Feeds

back to article Report: NSA spying deals billion dollar knockout to US cloud prospects

Sustained violations of civil liberties at home and abroad? Yawn. The manifestation of Orwell's nightmares? Snooze. The potential loss of scads and scads of money? Egad, we should really do something about this! That's the gist of a report published on Monday assessing the likely commercial fallout for the US cloud computing …

COMMENTS

This topic is closed for new posts.

Page:

Solution

The only way that US based cloud storage companies can address clients fears is to create systems where everything is encrypted on the clients hardware with open source software to insure there are no back doors before leaving their premises, stays encrypted in the cloud, and can only be decrypted when back on the clients hardware. And have the whole thing under some type of non-US (and non-cahoots country like the UK) based third party certification.

Of course, anyone using cloud storage should have been doing all of this anyway from the get go.

12
2
Silver badge

Re: Solution

Not true.

The two largest userbase clouds are Google's and Apple's (iCloud) and neither of them allow the user to locally encrypt backups with their own password, instead they are encrypted during transit and in place using encryption keys the end user does not control.

If you're backing up corporate data, sure, you are shipping them encrypted backups, but if you happen to use Windows and the NSA perhaps has a backdoor into it, that wouldn't help you much would it?

4
0
Silver badge

Re: Solution

Fine for storage, but what if you want your cloud company to do email/database/sharepoint etc

It's hard to do processing on encrypted data without giving them the keys (yes it's theoretically possible but not really)

4
0
Silver badge

Re: Solution

"declassify more information about the NSA spying programs"

Not enough. As long as secret gag orders exist they can say anything they want, and no one can trust anything they say.

- They would have to declare all existing gag orders void.

- Only allow gag orders for a fixed time for a specified investigation. After that time it's public. No exceptions.

- And the one that will never happen, it has to apply to EVERYONE, not just people in the US. Not the current "your not a US citizen and your on the wrong side of the gate at the airport so you have no rights".

Not going to happen.

Expect some more leaks.

11
0
Silver badge

Re: Solution

"Not enough. As long as secret gag orders exist they can say anything they want, and no one can trust anything they say.

- They would have to declare all existing gag orders void.

- Only allow gag orders for a fixed time for a specified investigation. After that time it's public. No exceptions."

Problem is the NSA might say the gag orders have been removed and secretly gag everyone who tries to say that it is a lie....

3
0
Bronze badge
Mushroom

Re: Solution

"with open source software to insure there are no back doors "

Which insurance company would that be with?

Hmm Open Source - so many vulnerabilities, but at least it's immune for the NSA - oh wait: http://bsd.slashdot.org/story/10/12/15/004235/fbi-alleged-to-have-backdoored-openbsds-ipsec-stack

0
3
Bronze badge
Pirate

Re: Solution

"Of course, anyone using cloud storage should have been doing all of this anyway from the get go."

Should read: Of course, anyone using cloud storage should have been beat senseless from the get go...

1
0
Bronze badge
Linux

Re: Solution

And yet another reason to ditch Windows.

0
0
Silver badge

Open source does NOT insure no backdoors / spycode

Take your typical Android phone, a Samsung GS3. Open source, so you're safe, right? If you're using the OS your GS3 came with and was later updated to, you don't know what modifications have been made to it by Samsung, but it sure isn't generic Android. You don't even know if the source they publish (I assume it is downloadable somewhere per the GPL) is the same source they use to build what is installed on your phone. You're basically trusting that SOMEONE has checked this, but if everyone assumes "someone else" will have checked it? Not to mention that parts of Android, as well as some/most/all of Samsung's added special sauce are not open source, and may allow for a backdoor/spycode.

Even compiling from source you laboriously checked yourself is not a guarantee - if you don't believe me google "on trusting trust" and be amazed at what is possible.

0
0
Silver badge
Facepalm

Re: Solution

> Hmm Open Source - so many vulnerabilities, but at least it's immune for the NSA - oh wait:

Well, that's kinda the point.

Not much chance of those kind of revelations with closed-source software.

0
0
Silver badge
IT Angle

I usually don't buy socialist arguments about America being a "corporateocracy"

But if the commercial pressure from Amazon, Salesforce.com, MS, Yahoo!, Google, etc. is what really gets the powers-that-be in Washington to change these policies, then I may reconsider....

11
0
Bronze badge

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

Policies won't change. Contrary to popular belief, profit will only rise as high as #2 in the U.S.A., defense will always rest at #1. Changing gun control laws are very difficult here, because both people and government share this common ground. Sure, we might go broke, but good luck with an invasion.

At best the government will fabricate some documents on the fly and present them, it will be up to you to believe them.

2
0

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

I think you will find that the invasion will come from within.

Your population is armed, and will your armed forces really fire on their own?

History has a horrible habit of repeating itself.

6
0

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

yes history repeats itself, and USA military already did shoot unarmed USA citizens before. Shooting armed citizens is even easier. Which is a good reason to arm your citizens, much easier to shoot them.

And if you count police as am armed force then its the order of the day, not an exeption.

Yes a revolution can happen, and if the current politicians on both sides keep it up will become sure to happen, but it will be a very very high bodycount. which is good for planet earth. But every downside has an upside ;)

4
2
Bronze badge
Facepalm

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

So, do you buy the capitalist arguments about America being a corporatocracy?

3
0
Bronze badge

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

How quickly a thread can derail :-)

Invasion from within? Not sure how you mean that, or why it would happen, but revolution is a good thing from time to time. The vast majority of countries have come to be because of revolution, but those revolutions were generally held in revolt from another country.

And yes, our country will fire on it's own, Lincoln proved that. Cut it anyway you want, he committed treason. I believe any country will fire on its own given the right circumstance, however, we are a long way away from that (I hope, I really hope).

1
1
Bronze badge

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

"Shooting armed citizens is even easier."

Physics might disagree with you here.

0
4
FAIL

Physics can disagree all it likes ...

... but it will not be physics that gives the order: "Shoot to kill these dangerous armed crazies who are trying to destroy our wonderful country" - an order less likely to be savaged in Court than "Shoot to kill these unarmed old grannies on their way to Bingo".

So, yes, shooting armed citizens is morally and legally very easy. A cynic might believe that the US Government is quite happy with that situation.

4
0
Bronze badge

Re: Physics can disagree all it likes ...

"A cynic might believe that the US Government is quite happy with that situation."

What the fuck happened here to this forum, did I miss the "You Must Hate Americans" section in the site registration?

As far as your comment, keeping your mind closed to just the US government in regards to what you are speaking of is shallow. Any country can fire upon their own, regardless if their citizens are armed. China and tanks come to mind. England fired upon their own when they revolted to make a new country. Russia has perfected it to a point were you could almost argue the benefits of it.

I can't see how a government under the control of a non-lunatic could consider it a "happy" thing. At one end they would be killing a worker that is making them money, on the other they would be fueling even further revolt (England learned that last one the hard way).

You don't have to be overly cynical to be paranoid, I'm living proof :-).

2
6
Bronze badge
WTF?

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

"yes history repeats itself, and USA military already did shoot unarmed USA citizens before."

Sure. So did the UK, France, Spain, Italy, let's not forget Russia/USSR (ohh boy!), Germany (OHH BOOOYYY!), even uber-peacenik Denmark shot its citizens before...

...so actually your point was... what exactly?

1
2
Silver badge

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

if america doesnt shoot people then how come bush invaded iran for oil??

1
2
Silver badge

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

sorry iraq

0
0
Anonymous Coward

@mybackdoor

'What the fuck happened here to this forum, did I miss the "You Must Hate Americans" section in the site registration?'

Nothing happened to the forum, America happened to the world and this is the result. Pretty much despised as a nation globally*

*Individuals are a different matter. I happen to know some very nice Americans

14
1
Silver badge
Meh

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

"sorry iraq"

Give it time, Iran might be in the cards yet. The president, meh does it really matter if it's Shrub or Oh, bummer.

0
0
Gold badge

@mybackdoor

While I know many Americans I like - and a good number of my friends are Americans, and right decent people, thank you - America as a country can go fuck itself. It has been a good long while that a nation ruled by something other than a single dictator-like figure has so desperately needed housecleaning.

Even monarchies eventually developed the aristocracy to reign in the power of their royalty. Commoners gained representation through parliaments. Yet America holds itself up as a beacon of all that's right and good whilst allowing "executive power" to reach levels that most of these restrained monarchs could only dream of.

Worse, through objectively terrible decisions like Citizens United America has further reduced that ability of not merely individuals, not merely communities or towns or entire states but the collective voice of the entire nation to a mere whisper when compared to the power of a large corporation.

Topics where your nation very nearly speaks with a single, unified voice (for example gun control) have become charlatanous mockeries of what democracy should be. The needs, wishes, desires and thunderous demands of "the overwhleming majority" matter nothing in the face of backroom politics and the massive machine of lobbying. State legislators are no different; an entire state can turn out to "stand with Wendy" only to see their efforts rent to ashes mere days later.

This is how you treat your own people. You lie to them professionally. You murder the innocent in the name of the law. You rain down suspicion and even death upon your own people and you dare expect us to look upon you as anything more than the haughty, pretentious, arrogant, murderous, xenophobic, savages you choose to elect to run your nation?

We haven't even gotten into the disdain, disrespect and outright lack of humanity, compassion or common decency which which your nation treats the other denizens of this world. The United States of America is a corrupt nation unfit to preach about morality or freedom to anyone. It is a nation in desperate need of a legal and overwhelming political change. New parties need to emerge and America as a nation needs to learn some fucking humility.

Wake me when the Unites States of America has ratified the International Criminal Court. At that point I will be wiling to consider that American might be ready to be given it's first responsibility and might one day be treated as an adult. Until then, suck up, America.

You bring the criticism on yourselves.

42
2
Big Brother

Re: Physics can disagree all it likes ...

@mybackdoor

I believe the original poster was making the point that 'having the right to bear arms' is, in truth, likely to place you in greater danger from the US Government than not having it, due to the ease with which it can justify shooting an armed man. A cynic might therefore conclude that it is in the interests of the US Government to encourage the bearing of arms, as it is then easier for it to kill off nuisance people without its corporate pals losing money due to the neighbours disgustedly taking their business elsewhere. This would undoubtedly make the corporates 'happy", and I expect they would pass some of that 'happiness' onto the Government..

1
0
Silver badge

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

>sorry iraq

Give it a few months ....

0
0
Bronze badge
Unhappy

Sadly emotional arguments based on fear trump arguments based on logical reasoning

You're 100% right that defense is the #1 priority in the USA.

Defense spending has been dragging the US economy to third world status after they lost 2,600 people to 9-11 just as surely as defense spending dragged the Soviet economy to third world status after they lost 8,668,000 people to WWII.

It didn't make rational sense for the Soviets to spend so extravagantly on defense then. It makes even less sense for the USA to spend 7-1/2 times as extravagantly now.

Problem is that making defense #1 is an emotional argument based on fear. It is almost impossible to defeat an emotional argument using logic, and the defense industry has most of the cards in the fear suit.

I suppose we could mention "money spent on defense is money not able to save American lives through medical research or traffic safety", which is true, perhaps spending on medical research or highway safety would save 10 times as many lives as spending on the NSA. But I can't figure a way to give it a strong emotional appeal. The flaw is that it uses logic and a person has to know at least a bit about economics and the concept of "opportunity costs".

https://en.wikipedia.org/wiki/List_of_countries_by_military_expenditures

6
0
Bronze badge

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

The German population was armed before and during the NAZIs.

The Soviet population was armed before and during the communist era.

Guns only make matters worse.

Besides, people who are afraid to write letters to the editor are not going to go out in the streets to face tanks with guns.

And as was noted, US soldiers and US police have a history of shooting other Americans. The US Civil War, Vietnam anti-war protests, any Friday night in a ghetto.

2
1
Bronze badge

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

@Levente who said, "Sure. So did the UK, France, Spain, Italy, let's not forget Russia/USSR (ohh boy!), Germany (OHH BOOOYYY!), even uber-peacenik Denmark shot its citizens before...

...so actually your point was... what exactly?"

The point is that the US authorities will do what the authorities of other nations have done and that it is even easier to give and follow orders to shoot armed civilians than unarmed civilians.

And is your hand held peashooter going to make an impact on your government's helicopter gunships or Abrams tanks?

Is your peashooter going to stop drone strikes on your rebel civilian leadership?

Guns are pointless now. If you need guns to improve your country, you might as well give up and move to Somalia.

5
0
Bronze badge

Re: @mybackdoor @AC 00:36

"Nothing happened to the forum, America happened to the world and this is the result. Pretty much despised as a nation globally*

*Individuals are a different matter. I happen to know some very nice Americans"

1. As UK citizens we know from 300 years of being the lone global super power that the rest of the world hates global super powers.

2. The USA shafted the UK after WWII with heavy loan repayments that lasted until 1996.

So US citizens should know from their own feelings that memories of hatred of super powers are long lasting.

3. The USA is a democracy and its people are responsible for the actions of their government.

There are lots of very nice people who vote for drone strikes and invading powerless countries using "shoot to kill shock and awe" campaigns.

4. The Americans do some good in the world. They are not all bad, and even the bad ones are seldom entirely bad.

1
1
Bronze badge
Stop

Re: Physics can disagree all it likes ...

>>What the fuck happened here to this forum, did I miss the "You Must Hate Americans" section in the site registration?

Maybe something to do with the USA using the CIA to overthrow/destabilise democratically elected governments that it did not like. You can add the left wing Labour government of Australia to this list. (1960s)

https://en.wikipedia.org/wiki/Covert_United_States_foreign_regime_change_actions

All done in the name of democracy, or was it corporate interests?

2
1
Silver badge
Black Helicopters

Re: @mybackdoor

Trevor's post can be shortened to

Presidential Rules

1) USA No 1

2) USA No 1

3) USA No 1

4) Fuck the rest of the world if you don't agree. { send in the Marines etc}

Most Americans are pretty nice people but they have a totally blinkered view of the world. i.e.

Pretty well anything outside the lower 48 states does not exist. Remember that many have never travelled outside their own state.

My ex colleagues (in MA, NH) were astounded that I have been to 48 out of the 50 states (Alaska & OK are left).

Black Helicopters naturally.

2
0
Bronze badge
WTF?

Shrub or Oh, bummer

Eddy Ito» The president, meh does it really matter if it's Shrub or Oh, bummer.

Abort Retry Fail Ito-san?

1
0
Gold badge
Unhappy

Re: Physics can disagree all it likes ...

"All done in the name of democracy, or was it corporate interests?"

Well in the aces of Alledne of Chile in the early 1970s it might have been the CIA pension fund holdings of RTZ, which (IIRC) he nationalized.

Interestingly the CIA seemed to avoid most of the Iran/Contra efforts to overthrow the Sandinista government of Nicaragua (another democratically elected left of centre government, unlike the Formosa family, that ran the country the way a mafia family would run a country for a generation).

0
0
Anonymous Coward

Re: @mybackdoor

It's the actions of the US government/military/corporate that are hated. But who votes in US governments? Nobody else but US citizens, so you have to shoulder some of the responsibility and accept that you are in small part personally responsible.

1
0
Silver badge

Re: good luck with an invasion

Why invade at all ?

You're doing a brilliant job of fucking up your country on your own.

0
0
Anonymous Coward

Re: Physics can disagree all it likes ...

"England fired upon their own when they revolted to make a new country"

To be fair they were mostly criminals and scum of the jails...

0
0
Bronze badge
Black Helicopters

Re: I usually don't buy socialist arguments about America being a "corporateocracy"

When the revolution comes, the armed forces will change sides.

0
0
Bronze badge
Pirate

Re: Physics can disagree all it likes ...

A good number of the posts on these here forums revert to American bashing. Even more so when the actual article is about America.

Once were done with the revolution here, we will take care of the rest of them ;)

0
0
Bronze badge
Pirate

Re: @mybackdoor

Lets not forget the whole "The sun never sets" business either. I think that a lot of those countries hated the crown back in the day, You should be happy that your not in the spotlight anymore.

0
0
Gold badge

@Rick Giles

Your/you're. Learn them!

Also: if you think for a moment that the UK - or any other major power - isn't "in the spotlight" then you are deluding yourself. Ask the British how they feel about Iraq, or Greece about about EU monetary policy. The difference is that the douchebaggery of most other major powers is a pale shadow when compared do the overall dickishness of the good ol' US of A.

American exceptionalism: present in the populace as much as the politicians.

1
0
Silver badge

Re: Shrub or Oh, bummer

Ok, if I really have to spell it out, Shrub == Bush as used by the blue team and Oh, bummer == Obama from the red team meme. Sorry it was over your head.

"Abort Retry Fail Ito-san?"

Ito-san? Is that the best you've got? I'd have figured a syphilitic gonorrhea ridden redneck xenophobe Teamster would be more eloquent. Go ahead and look up the words with six or more letters on your own time.

0
0
Anonymous Coward

I've already taken steps to move my data to off-shore, non-US / UK influenced datacenters where I control the content and encryption methods used. It will not be AES.

Our company email will be moved from Google servers as soon as practicable and we are introducing strong email encryption in the short term. Outlook is being replaced as our mail client and Office replaced by alternates as well.

In a way, this is a damned good thing. Sorry that it took such a scandal to motivate our board, but here we are. The taps are open on new spending to protect our clients and their info. US companies will see non of it.

11
0
Anonymous Coward

I'm curious, where are you headed with your company's hosting? Currently I funnel a lot of money to amazon for our clients' hosting, and while I'd love to consider non-US alternatives, I cannot justify the increased costs (everything I've looked at so far is 3-6x as much as we'd spend with aws).

1
0
Silver badge

AES, or not AES...

Some people don't seem to grasp that AES was created by two Belgian cryptographers and after a lot of competitions and open peer-review by most of the world's experts and was ultimately decided to be the best by more or less everyone. That is why it became the official US choice (i.e. NIST), not because it was created with a NSA backdoor of any sort.

Now you might argue that the NSA has built acceleration hardware to assist AES code-breaking, but with the advent of FPGA systems that can be re-programmed to suit any cypher, hence no common cypher is going to fair better. And if you go inventing or adapting your own or some obscure one, most likely you will inadvertently make matters much worse for your own security.

So if cryptographic security really REALLY matters to you, you need to concentrate on having a high entropy key, and securing the key against "APT" style of system wide hacking. Most likely, that is the weak link.

Finally, don't over-estimate your importance to the spooks, most comentards seem to think the NSA, etc, will blow days of billion dollar machine's system time on their scribblings. They won't, not unless you are important enough.

Maybe you are, say a business that is serious money competition to a US gov supplier, for instance. But in reality making your data encrypted in any way means they (and advertisers, private investigators, etc) can't read/mine it so it gets stored away in case they do want to investigate you. Out of 1 billion or so Internet users? Really?

4
0
Bronze badge

Re: AES, or not AES... Universal pwnership is the next logical step in universal capture.

@ Paul

1. The problem is that it is not 1 in a billion internet users.

By encrypting our email we'd make ourselves 1 in a few hundred thousand individuals globally.

Even most government departments don't routinely encrypt their email.

If encryption becomes easier and more routine, and almost everyone adopts it, then the 1 in a billion argument might become valid. But almost everyone adopting anything is far fetched.

2. We can encrypt all we want, and I agree AES is probably one of the better algorithms to use, but how do we protect the private keys and the unencrypted input and output?

Pwnership of our computers gives the ability to see everything on them, even when it is only there a short time.

How do we stop the NSA pwning all our computers? Universal pwnership is the next logical step in universal capture.

1
0
Anonymous Coward

Re: How do we stop the NSA pwning all our computers?

That is a tricky question, and really the only answer that can even take a stab at it is open source.

We know Apple & MS are USA companies and cooperate, so one can rule those suppliers out. But even with open source you don't know who, if anyone, has properly reviewed all code, nor do you know if the repository you get everything from is actually based on the original code.

Ultimately physical separation is the only way to make sure your data is safe from all but a physical entry (either intruder or an employee copying it off).

0
0
Thumb Up

@AC 6/8/2013 19:59

Can't speak for the original poster, but my company moved from Amazon to GreenQloud, which is Iceland based, and the costs are rather similar. Would depend on your usage of course. And they don't have quite all the features of Amazon yet, enough for us, but again, YMMV. At least there's the added benefit that they're green to help justify the move.

0
0
Silver badge

U.S. NATIONAL DEBT

The Outstanding Public Debt as of 06 Aug 2013 at 07:51:31 PM GMT is:

$ 16, 747, 182, 640, 952.95 and increases 2.2 Billion dollars a day.

I doubt that amount will be going down anytime soon given the NSA spying revelations. Once people start buying Airbus over Boeing, it will ripple quickly. Personally, I think the business loss estimates given in the Reg article are very low.

3
0

Page:

This topic is closed for new posts.