that we can change the Terms and Conditions of use, in a 64 page-long document of legalise, that only 1 in 100 people will ever read and/or notice, at any time.]"
Re:"Give Google visibility into who's visiting..." (Score:4, Informative)
But by using Project Shield you and your agents and seven generation of your children's children agree and that we can change the Terms and Conditions of use, in a 64 page-long document of legalise, that only 1 in 100 people will ever read and/or notice, at any time.]
From https://support.google.com/pro... [google.com]:
Does Google’s Privacy Policy apply to visitors to my website?
No. Your website’s own policies and terms of service — including how you manage user data and privacy — apply to people visiting your site, not Google’s privacy policy and terms of service.
Fine for highly public sites (Score:2)
If nobody is trying to hide when visiting your site, then there's no good reason to hide that data from Google, is there?
Election monitoring? (Score:2)
So, what if they "just happen" to have problems on their own end while the original website is being DDoS'ed?
People will say "look at the election numbers, Trump is still at the top" while the true numbers just aren't being updated because of the "technical problems" on Google's end. It's a new service after all, there's bound to be some problems. After all, the people working there are only human.
Can't you simply.. (Score:1)
...have your outside router start ignoring IP addresses that exceed some threshold of activity that is not a 'normal' level of activity for, oh say 90 mins? I have a edgeOS router. I could have sworn I saw a part where I could set rules based on an arbitrary number of attempted connections in a period of time.
Re: (Score:1)
Yeah, I totally hate to generate (in my case music) lists of videos just to later find out some of them are gone without being able to see what has been removed!
They could had kept the title and possibly username, then again others may have different interests there depending on what was uploaded in the first place but .. At-least keep on showing it for the person who made the list so they possibly can find a replacement.
How does this differ from Cloudflare? (Score:4)
Does anyone know how this differs from Cloudflare?
FWIW, I'm using Cloudflare on several of my sites, and it's been extremely useful so far.
I'd love to see a comparison between Shield and Cloudflare, especially any features that one might have that the other doesn't.
Let Me Count The Ways (Score:1)
Google is WAY bigger than CloudFlare.
Google is offering this free to a small few categories of websites, CloudFlare offers limited free services to all and paid services to everyone.
Google's sites don't seem to fail. CloudFlare sites fail all the fucking time!
From a technology perspective Google's Project Shield is a CDN system, just like CloudFlare, Alkamai, and the countless other hopefulls that have popped up over the years.
The solution to the whole DDOS thing. (Score:2)
Just about everybody knows this: ISPs need to configure their routers to drop IP packets with source addresses that have no business coming from the interface they came in on. If the DDOSers can't spoof their source address, it puts a big crimp in the main bandwidth amplification methods.
Of course, they'll find something else at some point, but it should slow them down if they have to be on close to the same network as the one they're attacking, or their bots have to send out packets in something closer t