Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Frumple]

Gyno/andro -phile, yeah. I didn't know those were words, but the construction made sense and google confirmed they actually exist :V

[Naturegirl1999]

What would we do if Google was hacked and corrupted?

[Frumple]

Use bing

[TD1]

Some would panic. It would throw into jeopardy email accounts, software, maps, so on.

That assumes a complete corruption, however, which I find unlikely. Google is too big a behemoth for that.

Other than that, the actual search engine going offline wouldn't mean much. The things we search for would still be there - we'd just use a different search engine.

Like bing.

[Arx]

What would we do if Google was hacked and corrupted?

Panic, because that implies the existence of a larger fish than Google with malicious intent. It'd be an organisation more powerful than many (most?) governments effectively declaring war on the world.

[MaxTheFox]

Google has excellent security. As Arx said you would need more resources than any government. So I'd say that we shouldn't worry.

[methylatedspirit]

If I go agender, how do I refer to myself in the past? I'm tempted to just call past-me "him", because that's what he believed he was, but if I'm agender now, wasn't that the gender (or lack thereof) that I wanted to be in the first place, just that I didn't know it yet? I've also been switching my self-referential pronouns to they/them, so it gets confusing when I swap back to he/him for one thought, then go back to they/them for the next.

[Frumple]

dem, 'cause it can be both him and them crudely pronounced *nods sagely*

[MrRoboto75]

I'd just stick to the modern/most recent pronouns/identity, even if I was talking about someone's "before times" or whatever.

[hector13]

Yeah, the you in the past doesn’t exist anymore, it was merely a step on the journey to who you are today.

It’s not like past-you will get upset about present-you misgendering yourself.

[wierd]

What would we do if Google was hacked and corrupted?

Panic, because that implies the existence of a larger fish than Google with malicious intent. It'd be an organisation more powerful than many (most?) governments effectively declaring war on the world.

Google uses NetApp filers. (Former insider for Netapp)

If some malicious dickwad managed to coordinate simultaneous site accesses, it could be done.  Those big filer fleets use hyper redundancy, both with the storage media itself, but also with the controller heads, and with dedicated fiber links to remote Disaster Recovery sites.

It would take some social engineering to pull off, but this is how it could be done:

Arrange technical malfunctions at both the main site, and at the disaster recovery site. (there are any number of ways to do this remotely which I wont discuss in detail).  THEN, the attackers pose as NetApp field support techs, and then infiltrate the sites. (Normal policy is to attempt issue recovery with a live telephone call, but if there is physical hardware damage, large customers like Google are entitled to free on-site service and support to resolve the issue.)

Once on site, it would take the attacker approximately 30 seconds to initiate an unrecoverable loss of all data on the filer fleet, by batch-issuing commands to the controllers to go into maintenance mode on the Service Processor interface, and then initiate special boot option 4A.

https://community.netapp.com/t5/ONTAP-Discussions/Boot-Menu-Option-4/td-p/4561

Once started, the process cannot be interrupted.  Once complete, all data in the filer will be lost.

It aggressively scrubs all disks in the reformat, because it is intended to be used when transferring filers to new owners, and it meets DOD security requirements for "Secure" erasure.


Now then-- This whole plan is probably unworkable for anyone but a state agent.  It would require infiltration of the NetApp technical support infrastructure, to successfully intercept the field service calls, and send operatives instead. 


But still possible to be accomplished.

[Naturegirl1999]

What about using something like these or similar for defense? Programming them to not attack NetApp employees, so fake “employees” are stopped? I suppose a better, realistic, less lethal solution would be camera systems connected to doors which scan people attempting to enter, locking the door for those who are not allowed

[wierd]

As stated, only a state actor could pull it off.

A site like google's has onsite security. However a field support rep that is expected to arrive for a real service call just needs to flash thier employee badge.

A fake ID, with the name of the real rep on it, (since you have "vanned" the real service rep), would get you in, no questions asked.

The need for multiple levels of social hacking and system penetration, as well as simultaneous access to physically isolated data centers, is why this is outside the scope of your normal hacker group.

[King Zultan]

So that means my small group of not very experienced people with a not very well thought out plan can't steal Declaration of Independence delete all google's shit, what sad times we live in.

[wierd]

No.  Especially if they migrated to Ontap8/9, with full cluster configuration. (which I cannot for the life of me, see google NOT doing.)


In that configuration there is no such thing as a "Head" filer.  All filers are peers on a dedicated fiber optic backbone, and are managed as a gestalt virtual entity. You can kill 99% of the fleet, and it can recover.  If you throw in a disaster recovery site on that, you have even MORE tolerance.

(the only real problem with the solution NetApp came up with, is that there are functional top-end limits on how large the cluster can become, because the amount of inter-filer traffic will eventually saturate the dedicated link.)


You would need to get the ENTIRE cluster, including the DR site cluster, to nuke all the redundant disk arrays.