Jump to content
House Price Crash Forum

Recommended Posts

https://www.bbc.co.uk/news/technology-50191242

The US DOD has issued its $10Bn Jedi contract to Microsoft, rejecting Amazon the previous front runner. 

To me this makes sense. Amazon AWS seems to be like a leaky bucket, it is also full of Bot Nets paid for with Stolen Credit cards. Plus the fact that Amazon intercepts incoming Web traffic for its own ends. 

Any commercial outfit using AWS really ought to get off it. 

 

Share this post


Link to post
Share on other sites
7 hours ago, Mikhail Liebenstein said:

Plus the fact that Amazon intercepts incoming Web traffic for its own ends. 

Given that 85% of web traffic is now encrypted (and if you care about it will be), how do they do this without the clients permission?

Answer : They cant.

Share this post


Link to post
Share on other sites
2 hours ago, Chunketh said:

Given that 85% of web traffic is now encrypted (and if you care about it will be), how do they do this without the clients permission?

Answer : They cant.

Voice processing services for NLP via devices like Alexa. If I were a bank I'd develop my own not use AWS.

Other forms of meta data are traceable through cookies. They don't need to see the content, just work out who is talking to who and then put up appropriate adverts/counter offers.

We also know Amazon sellers suddenly find their best sellers available from Amazon itself.

And look up Amazon and Elastic Search to see they will also develop their own version of your software.

https://onezero.medium.com/open-source-betrayed-industry-leaders-accuse-amazon-of-playing-a-rigged-game-with-aws-67177bc748b7

https://searchaws.techtarget.com/news/252471650/AWS-faces-Elasticsearch-lawsuit-for-trademark-infringement

Time for Amazon to be broken up and AWS taken down.

 

Edited by Mikhail Liebenstein

Share this post


Link to post
Share on other sites
2 hours ago, Chunketh said:

Given that 85% of web traffic is now encrypted (and if you care about it will be), how do they do this without the clients permission?

Answer : They cant.

Also interesting to see the UK Government reversing its Cloud First Policy.

https://www.cbronline.com/opinion/cloud-first-uk-govt

Whilst they talk of hybrid cloud, this really means big cuts in Public Cloud use. It works out too expensive and as suggest security (especially in Amazon S3) can be weakened.

Share this post


Link to post
Share on other sites

Maybe I should have clarified. 

Private (encrypted) traffic headed into your AWS instance cannot be inspected by Amazon. If you send your traffic in clear text, or make use of their SaaS offerings then clearly they can.

The fact is that they have set up arguably the most sophisticated commercialised virtualisation platform in the world and make a heap of cash from it (most of Amazons earnings come from AWS as you probably know). Others are starting to catch up now, which is good.

I'm not sure that breaking them will do a lot of good, someone else will fill the vacuum and their tech lead is now starting to be eroded by others. They paved the way for how to do it (as raw tech you cant help but admire it sometimes) but that cat is out of the bag and the genie aint getting back in the bottle anytime soon.

Talking about personal information and the insidious creep of voice recognition tech is a different subject really and you wont get any arguments from me about it. It's the next major privacy invasion and is ****ing creepy. My only hope is that mobile CPU continues at a pace and that it can move back onto the endpoint from the cloud really soon.

Share this post


Link to post
Share on other sites
1 hour ago, Chunketh said:

. My only hope is that mobile CPU continues at a pace and that it can move back onto the endpoint from the cloud really soon.

Yes, this trend is interesting and there is a lot of talk now about Edge computing, which is a bit like, "damn we shut our corporate datacentre, and now we want one again, but can't admit the error." 

To be fair, the edge can mean anything from a small mobile chip in an IoT device to one of those environmentally sealed racks and everything in between. 

But the truth is some apps were never suited to cloud anyway. Driverless cars/drones etc and very high performance systems for example. 

Also we may well now get a wave of green computing. My Coffee Lake machine with 64GB and an NVIDIA 2080 is quite wasteful in many ways, I can personally do 90% of my stuff on one of those 4GB Raspberry Pi 4 boxes. 

A lot of power is wasted by datacentres, and mobile compute with green energy would be good for most people. Actually 40 minutes on an exercise bike or rowing machine could probably power a raspberry pi for a day. 

Share this post


Link to post
Share on other sites
On 26/10/2019 at 21:31, Mikhail Liebenstein said:

Voice processing services for NLP via devices like Alexa. If I were a bank I'd develop my own not use AWS.

Other forms of meta data are traceable through cookies. They don't need to see the content, just work out who is talking to who and then put up appropriate adverts/counter offers.

We also know Amazon sellers suddenly find their best sellers available from Amazon itself.

And look up Amazon and Elastic Search to see they will also develop their own version of your software.

https://onezero.medium.com/open-source-betrayed-industry-leaders-accuse-amazon-of-playing-a-rigged-game-with-aws-67177bc748b7

https://searchaws.techtarget.com/news/252471650/AWS-faces-Elasticsearch-lawsuit-for-trademark-infringement

Time for Amazon to be broken up and AWS taken down.

 

So much to unpick here. Cookies can't be seen if the request is encrypted.

RE: Elastic Search, that's not 'your' software, that's 'open source' software given away and legally monetised as a service by AWS. Just like Apache was, and countless other software products. If you don't like their service, then pay someone else or implement it yourself.

Amazon is a cult and I don't trust them as far as I can throw them, but why they're less trustworthy than Microsoft I've no idea...

Also, you seem to be confusing AWS with Amazon.com.

 

Share this post


Link to post
Share on other sites
11 hours ago, the_duke_of_hazzard said:

So much to unpick here. Cookies can't be seen if the request is encrypted.

RE: Elastic Search, that's not 'your' software, that's 'open source' software given away and legally monetised as a service by AWS. Just like Apache was, and countless other software products. If you don't like their service, then pay someone else or implement it yourself.

Amazon is a cult and I don't trust them as far as I can throw them, but why they're less trustworthy than Microsoft I've no idea...

Also, you seem to be confusing AWS with Amazon.com.

 

Elastic Search, as in the Company Elastic, had premium aspects which they charged for. Amazon then produced their own very similar components.

On cookies, you assume the customers  will implement the security their retailer/service provider might want/prefer.

Seriously any CEO/CTO who suggests using Amazon or AWS is clearly incompetent!

 

Share this post


Link to post
Share on other sites
On 26/10/2019 at 19:26, Chunketh said:

Given that 85% of web traffic is now encrypted (and if you care about it will be), how do they do this without the clients permission?

A lot of AWS traffic is encrypted at AWS load balancers so its encrypted and ans decrypted by their machines, not the clients'. AWS can just read that.

A lot of the data is stored on their database servers (hence the problems faced by open source database developers above). AWS can just read that.

A lot of data is stored on S3, their storage service. AWS can just read that. Mind you, half the time S3 seems to get misconfigured so private data becomes publicly accessible so everyone can read it.

The whole point of using AWS is to use whichever of the above you need easily - so, for example, a website can have multiple front end servers use the same database and S3 storage and have a load balancer in front so you can scale up and down just by launching more front end servers.

You can use just use EC2 instances as VPS's, but that is a stupid thing to do as all you achieve is pay too much for a VPS.

Any cloud provider could just read your encryption certificates, which are stored on their computers, and use those to intercept your traffic

 

23 hours ago, the_duke_of_hazzard said:

Elastic Search, that's not 'your' software, that's 'open source' software given away and legally monetised as a service by AWS.

.
What AWS does is perfectly legal, but is a bit sleazy in that it takes advantage of a weakness in the licences used that no one really anticipated until cloud services took off.

A lot of open source DB developers have switched to "not quite open source" licences to prevent it. I am a bit puzzled about why they cannot use the AGPL licence which is the best established for this, but MongoDB  (who did use it) said the problem was people pushing the limits and Redis also changed the license on modules.

I have less sympathy with those companies who used licences that allowed closed source redistribution - what AWS and the like are doing is just a form of what they explicitly allowed.

 

23 hours ago, the_duke_of_hazzard said:

Amazon is a cult and I don't trust them as far as I can throw them, but why they're less trustworthy than Microsoft I've no idea..


I agree. All cloud services have similar issues.

I really do not see why something are large the the DoD cannot use private cloud in its own data centres.

Share this post


Link to post
Share on other sites
23 hours ago, gp_ said:

A lot of AWS traffic is encrypted at AWS load balancers so its encrypted and ans decrypted by their machines, not the clients'. AWS can just read that.

A lot of the data is stored on their database servers (hence the problems faced by open source database developers above). AWS can just read that.

A lot of data is stored on S3, their storage service. AWS can just read that. Mind you, half the time S3 seems to get misconfigured so private data becomes publicly accessible so everyone can read it.

The whole point of using AWS is to use whichever of the above you need easily - so, for example, a website can have multiple front end servers use the same database and S3 storage and have a load balancer in front so you can scale up and down just by launching more front end servers.

You can use just use EC2 instances as VPS's, but that is a stupid thing to do as all you achieve is pay too much for a VPS.

Any cloud provider could just read your encryption certificates, which are stored on their computers, and use those to intercept your traffic

 

.
What AWS does is perfectly legal, but is a bit sleazy in that it takes advantage of a weakness in the licences used that no one really anticipated until cloud services took off.

A lot of open source DB developers have switched to "not quite open source" licences to prevent it. I am a bit puzzled about why they cannot use the AGPL licence which is the best established for this, but MongoDB  (who did use it) said the problem was people pushing the limits and Redis also changed the license on modules.

I have less sympathy with those companies who used licences that allowed closed source redistribution - what AWS and the like are doing is just a form of what they explicitly allowed.

 


I agree. All cloud services have similar issues.

I really do not see why something are large the the DoD cannot use private cloud in its own data centres.

because cloud is a big scam to restructure everything away from private datacentres then harvest all the data so nothing is private anymore ?

Share this post


Link to post
Share on other sites
1 hour ago, longgone said:

because cloud is a big scam to restructure everything away from private datacentres then harvest all the data so nothing is private anymore ?

Not really but nice conspiracy theory - just as with all industries its winner takes all and the bigger you are to begin with the faster you scale - helps if you own the software as well

Share this post


Link to post
Share on other sites
On 27/10/2019 at 00:01, Mikhail Liebenstein said:

Yes, this trend is interesting and there is a lot of talk now about Edge computing, which is a bit like, "damn we shut our corporate datacentre, and now we want one again, but can't admit the error." 

To be fair, the edge can mean anything from a small mobile chip in an IoT device to one of those environmentally sealed racks and everything in between. 

But the truth is some apps were never suited to cloud anyway. Driverless cars/drones etc and very high performance systems for example. 

Also we may well now get a wave of green computing. My Coffee Lake machine with 64GB and an NVIDIA 2080 is quite wasteful in many ways, I can personally do 90% of my stuff on one of those 4GB Raspberry Pi 4 boxes. 

A lot of power is wasted by datacentres, and mobile compute with green energy would be good for most people. Actually 40 minutes on an exercise bike or rowing machine could probably power a raspberry pi for a day. 

My son a Sales Director in New York for a very large Tech business says massive growth over there in grab it back out of the cloud deals (which large disties and integrators like and push obviously )

Share this post


Link to post
Share on other sites
53 minutes ago, GregBowman said:

Not really but nice conspiracy theory - just as with all industries its winner takes all and the bigger you are to begin with the faster you scale - helps if you own the software as well

sounds like a monopoly to me. 

some big security breach will happen in the future and then it will go back to local. 

Share this post


Link to post
Share on other sites
55 minutes ago, GregBowman said:

Not really but nice conspiracy theory - just as with all industries its winner takes all and the bigger you are to begin with the faster you scale - helps if you own the software as well

surely the techies that look after the infrastructure have access to all the data regardless of source ? 

Share this post


Link to post
Share on other sites
32 minutes ago, longgone said:

surely the techies that look after the infrastructure have access to all the data regardless of source ? 

Surely not if they don't have the encryption keys?

Share this post


Link to post
Share on other sites
1 minute ago, Si1 said:

Surely not if they don't have the encryption keys?

i don`t know enough about it but i would assume the in house staff have their access but then microsoft staff would have access as well ? 

Share this post


Link to post
Share on other sites
5 minutes ago, longgone said:

i don`t know enough about it but i would assume the in house staff have their access but then microsoft staff would have access as well ? 

It's not about access. It's encryption. Access can't be granted.

Share this post


Link to post
Share on other sites
3 minutes ago, Si1 said:

It's not about access. It's encryption. Access can't be granted.

depends if it can be cracked.  you are still relying on those datacentres to have adequate previsions in place presumably systems fail and get replaced maybe in can be be breached. 

like i said i don`t know enough about it depends what MS staff can see their end.  

Share this post


Link to post
Share on other sites
20 minutes ago, longgone said:

depends if it can be cracked.  you are still relying on those datacentres to have adequate previsions in place presumably systems fail and get replaced maybe in can be be breached. 

like i said i don`t know enough about it depends what MS staff can see their end.  

Some encryption can be cracked (old/too short keys OR compromised keys). Some (in all practical sense) can't.

Either the key holder is the only one capable of decryption or the majority of the web is dead in the water.

Share this post


Link to post
Share on other sites
1 hour ago, longgone said:

depends if it can be cracked.  you are still relying on those datacentres to have adequate previsions in place presumably systems fail and get replaced maybe in can be be breached. 

 

Your confusing security and encryption. Encryption is mathematically secure. If microsoft don't have the encryption key then they can't get into it even if it's on ms infrastructure.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

  • 296 Brexit, House prices and Summer 2020

    1. 1. Including the effects Brexit, where do you think average UK house prices will be relative to now in June 2020?


      • down 5% +
      • down 2.5%
      • Even
      • up 2.5%
      • up 5%



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.