Intra-cloud plaintext?

I was looking at the image linked in this article and was actually somewhat alarmed. Am I crazy, or does just dropping all traffic to plaintext within one's own cloud sound like horrible design?

I'm not suggesting all traffic in all networks requires encryption, but traffic between services within a major cloud's network? Breach the perimeter and someone suddenly can get at everything.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

colby_ar

The best part is the sinister looking smiley face.

ptilsen

Well, that's actually what the article was about. The Google engineers interviewed are furious, understandably. I'm a little more perturbed that anyone who can circumvent or penetrate Google's front-end gets to see plaintext traffic on the back-end.

pram

ptilsen wrote: »

I'm a little more perturbed that anyone who can circumvent or penetrate Google's front-end gets to see plaintext traffic on the back-end.

This describes like, 100% of every environment I've seen.

instant000

pram wrote: »

This describes like, 100% of every environment I've seen.

The one fallacy is that they have acquired links that are "supposed" to be "private".

These "private" links span across geographic areas.

This reminds me of this article:
Room 641A - Wikipedia, the free encyclopedia

One thing they could do would be enabling a hardware-based VPN mesh across their backend. Without knowledge of their environment, I cannot begin to know how troublesome this is for them. The same way they make their little throw-away servers, they could make throw-away VPN routers to protect their site-to-site communications. I'm imagining something like multiple parallel tunnels between sites, and just let routing dicate the data flow and path-sharing.

Of course, this added complexity probably hurts their availability, and we then suffer more frequent outages of youtube (hah, that might increase productivity).

And somehow, I then thought about this story:

This thought on availability had me then thinking about "Mafiaboy" but that's probably too much of a tangent right now.

wes allen

L2 encryption is going to blow up - The business case for Layer 2 | Senetas

And another cool link from a recent riskybiz podcast http://www.idquantique.com/network-encryption/products/cerberis-quantum-key-distribution.html

wes allen

Traditional L3 and up encryption has too much overhead and is way too slow for the amounts of data that they move around. Keep in mind that it wasn't all that long ago that many big sites still didn't use ssl by default outside of Auth, for all external traffic anyway.

ptilsen wrote: »

Am I crazy, or does just dropping all traffic to plaintext within one's own cloud sound like horrible design?