It's the hardware, stupid!

One of the selling points at Kolab Systems is that your data is always secure and private. Whether you are a private citizen registered with our Kolab Now service, or a corporate client using Hosted Kolab, or thinking of using our services to deploy the Kolab collaboration framework in your company, guaranteeing the safety and confidentiality of all your data is kind of our thing.

But herein lies a problem.

How can you do that? How can you really be sure your data is not being snooped on, syphoned off to hackers, corporate spies, or unfriendly government agencies? The answer is multi-tiered and not all that straightforward. Bear with us while we explain.

Our first line of defence is that everything you see, all the front-ends, the Kolab Now and the Hosted Kolab interfaces, are Free Software/Open Source. We are even developing a new desktop collaboration client called Kube, also out in the open. This means everything can be studied, audited and perfected by everyone, be it by our own developers, or a third party. It is much harder to sneak malicious code into a program when every line is public.

Then there's the underlying frameworks the apps interact with, the software that manages the cloud storage your files live in, the email servers that dispatch your messages, the calendaring system, and so on, all of which is part of the Kolab collaboration suite. Most of that we developed ourselves alongside the Kolab community, and so naturally it is also free and open. The third-party products that are integrated into our solutions are also strictly open source.

Of course, this software all needs to interact with the operating system. If that's not open and auditable by independent engineers, it doesn't matter if the stuff on top is. Data passing through the OS (and everything passes through the OS) could be intercepted and stolen. That's why everything we produce runs on Linux, which not only open source itself but possibly the most scrutinised operating system in existence.

Still, we are not quite done. Because then there's...

The Non-trivial Matter of Hardware

Every instruction from the OS or application is translated by the hardware into actual transactions on the network, memory, and storage. And today’s hardware is so complex that both the processors themselves as well as many of the hardware peripherals are fully programmable computers, running their own software.

In all modern computers, hardware generates random numbers, calculates points in 3D space, performs time-consuming math operations, and so on and so forth. It makes things faster, yes, but since most hardware is closed and proprietary, these operations are opaque, hidden and not auditable for security or privacy purposes.

But it gets worse. There is strong evidence that manufacturers conspire with security agencies, and include spyware within the processors and firmware in exchange for laxer trading regulations. Since the hardware operates underneath the OS, this allows bypassing the OS entirely even when sending data to remote servers on the Internet. In the minds of those involved, it makes sense for everybody: Why wouldn't the US government want you to sell vulnerable hardware to Iran, Pakistan or Russia? It is good for business and good for the safety of Western Democracy, right? With spying hardware, everybody wins!

Well, everybody except you, of course.

Even if you are law-abiding citizen and you subscribe to the spurious argument that "if you haven't done anything wrong, you have nothing to hide" (we will debunk that some other time), this should be worrying.

If there is a backdoor for the NSA or MSS to use, the backdoor is there for everyone to use, including criminals looking to blackmail you or your company, hold your data for ransom, or sell it to your competitors. The most recent case of backdoored firmware being hacked happened just a few weeks ago, with the consequences still rippling through the techsphere, when Microsoft's Secure Boot was breached.

Open Hardware for Big Things

The problem is that while open apps, open frameworks, and open operating systems are mainstream today, open hardware is not.

Even compared to closed, proprietary software, hardware is on a whole different level of closedness. It’s easy to understand why. Building hardware is, well, hard. And extremely expensive. Everything else (the apps, frameworks, and operating systems) can be created with a text editor and brains. Open hardware requires all that, plus another set of tools entirely, considerable financial resources, and a fully staffed and equipped electronics factory.

Fact is there are very few instances of open hardware around, and the ones that do exist are found mainly in micro-controllers or on single board computers. (By the way, not even the Raspberry Pi can boast a completely open hardware stack.) For devices with more computing power, as in laptops and higher, the offer of open hardware has traditionally been non-existent.

While of course we took all possible measures to mitigate these concerns, that situation was far from satisfactory for Kolab Systems. Needing to accommodate an unauditable layer in your stack that has very likely been purposefully made vulnerable is the opposite of good security design. You want your hardware to work for, not against, you. That was a strong reason for de-prioritizing more conventional Intel-based server hardware in favour of the Power architecture developed by IBM.

"Wait a second!" I hear you say "IBM is a US company. Are you telling me it doesn't have to abide by the rules you talked about earlier?" This is a fair point. IBM probably does have to toe the line, but the OpenPOWER Foundation doesn't, nor do any of its non-US members.

Chinese manufacturers, for example, are replicating and building Power machines, but with none of the on-board encryption components which are part of the IBM machines. Why? Because they haven't figured out if they can trust them or not. On the Chinese machines, it's the software and their own pluggable hardware that will handle the encryption, using Chinese-generated code, and as members of the OpenPOWER Foundation, that is their prerogative.

All OpenPOWER Foundation members get all the specifications of the current generation of Power hardware. This means they get to know what each individual component does in detail. They also get to decide how the platform should evolve and what components they want to include in there own versions of the hardware.

As anyone can be a member of the Foundation, including academic institutions and individuals at no cost, the platform is audited often and with no penalty by third parties, vastly increasing the likelihood that the machines behave as they should. And of course you also get all the innovative benefits of an open ecosystem – with more and more Power designs being done by OpenPOWER Foundation members that are not IBM.

So now we can have open applications, running on our open Kolab framework, powered by an open operating system (Linux), running on open Power8 hardware.

And that's how you do it.

To know more about OpenPOWER, Kolab Systems will be attending the OpenPOWER European Summit that will be held from October 26 - 28 in Barcelona, Spain. Come along and we'll give you a tour of how the all-open stack protects your data.