Snowden didn't scare many out of US clouds says Forrester Analyst outfit Forrester has asked the question “Did PRISM Cause An Exodus From US Clouds?” and found the answer is yes. At least a bit. The firm asked “1,668 non-US technology and business decision-makers” whether “In the past year, has your company explicitly halted or reduced your spending with US-based companies for …
8% is the final number of these and those - it's still a pretty significant figure. Doing it as a UK business isn't majorly useful though.
I imagine most people concerned by it realise that the spooks have their grubby mitts into everything so the question becomes "but where do you go?".
"What exactly is there to stop the hypervisor injecting a process into the VM's memory to make the VM copy data decrypted off the disk."
I would hope quite a lot of security, auditing and alerting.
However if they went to those sort of lengths then they might as well just hack your office PC as probably a much simpler way of getting at the data...
I would hope quite a lot of security, auditing and alerting.
Not if the owner is allowing it based on a court order. Which is the point - that crypto is supposed to be there to stop you worrying about such things and tempt you to buy Azure CPU time, it's a chocolate teapot in reality.
However if they went to those sort of lengths then they might as well just hack your office PC as probably a much simpler way of getting at the data...
No because it's actually useful if you control the physical access to the system. You'd hardware crypt the HV and restrict access and it'd do things.. Though obviously if the thing itself is compromised remotely yes you're screwed, but it's not as easy. Physical access is king in tech security though.
Also it aint that difficult.
"Not if the owner is allowing it based on a court order."
In the Azure HSM model data is encrypted even over the wire - so reading it off the disk or in a VM won't help them. You can make sure the keys are issued to and the data is decrypted at your authorised clients with authorised accounts restricted by multi factor authentication only. If they tamper with that process it will be logged - and there is no way to avoid that.
The point here being that even if issued a court order Microsoft can't access your data. The Thales HSM solution is deliberately designed to stymie such attempts at cross border access. For instance it won't let anyone at all access any keys from outside your chosen security zone (such as within the EU) even if they have an authorised logon and client!
The OS needs to access the data. The OS can't run encrypted operations through the CPU. If somebody is ordered to give say, hypothetically, the NSA (and this is what we're really talking about here) physical access to the HV or frankly, just any sort of access - there's zero things stopping them injecting processes directly into the memory of the VM and stripping data out.
Any security relationships between you, the VM and the keys are irrelevant in that case. And as I said that sort of level of "compromise" is what concerns people when you talk about handing data over to Microsoft. It won't stop it so it won't affect the thinking.
It might be useful purely for storage of data but it's useless when you're talking about doing things with data which is what most people are using cloudy server hosting for in the first place.
"The OS needs to access the data"
Only in encrypted form. Only the client application on a client PC which is not in a Microsoft datacentre needs to be able load the keys and unencrypt the data...
"The OS Can't run encrypted operations through the CPU."
Of course it can. It doesn't care what the data is - and doesn't need to know. You clearly havn't read the details or don't understand the implications.
As it says very clearly on both the Thales and the Microsoft sites, Microsoft at no time get access to your keys.
Our company was just starting to look at whether cloud could provide an alternative to on-site solutions as the Snowden leaks started. All efforts at looking into cloud services with ties outside of the home country were halted.
We did look at a cloud telephone system based in Germany recently, but it worked out 3 times more expensive than a traditional solution.
This post has been deleted by its author
Oi. MB,
You remember when you challenged myself and others to find actual harm caused by NSA activities? Well, this is the sort of thing I meant.
If this suspicion and trend continues, there will be measurable harm to the USAs technology economy and that will, inevitably, spread to other sectors.
I note that you've challenged others to answer the same question since, but you've added a keyword; "Personally". You ask people to produce evidence of "actual harm caused to them *personally*", neatly avoiding the evidence of more indirect harm caused to a nations political, legal, social and economic systems.
Now, your philosophy of "I'm all right, it doesn't affect me, so its not my problem" may suit your view of the world, but most of us think more broadly than that, so I would advise the dropping of the word "personally" from your question which would actually allow for a reasonable answer.
Feel free to post your usual invective, side-stepping answer or ignore this with a simple down-vote as you usually do with arguments you can't answer without demonstrating your signature total disregard for the welfare of others members of the human race.
"We're not sure it is sound to do the math on this one and declare that a 34 per cent of 26 per cent means about eight per cent of people pulled data from clouds for fear of spying, because the exact nature of the samples isn't explained."
I can help here: it's not sound at all, especially as "others [sic] reasons for repatriating data or services included local laws, or greater comfort doing business with domestic providers." are supersets of the first reason.
If local laws have been changed to prevent US-based hosting, what are the reasons for that? If CIOs have greater comfort doing business with domestic providers, what are the reasons for that? Certainly if I were a CIO explaining why I had pulled US-based hosting, I'd be a lot more comfortable ticking one of the last two reasons.
What amazes me is that a full third of those respondents explicitly cited fear of spooks. This is almost certainly an underestimate: there's some very good motives for not stating this explicitly and hardly any for using it as an excuse to pull US-based hosting when it is done for some other reason.
“Your business partners are accountable to their governments, and you can’t expect them to put your interests above their own or those of their government.”
The government's interests trump those of the citizen and corporations line up behind that?
I think Robert O. Paxton wrote about that in "The Anatomy of Fascism". So did Günter Reimann in "Doing Business under Fascism".
Many companies, especially the larger ones, have lawyers to keep them out of trouble, and as long as the Safe Harbor question isn't quite settled they're not going to take chances.
I heard some rumours on a forum I visited yesterday (hello, El Reg, where was your reporter?) that there is talk about using crypto as a way to fix the EU Data Protection issue. That way, you could legally store data in the US as it's not accessible by the provider (well, allegedly, which is one of the issues).
Observations:
- best not use the provider's tools to encrypt your data :)
- how is this going to work for cloud PROCESSING? Most discussions I see are about stored data, but you can also use foggy things for processing, and I have no idea how you'd protect that.
Maybe obfuscation math is looking at prime time. Unless outlawed, of course.
(No, I have no idea how that would work, but it sounds like a good premise for a SciFi story written in the 80s where describing the current state of the world would have meant using the adjective "dystopian". John Brunner, anyone?)
Sounds like a lot of the "non-NSA options" are potential variants of the NSA option. Of course, you cant really tell because the survey was not worded well.
Also, you are talking to CIOs/business unit heads. How many potential cloud purchases were strangled/redirected by the staff below these execs before they could ever get to the boss' desk? And what are the reasons behind those lower-level decisions? The fact is that we don't know, but there were probably additional projects that got killed at the staff level because of security concerns.
And even 8% is a pretty big number. Losing 8% of the market because of an activity is the kind of hit that a tech company takes when it completely fails to provide customer support for a product, or announces a 25% price increase.
All that being said, I have yet to see someone demonstrate that a non-U.S. cloud offering in ACTUALLY more secure, as opposed to "Our non-U.S. location allows us to say that we are more secure, while our government actually cooperates with or looks the other way as various U.S. and other sigint agencies do whatever they want."
have yet to see someone demonstrate that a non-U.S. cloud offering in ACTUALLY more secure, as opposed to "Our non-U.S. location allows us to say that we are more secure, while our government actually cooperates with or looks the other way as various U.S. and other sigint agencies do whatever they want
This has less to do with security - this is a matter of which laws apply. What isn't exported to the US is not later accessible by creative use of US law. A man in a shed with a dog holding your data on a USB stick would meet EU criteria as long as said man + dog resides in the EU, whereas a sophisticated data centre with two levels of crypto (say, one PKI and one layer with a symmetric, client only key) would not.
I'm not sure those can actually be used together as in "our cloud is secure". Questions should be raised... secure from whom? Yes, the US has a problem because of Snowden. One of the problems this leads to is "what about other countries?". So, other than the US, we really don't know what any country is doing to clouds hosted in any particular place.
It's very much a false sense of secuirity to move your data to the cloud or even from provider to provider with out actually knowing who's getting access.
Perhaps I need a tinfoil hat here, but I would never recommend that any company put its data out there. Even with all the malware and idiot employees who will open any email (and answer "yes" to "xxx wants to install. Allow?", this just opens up another venue to attack that is outside of the corporate IT security's hands.
I'm not sure those can actually be used together as in "our cloud is secure". Questions should be raised... secure from whom?
Indeed. Such a statement needs a risk assessment, without a threat model and an idea of the company's tolerance for risk (versus available budget) you can't take a decent decision on this.
For-profit companies first have to make payroll, only then can they think about next month.
Let's say for the sake of discussion that a new completely secure and free magic cloud technology is announced tomorrow. As CTO for a company that has operations at least partly taking place offsite (i.e. cloud), how would this affect your daily, weekly, monthly, and yearly technology and budget planning?
Well, it depends on where your company's value proposition lies. For example, if you're Netflix and you have terabytes of videos that need to be served, you don't really care about whether the movies are perfectly encrypted, you care about security at the endpoints, so that non-paying customers can't download the movies for free, and you care about what your bandwidth is going to cost for moving the data to your customers.
Another scenario might be a bank - obviously you will not store your core competency offsite, otherwise you are no different than, say, PayPal, so for you the cloud means an interface for serving your customer service requests, back-office mailing operations, etc.. but your critical technology will be on-site. In this case, security in the cloud is of course important, but in the event of a breach the damage can be contained.
Security is a cross-cutting concern, it encompasses not only the security of the cloud operation but also that of the customers who are ultimately paying the bills. There is nothing Netflix can do if a customer's Apple TV is compromised and begins downloading movies through their account - regardless of where the movies are hosted - ultimately their security is only as strong as the weakest link.
In the scenarios above, the CTOs of the respective companies would have no incentive to immediately migrate their operations to the new magic cloud - many more issues have to be taken account, and they are ultimately rooted in the total economic context, not directly in whizbang technology or the politics of espionage.
Therefore, even if there are strong economic incentives to migrate, many more things have to play out before we will see obvious trends directly attributable to the Snowden disclosures.
When evidence of the spooks wading thru their data becomes evident, the clouds are going to vanish faster than a f#rt in a thunderstorm. Will be a great day for server vendors, and consultants again when they are inundated with work rebuilding corporate server rooms. Just a matter of time... What I find most amusing, however, is how everyone has dashed madly ahead into the clouds. It is the fad de jure, and you're too old fashioned, and not yuppie enough if you don't follow the crowd. I can't wait to watch it all go over a cliff!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
