Slashdot Mirror

← Back to Stories (view on slashdot.org)

Switzerland Wants To Become the World's Data Vault

Posted by samzenpus on from the leave-it-to-us dept.

wiredmikey writes "Business for Switzerland's 55 data centers is booming. They benefit from the Swiss reputation for security and stability, and some predict the nation already famous for its super-safe banks will soon also be known as the world's data vault. For example, housed in one of Switzerland's numerous deserted Cold War-era army barracks, one high-tech data center is hidden behind four-ton steel doors built to withstand a nuclear attack — plus biometric scanners and an armed guard. Such tight security is in growing demand in a world shaking from repeated leaks scandals and fears of spies lurking behind every byte."

10 of 131 comments (clear)

  1. Swiss's NSA analog? by Anonymous Coward · · Score: 5, Insightful

    What is to say that their agency similar to the NSA will not be over all the stored data like a fat kid over cupcakes? It is great intel, especially if it comes to economic or commercial stuff.

    1. Re:Swiss's NSA analog? by AHuxley · · Score: 5, Informative

      The Swiss mil did a lot of mil 'swaps' and further 'education' with the US. The Swiss also had a lot of their deep bunker information sold to the Soviet Union. Would the US have been invited in to help with security after such an event and friendships formed?
      Switzerland had great skills in ~cold war crypto products for export but did not seem to pose any decryption issues for the GCHQ/NSA over time.
      What an Australia, UK, NZ, Canada gives to the US via generational agreement, the Swiss might give to the US out of staff friendship and ongoing gov trust?
      The other aspect would be the ongoing tax issues with US citizens and the use of EU/Swiss banking products.
      Swiss banking might become more open to US legal requests, would Swiss data protection laws for non Swiss end users bend the same way over time under constant US legal/gov/mil requests?

      --
      Domestic spying is now "Benign Information Gathering"
  2. Physical, sure. Data security? Not anymore. by spiritgreywolf · · Score: 5, Insightful

    Spies don't have to crack them if they're financial based businesses like banks. Every time the IRS expresses an "interest" in the account information, they roll over on their backs. I would expect no less from them if any other three letter agency wanted more information, especially if any of those "interests" involved doing business with the US.

    --
    Never have a philosophy which supports a lack of courage
  3. More holes than Swiss cheese by Anonymous Coward · · Score: 5, Informative

    Three more Swiss banks join US tax deal - Reuters - 12 hours ago.

    Swiss banks are supposedly the safest place to store money, If the Swiss are willing to share customer data with the US, what else can't they share?

    Just another tentacle of the Nothing is beyond our reach motto.

    1. Re:More holes than Swiss cheese by Xest · · Score: 4, Interesting

      Switzerland's problem is that it's grown wealthy off the back of dirty money.

      That is, it's banks have obtained large amounts of money from everyone from Nazi looters through to money stolen by common theft, through to the much more benign tax avoiders and evaders.

      This money has been used to invest and bankroll Swiss firms, which is why Switzerland has been able to grow other major firms like Nestle over the years and is what allows Switzerland to have disproportionate corporate punch in the world.

      Most nations are willing to turn a blind eye most of the time because although it's a problem for them, a rational cost/benefit analysis has to be performed and most of the time it's more hassle trying to argue a political solution and implement it than it's worth.

      But since the recession that's changed, countries are desperate for every penny they can find, a few hundred million or a few billion owed to the tax authorities is a non-issue in boom times relative to the lower hanging fruit they can go after back home instead but when the financial crisis hit and as it has dragged on for so long all the low hanging fruit have been plucked, and suddenly even mere hundreds of millions held abroad are worth going after.

      So at this point financially hit countries like the US, UK and much of Western Europe now put the Swiss in their sites, and it becomes an ultimatum for the Swiss at this point - start giving up the criminally held tax, start giving up the tax evaders, or we'll put hefty financial transaction taxes on monetary transfers in and out of your country, or we'll start picking through your nation's companies with a very fine comb looking for fines we can leverage against them.

      This is why the Swiss have allowed their banks to start submitting to US tax deals and so forth because the alternative is much less pleasant (e.g. http://www.bbc.co.uk/news/business-20907359).

      Swiss data centres would be no different - they'd be perfectly solid and safe until they become a measurable problem to a major Western nation or two and as with Swiss banks you'd see a slow erosion from complete secrecy, to allowing warrant based requests for data, to general access to information deals and support for cease and desist orders.

      At best therefore they'd be a temporary solution. But if they were willing to host the likes of The Pirate Bay I'd wager that solution would be very temporary indeed given the lobbying power of the MPAA/RIAA and the priority with which the likes of the US would hence pursue such an issue with the Swiss.

  4. Re:SLA agreements... by cold+fjord · · Score: 5, Funny

    IMHO, I don't care if they store data in the vaults of Mordor...

    I'm thinking that the Swiss are more of the Dwarf miner flavor, don't you think? Tunnels, tunnels everywhere, filled with gold.

    --
    much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
  5. Re:SLA agreements... by mysidia · · Score: 4, Insightful

    Here in the US, in theory, the physical servers (and their SAN backends) should be blanked, but if not and the data passes through to another party, that party holding the servers owns that data free and clear. A bank's private records could be available as a torrent,

    If the bank is adhering to regulations and standards; all the sensitive data such as account numbers should be encrypted at rest.

    Preferably; all data in the vault should be stored with a storage layer encryption on top of that, such that only the legitimate client can operate on the data.

    For anything that needs to be processed onsite --- hardware security modules should be used to decrypt data on the fly.

    The bank should have legal ownership of the authorization tokens required to operate the hardware security modules, and perform decryption tasks on the bank's data.

    There should be a third party required to supervise administration of the hardware tokens required to authenticate to the HSM, and ensure that the tokens and HSM units remain secure at all times, and are operated only with continuing approval of the tenants.

  6. Data in any single place is vulnerable by presidenteloco · · Score: 4, Informative

    The solution to data longevity is such things as:

    -Redundant storage

    -Globally distributed storage

    -Fragmentation and reassembly of data (so no host is responsible for content, since it is all just fragments)

    -A protocol whereby the network monitors how many copies of a datum there are and creates more copies if it can't find enough.

    -A protocol that automatically migrates data fragements to both newer host storage and more reliable host storage gradually over time.

    -Re-wrappable encryption protocol

    -Onion routing for access

    -An economic model such as quid pro quo storage sharing (you store some of anonymous others' fragments, they store some of yours, no money exchanged.

    -Storage of metadata and programming language execution environments and programs (with instructions) along with data

    --

    Where are we going and why are we in a handbasket?
  7. I was from China ... by Taco+Cowboy · · Score: 5, Insightful

    Yeah, NSA may be more pervasive worldwide, but if you truly believe China's espionage efforts aren't also focused outside of their country, I know someone with some prime marshland you might be interested in.

    Yes, China does spy on people.

    But at the very least, China does not do that and then say to the world "The world should THANK US for keeping them safe".

    I was from China. In fact, I ran away from China. I dislike China's communist party as much as anybody else, and I am a naturalized American citizen.

    But still, fair is fair.

    While what NSA did technically was not that much different from what others do (which includes democratic countries such as England, Australia, Canada, New Zealand and France), morally, the United States government has sunk lower than that of China !

    China steals others secret but never pretend to be THE PROTECTOR, unlike the Hussein (aka Barry Soetoro) Barack Obama Administration of the United States of America !

    Now, about that piece of marshland, I think you can keep it.

    --
    Muchas Gracias, Señor Edward Snowden !
  8. Re:Glory to Arstotzka! by RabidReindeer · · Score: 4, Interesting

    Because no country existing outside of a dystopic novel has anything comparable to the NSA. Inb4 China: China's massive espionage ends at their borders, outside there it's just the usual, they don't even monitor WoW despite the risk of gnome terrorists.

    There are no less than 3 separate sources within the People's Republic of China that hammer on one of my servers 24x7x365 trying to break their way in. They've been at it for a very, very long time.