Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
natas 18 hours ago

I wonder... if microsoft can't secure a gaming console which they have full control on, from top to bottom, how do they secure "Azure Government"?

physicles 18 hours ago | parent | next [-]

When your hardware is in the physical custody of the attacker, the threat model changes significantly. Designing a console that takes years for attackers to crack is an impressive feat of engineering.

int0x29 16 hours ago | parent | prev | next [-]

That game console isn't in a data center with CCTV coverage, mandatory access control, guards, and employees with background checks. If somone is soldering wires to your server and doing fault injection something has gone very wrong. Azure Government customers also don't have to worry about the NSA demanding access.

Cthulhu_ 16 hours ago | parent | prev | next [-]

I don't believe servers actually have this level of hardware protection to be honest. Physical protection, as someone else pointed out, on the other hand.

If hacking the xbox goes wrong, the hacker will short out the console. If hacking Azure goes wrong, the hacker will get shot.

Peanuts99 6 hours ago | parent [-]

Azures physical servers actually use a similar technology apparently. They both have some kind of proprietary HSM module that stores keys on the device and is resistant to tampering. I've read that Azure servers actually break this protection when removed from the rack so the server is made entirely useless if it's removed.

zinekeller an hour ago | parent [-]

This is not just Azure (although the proprietary bit is true, that's basically souped-up Pluton), but basically most high-end HSMs deployments, including at major could providers (Google Titanium, AWS CloudHSM). There is even a built-in battery to ensure this happens (https://docs-cybersec.thalesgroup.com/bundle/v2.21-cdsp-cm/p... https://nshielddocs.entrust.com/security-world-docs/hsm-user...).

I have even heard of a major cloud service mandating absurd earthquake-proofing (to prevent any movements inside the datacenter and triggering an HSM reset) but I cannot find any verification regarding this (maybe this is ultimately an urban legend).

Lammy 17 hours ago | parent | prev [-]

The point of the gaming console is to get hacked, because that's how they develop the security techniques that metastasize over to strangle general-purpose computing, which is the real goal. Device attestation is a perfect example of this.