Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Opens Up Azure Cloud in Germany Even It Can't Access (windowsitpro.com)

Posted by msmash on from the not-sure-if-care-or-marketing-tactics dept.

Reader v3rgEz writes: International customers are becoming increasingly concerned about the U.S.'s data snooping practices, and it appears Microsoft has devised a solution to make them happy: Set up Azure cloud in a foreign region. Because it's under the technical ownership of a German company named Deutsche Telekom, even Microsoft doesn't have access to the data. The move is not surprising, but it could set a precedent that encourages others to move their corporate data away from U.S. shores to countries that take a friendlier view of encryption and data privacy. From the official blog post, "Microsoft has -- in this new model -- no rights at all to access customer data. Only for special purpose like a support call from a customer a temporary access will be granted by the Data Trustee to the Microsoft engineer, and only for the specified area. After that time (using a technology similar to what you might know as JIT) all access is revoked automatically. So to repeat: Access is granted to the Microsoft engineer only by the Data Trustee. Microsoft has no way to grant that access to itself."

98 comments

  1. red header? by monkeyman.kix · · Score: 2

    I'm freaked out right now. Whats going on here?

    1. Re:red header? by skovnymfe · · Score: 2

      It's not ripe yet.

    2. Re:red header? by monkeyman.kix · · Score: 1

      I'm freaked out right now. Whats going on here?

      oh wait I get it lol... WAS red header, now green after I posted Yeah second post!!

    3. Re:red header? by Archfeld · · Score: 1

      A story from the mysterious future ?

      --
      errr....umm...*whooosh* *whoosh* Is this thing on ?
    4. Re:red header? by mmell · · Score: 1
      You know, that was my knee-jerk reaction too - right up until I pondered . . .

      Think about it - in one shot, Microsoft gains something to offer both commercial and (paying) consumer customers - the expectation that encrypted data will remain private -- while simultaneously leaving Apple twisting in the wind in this whole US Gubberment vs. Everyman BS that's playing itself out right now in our "Judicial" system.

      Big bucks triumphs over Big Brother. The Ferengi are right - greed is eternal.

    5. Re:red header? by MightyMartian · · Score: 4, Insightful

      Until Germany does the same thing the US is doing.

      This may seem like a distinctly American problem, but it is global. Every government; from the direst dictatorships to the most liberal democracies, wants their own version of the "Snooper's Charter", and wants to crush anyone who dares question their unlimited right to spy on their own citizens 24/7. This is a theory of government that is unconstrained by any notion of civil liberty, responsible or constrained government power.

      The world is run by sociopathic monsters with a pack of braindead retarded legislators who gave up actually governing years ago.

      Welcome to Dystopia, and now there's an app for that!

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    6. Re:red header? by postbigbang · · Score: 1

      I'd actually like for Microsoft to have the same onus in the USA. Don't touch stuff only and unless you get a secondary auth key from a trustee of the account's data, verified by both sets of credentials, and then only for the session or four hours, which ever is less. A reauth would be needed if they can't fix something within the four hours. The key has to be a healthy, domain curated hefty key. Then: goodbye.

      --
      ---- Teach Peace. It's Cheaper Than War.
    7. Re:red header? by Anonymous Coward · · Score: 0

      Most of the rest of the world doesn't have such privacy invasive policies and a lack of freedom that the US posses. EU countries for instance actually have data protection laws (whether they follow them or want to bypass them is another matter but at least they exist). Only the US combines the rhetoric of a supposedly free society with the reality of Nazi regime combined with cold war approach to the rest of the world. Given the current candidates for president this is only going to get worse too.

  2. I think I've heard of them by Krishnoid · · Score: 1

    a German company named Deutsche Telekom

    I think I've heard of them. They're a niche local exchange phone carrier, right?

    1. Re:I think I've heard of them by avandesande · · Score: 1

      No, I believe they run a hot dog stand around the corner from my house.

      --
      love is just extroverted narcissism
    2. Re:I think I've heard of them by dunkelfalke · · Score: 2

      It is actually a German comedy act - die Telekomiker. They also own the "T-" brand, as in T-Shirt, T-Rex and T-Bone Steak.

      --
      "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
    3. Re:I think I've heard of them by Locke2005 · · Score: 3, Funny

      You're confusing them with Der Wienerschnitzel...

      --
      I've abandoned my search for truth; now I'm just looking for some useful delusions.
    4. Re:I think I've heard of them by avandesande · · Score: 1

      Is that German for White Castle? That is a burger place.

      --
      love is just extroverted narcissism
    5. Re:I think I've heard of them by Sique · · Score: 1

      The meat-in-a-bun-company you are lookingg for is actually called Wienerwald. (And it's Das Wienerschnitzel.)

      --
      .sig: Sique *sigh*
    6. Re:I think I've heard of them by dave420 · · Score: 1

      It was a reference to this place, which managed to screw up its name so horrifically that it's kind of funny.

  3. "Of a German company named Deutsche Telekom" by JoeyRox · · Score: 3, Insightful

    Just a little Mom and Pop business in Germany with an $81 Billion USD market capitalization. :)

    1. Re:"Of a German company named Deutsche Telekom" by WarJolt · · Score: 1

      Not sure if that's sarcasm. If you're a US telecom with less than a $100 billion market cap you're a mom and pop business.

      Verizon and at&t are greater than $200 billion and comcast is at $144.

    2. Re:"Of a German company named Deutsche Telekom" by JoeyRox · · Score: 1

      The US has a population of 319 million people, Germany has 81 million. I'll take DT's over Verizon and AT&T.

    3. Re:"Of a German company named Deutsche Telekom" by Anonymous Coward · · Score: 0

      and far from being a german country with no straws for the feds to grasp at. they are, among other things, the majority owner (2/3rds) of t-mobile, a u.s. company, headquartered in the redmond-adjacent seattle suburb of bellevue. the feds have flexed their jurisdictional muscles with far less ties to the u.s. than that. your data is no safer there than it is if you hosted in langley, va.

    4. Re:"Of a German company named Deutsche Telekom" by Anonymous Coward · · Score: 0

      Except that Deutsche Telekom is widely known in the US dba "T-Mobile"

    5. Re:"Of a German company named Deutsche Telekom" by Anonymous Coward · · Score: 0

      your data is no safer there than it is if you hosted in langley, va.

      ... the most secure as is physically possible?

      CAPTCHA: likely

    6. Re:"Of a German company named Deutsche Telekom" by Anonymous Coward · · Score: 0

      T-Mobile is a mom and pop business? Because that's who DT is.

    7. Re:"Of a German company named Deutsche Telekom" by Anonymous Coward · · Score: 0

      Australia has 23 million people, and our biggest telco market cap is $64.8 Billion. That's how much we get charged for telecommunication services :/

  4. Eh? by OverlordQ · · Score: 3, Interesting

    (using a technology similar to what you might know as JIT)

    I think most people would associate JIT with Just-In-Time compilers, but I fail to see how that translates to credentialing.

    --
    Your hair look like poop, Bob! - Wanker.
    1. Re:Eh? by Anonymous Coward · · Score: 0

      Just-In-Time access. Employees don't have permanent pre-provisioned access.

    2. Re:Eh? by WarJolt · · Score: 1

      They are talking about just in time activation of permissions. The permissions automatically expire after some period of time.

    3. Re:Eh? by Bert64 · · Score: 1

      A few seconds is all that's required to install a persistent trojan to retain access later.

      --
      http://spamdecoy.net - free throwaway anonymous email - avoid spam!
    4. Re:Eh? by bloodhawk · · Score: 1

      JIT is a common terminology for many things. Just In Time Access, Just In Time Manufacturing, Just in Time Production and numerous others. Just in computing the most common one is just in time compilers.

    5. Re:Eh? by Anonymous Coward · · Score: 0

      I have heard tales of certificates being issued for an hour - its not new

    6. Re:Eh? by sg_oneill · · Score: 1

      The term JIT predates compilers and goes back to automobile manufacturing practices where companies would minimise excess stock by optimizing manufacture workflow so that parts come online just as they are needed.

      --
      Excuse the Unicode crap in my posts. That's an apostrophe, and slashdot is busted.
    7. Re:Eh? by dave420 · · Score: 1

      A few seconds and the correct rights, not to mention a complete lack of oversight.

  5. So Microsoft no longer develops Azure and Windows? by Anonymous Coward · · Score: 1

    The only way they could not possibly access the data was if they did not develop the software and consequently could not use their update mechanisms, back doors and other established methods to gain access when so requested. So is the author trying to tell us Microsoft is no longer the software developing company behind Azure and Windows?

  6. Laws matter by Anonymous Coward · · Score: 4, Insightful

    Yet again, laws matter.

    If the US wants to keep data centers in the US, it needs to understand that making draconian laws is NOT the way to go about it.

    Simply put, right now, I would NOT be building a data center in the US if my primary customer base was outside of the US, period.

    1. Re:Laws matter by rtb61 · · Score: 1

      Now of course if you own the box via it's operating system, that sends data to the cloud and gets data from the cloud. What is to stop that box sending a copy elsewhere at the same time an unencrypted copy. M$ is screwed people that wont touch their OS won't touch their cloud either. Their prying ways with the backing of the US government has put them in a pickle, no one trusts them any more with any thing. For games meh, who cares for real world secure applications, you'd need to have your head read.

      --
      Chaos - everything, everywhere, everywhen
    2. Re:Laws matter by Anonymous Coward · · Score: 0

      For games meh, who cares for real world secure applications, you'd need to have your head read.

      Didn't you hear? Microsoft is merging Windows 10 and Xbone. That means all they have now is an OS for games.

    3. Re:Laws matter by AmiMoJo · · Score: 1

      While I agree that it's best to keep data out of the US, it's hardly the only country on the list. What really matters though is keeping the data outside the jurisdiction that the company and customer are based in. Make sure that it requires an international effort to get the data, which is encrypted with a key in another jurisdiction anyway.

      The goal is to increase the cost in both time and money, to discourage fishing trips and laziness. If it's hard to do, law enforcement will only bother if it's really worth doing.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    4. Re:Laws matter by Anonymous Coward · · Score: 0

      They don't even want data centers in the US. The equipment comes from Asia, anyway; labour is cheaper abroad; land is cheaper abroad; energy is cheaper abroad; and governments even give incentives like tax breaks to get the business in their countries.

  7. Microsoft's "me too!" by LichtSpektren · · Score: 1

    After betraying their customers for years by doing stupid shit like uploading their encryption keys to OneDrive by default, Microsoft wants to jump in on the fame and honor that Apple is getting for refusing to make malware in order to unlock a terrorist's iPhone. Hurray, off-shore data lodging! Ultimately though this'll mean nothing but a teeny bit more latency for PRISM, which Microsoft has oh-so-willingly cooperated with the NSA to power for years.

    1. Re:Microsoft's "me too!" by EmperorArthur · · Score: 4, Informative

      After betraying their customers for years by doing stupid shit like uploading their encryption keys to OneDrive by default, Microsoft wants to jump in on the fame and honor that Apple is getting for refusing to make malware in order to unlock a terrorist's iPhone. Hurray, off-shore data lodging! Ultimately though this'll mean nothing but a teeny bit more latency for PRISM, which Microsoft has oh-so-willingly cooperated with the NSA to power for years.

      Not quite. This thing is a response to: https://en.wikipedia.org/wiki/...

      Basically, Microsoft has been fighting this case for years now. If the US wins, then it can mandate that Microsoft must turn over data anywhere in the world with just a warrant. That doesn't pass muster with EU laws. So, if the US wins, then all of a sudden it becomes illegal for an EU business to use any Microsoft cloud service, or at least extremely risky for them to do so.

      This new service is something where they can tell the US government, "We phisically can't do that." Just like how Apple will probably push out an IOS upgrade that prevents flashing new firmware to a phone while locked without wiping the device.

      --
      So lets pretend that we've just completed writing this code, as opposed to having just completed sabotaging it -Altera
    2. Re:Microsoft's "me too!" by fbobraga · · Score: 1

      Oh, the Apple viral AD! Microsoft is trying to make something like it?

  8. Treasure Map by Anonymous Coward · · Score: 0

    >Because it's under the technical ownership of a German company named Deutsche Telekom, even Microsoft doesn't have access to the data.

    see: Red Core Nodes

    Seems more like a way for Microsoft to avoid legal law enforcement inquiries and investigations than to protect customers from "US data snooping practices".

  9. NSA tango by duckintheface · · Score: 1

    What happens when Microsoft, operating under a secret NSA Security Letter, intentionally induces a fault in the Azure Cloud service of an individual of interest. And then of course the Data Trustee gives the Microsoft engineer access to the customer's data. If the NSA knows what they want, the access would not have to be for an extended period of time.
    No, this won't work for mass surveillance or even continuous surveillance of one individual. But it is not data security of the type implied by the announcement.

    --
    "He took a duck in the face at 250 knots." -- William Gibson, Pattern Recognition
    1. Re:NSA tango by tnk1 · · Score: 4, Interesting

      Or they could just barter intelligence deals with German intelligence to have *them* hand over the information directly.

      These are government intelligence agencies here. The NSA certainly could social engineer themselves the information, or induce faults on a case by case basis, but why do that when you can just cut a deal or two? The NSA has so much juicy information that German intelligence would be happy to trade for.

      Sorry, what? German intelligence would never do that? Yes... sorry... I'm not laughing, that's just a lot of coughing. That's the ticket.

    2. Re:NSA tango by lgw · · Score: 2

      The NSA doesn't need this, any more than they need a National Security Letter to access US data, as long as it's not encrypted well. When I worked at MS, we would half-joking blame (assumed) NSA taps on the low quality we'd see in WAN connections between DCs. It was a bit of a shock to discover from Snowden it was all true (MONKEY PUZZLE was the codename for those NSA taps, IIRC).

      It's different if the data is encrypted in such a way that MS only has access to the metadata (which should be enough for customer service). Of course, with the right National Security Letter, MS could be compelled to design their system in a flawed way.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    3. Re:NSA tango by Mister+Transistor · · Score: 4, Informative

      Well, Deutche Telekom is (or was) the German State telephone company, kind of like the Post Office in Britain, owned and operated by the government. They have many subsidiary companies, in the U.S. we know them as T-Mobile and T-Systems.

      So, they are one step closer to ease of mass surveillance than we are in the US, in that the "cloud" data or whatever is _already_ in the German Gov't.'s hands, basically.

      --
      -- You are in a maze of little, twisty passages, all different... --
    4. Re:NSA tango by duckintheface · · Score: 4, Interesting

      tnk1, I'm inclined to think that the worm has turned in Germany. Exposure of spying by the US on the Chancellor and other high government officials has poisoned the well. It would be a political death sentence for any politician or government employee who was caught helping the US spy on Germans.

      --
      "He took a duck in the face at 250 knots." -- William Gibson, Pattern Recognition
    5. Re:NSA tango by PolygamousRanchKid+ · · Score: 1

      Deutsche Telekom runs one of the biggest ISPs in Germany: T-Online. Part of their RADIUS platform is a component called "LI" . . . "Lawful Interception". The spooks can directly access this, without any assistance from the T-Online operator. And, in fact, LI even hides and obfuscates the taps that are in place. So if a drug cartel smuggled in a rogue T-Online operator, this person would not be able to tell the drug cartel that they were being spied on. The other ISPs in Germany probably do the same thing. It was my understanding that ISPs are required to support Lawful Interception.

      Pretty sneaky, eh?

      Now, lets get back to the MS cloud . . . are clouds in Germany also required to support Lawful Interception? If so, a BND->NSA transfer would be a cakewalk. (BND = Bundesnachrichtungdienst, the German NSA & CIA in one package).

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    6. Re:NSA tango by PolygamousRanchKid+ · · Score: 4, Informative

      Well, Deutche Telekom is (or was) the German State telephone company

      "Was". It was privatized a long time ago. So there is no direct control of the Deutsche Telekom by the German government.

      Of, course, when the German government asks Deutsche Telekom for a "favor", they are not going to say no. Especially if there are some laws backing the government up. There's another set of secret squirrels in Germany called "Verfassungsschutz", which means something like "protection of the constitution". They have broad powers for snooping on folks that are deemed enemies of the state.

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    7. Re:NSA tango by BlackPignouf · · Score: 1

      It would be a political death sentence for any politician or government employee who was caught helping the US spy on Germans.

      I totally agree wi....
      Oh!!!! Germany's next top model is on!
      Sorry, what were you saying?

    8. Re:NSA tango by Impy+the+Impiuos+Imp · · Score: 1

      I think the government can force them to help, and to keep their mouth shut about it, but not to lie.

      In this case, lying might even put the lying engineer at risk in the foreign country..

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
    9. Re:NSA tango by secretsquirel · · Score: 0

      hi someone called for a secret squirrel?

    10. Re:NSA tango by Anonymous Coward · · Score: 0

      Rest assured NSA and their contractors can intercept data fully passively. Because they employ real engineers with real wages, not some precarious web programmers.

      Actually it is quite easy: introduce a beam splitter which will siphon off 0.1% of the light and forward the 99,9% of the light to the legit destination. There is absolutely no way you can detect this without an OTDR or the like in the network management system. Plus they have bullied the network operators to do their job, so they will keep quiet.

    11. Re:NSA tango by Sique · · Score: 1

      That's not what this move is about. It's about information that can be legally introduced into an U.S. court. Now the U.S. state attorney has to jump through the loop and actually ask a german court to force Deutsche Telekom to release the information requested, which until now they tried to avoid as much as possible. Especially in cases where the U.S. sentencing laws are considered draconic in Germany, this request might be denied on legal grounds. If for instance an U.S. state attorney would put pressure on the defendant by asking the court for 50 years of imprisonment or agree to a plea bargain for some cases of unlawful computer access, a german court could decide that this is unjust and thus any request by the U.S. court has to be denied.

      --
      .sig: Sique *sigh*
    12. Re:NSA tango by Anonymous Coward · · Score: 0

      So to repeat: Access is granted to the Microsoft engineer only by the Data Trustee. Microsoft has no way to grant that access to itself."

      Although the article repeated, you didn't listen so I'll re-repeat:

      So to repeat: Access is granted to the Microsoft engineer only by the Data Trustee. Microsoft has no way to grant that access to itself.

    13. Re:NSA tango by Anonymous Coward · · Score: 0

      Thanks for the laugh. Cheap laughs are laughs as well :-)

    14. Re:NSA tango by Anonymous Coward · · Score: 0

      Exposure of spying by the US on the Chancellor and other high government officials has poisoned the well.

      Oh that? The Germans got over it.

      German spies revive internet snooping work with US: reports Berlin

  10. And I have a bridge to sell you... by Bearhouse · · Score: 1

    " Only for special purpose [sic] like a support call from a customer..."

    Or the NSA, FBI, CIA...

    1. Re:And I have a bridge to sell you... by 93+Escort+Wagon · · Score: 2

      It doesn't have to be an American 3-letter agency - it's not as if the BND doesn't have a track record of violating German citizens' privacy.

      --
      #DeleteChrome
  11. Year of Linux by Howitzer86 · · Score: 5, Funny

    US Government: "We will fine you until you comply with the order giving us access to the servers."
    Microsoft:"Those aren't our servers. We don't have access."
    Government: "Comply or be fined a million dollars a day."
    Microsoft files bankruptcy in AD 3276.

    Thus begins the first Year of Linux on the Desktop.

    1. Re:Year of Linux by MightyMartian · · Score: 4, Insightful

      More like:

      US Government: "We will fine you until you comply with the order giving us access to the servers."
      Microsoft:"Those aren't our servers. We don't have access."
      US Government: "Fine have it your way."

      three weeks later

      German Government: "We will fine you until you comply with the order giving us access to the servers."
      Deutsche Telekom: "Fuck you, Microsoft, take your servers back."

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    2. Re:Year of Linux by OhPlz · · Score: 1

      Store fragments of the data in different countries.

    3. Re:Year of Linux by bloodhawk · · Score: 4, Insightful

      MS and other companies have no objection to proper court orders in the appropriate country following due process. This move is due to the US governments unwillingness to follow due process and demand access to servers and data residing in foreign countries without going through the legal processes of that country. So going to German court and arguing the case for access they will be fine with, but of course that will be issued against Deutch Telkom not MS

    4. Re:Year of Linux by shawn2772 · · Score: 1

      German Government: "We will fine you until you comply with the order giving us access to the servers." Deutsche Telekom: "Fuck you, Microsoft, take your servers back."

      Sure, if a German court orders the data to be provided, Deutsche Telekom would comply. So? The problem Microsoft is trying to solve is solved.

    5. Re:Year of Linux by shutdown+-p+now · · Score: 4, Interesting

      The point is to put the servers under the control of the government which is deemed more trustworthy by the customers. And it doesn't even have to be all or most customers - just a subset. Say, those in EU.

      Hopefully, there will be more similar centers opening in other countries in the future, so that customers can actually shop around, and pick the country with surveillance laws and/or track record that they're most comfortable with.

    6. Re:Year of Linux by Anonymous Coward · · Score: 0

      The U.S. government has no objection to proper corporations operating within the U.S. boundaries following the direction of legally issued warrants. This move is due to corporations unwillingness to operate in a manner which complies with the corporation's responsibility to grant access to servers and data run by said U.S. corporation without having to go through legal processes of other countries. Microsoft's decision to start operating servers in other jurisdictions with laws incompatible with the U.S was really the faulty move. Microsoft should therefore be required to restrict its operations to methods for which it is legal for them to comply with legal warrants. Or they should get the hell off U.S. soil entirely - including sales - and see how that works for them and their empire. (Or, alternatively, give up the billions they store offshore to dodge taxes / any interest in their 'foreign' interests that they apparently do not control.)

      MS and other companies have no objection to proper court orders in the appropriate country following due process. This move is due to the US governments unwillingness to follow due process and demand access to servers and data residing in foreign countries without going through the legal processes of that country. So going to German court and arguing the case for access they will be fine with, but of course that will be issued against Deutch Telkom not MS

  12. Nice feature ! by Anonymous Coward · · Score: 0

    When will this enterprise feature find its way to Microsoft's Desktop OS ?

  13. Amazon did it first! by Anonymous Coward · · Score: 0

    Amazon did it first for the US government: http://www.theatlantic.com/tec...

  14. Untrustable by Stan92057 · · Score: 1, Interesting

    Comes down to can Microsoft be trusted and that answer we all know is a flat out No. Forcing people to download adware to get a security patch is flat out evil and all the tricks they have been using to get people to switch to Windows 10 is also evil. So Microsoft is a 100% untrustable and evil IMO based on those facts.

    --
    Jack of all trades,master of none
    1. Re:Untrustable by pr0fessor · · Score: 1

      I would say the most annoying part about the Win 10 upgrade notifications is that I ran the compatibility test and failed but does that mean I stop getting the upgrade notifications and Win 10 ads... NO!

    2. Re:Untrustable by Tokolosh · · Score: 1

      Trust, but verify.

      The Gipper was on to something. If Microsoft announced that the EFF had the unfettered ability to monitor and audit MS and DT, then I would say this is the change we've been hoping for.

      --
      Prove anything by multiplying Huge Number times Tiny Number
  15. Follow the money by da_foz · · Score: 2

    Like most things this I'm guessing this comes down to money (not that that's always a bad thing).

    In many market segments (think government, healthcare) data residency requirements are build into any contracts. Having a European data center likely allows them to big and win business in these markets.

  16. pointless by Anonymous Coward · · Score: 0

    German intelligence agencies have decades of very close cooperation with US intelligence agencies

    1. Re:pointless by HiThere · · Score: 1

      While your point is accurate, the Feds often don't want to do what the foreign agencies require in order to get the exchange. So it's not pointless. And there are legal liability issues, so again it's not pointless.

      Now if what you mean is that the customer's data isn't being protected anyway, you're probably right. But that's not what you said.

      --

      I think we've pushed this "anyone can grow up to be president" thing too far.
    2. Re:pointless by malditaenvidia · · Score: 1

      Oooh, the Germans are mad at me. I'm so scared! Oooh, the Germans!
      No! They're so big and strong!
      Oh, protect me from the Germans!

  17. Time warp by I4ko · · Score: 1

    Hmm,

    so DTAG announced this in November here and MS did it here with availability of H2 2016.

    I wonder if there is any discount for ex employees of that small, unheard of 260000 (iirc in 2006) people employing obscure German company.

  18. To paraphrase Homer Simpson by marsu_k · · Score: 1

    Could Microsoft open up an Azure cloud so that even it can't access it?

    Apparently, the answer is yes.

    (not that I'm buying in to this, whether US authorities will have access to the data, the German ones most certainly will, and they have been very co-operative with NSA et al.)

  19. Microsoft Opens Up Azure Cloud in Germany by mikhailsemin75 · · Score: 1

    Microsoft Windows 10 monitors the user in my opinion more than any exploration of the world, I really understand those users who are concerned about their safety and privacy, I think this is only the beginning, many companies are engaged in the surveillance of Internet users it is only necessary to look deeper at the problem of personal data

    --
    AngryGIF best website free animated GIF on the website is always exclusive GIF animation, Animated GIF are added to the
  20. So? by Anonymous Coward · · Score: 0

    Microshaft to trustee:
    Hand over that fscking data now.
    Trustee:
    Ok.
    10 minutes later, Microshaft to NSA troll:
    Here NSA troll, smell all that fresh data...!! :)

    1. Re:So? by CBravo · · Score: 1

      No, it would be different: NSA to Microsoft: Hand over the code and release this fix so we can backdoor account X. And the next update the account can be compromised. This update will only spread to updates for server Y which holds account X.

      --
      nosig today
    2. Re:So? by Anonymous Coward · · Score: 0

      None of this is true. They already have their brogrammers (that also means code) covertly in place. Intel agencies do not want outsiders know their dealings.

      No phone call, just covert access. Anywhere, anytime.

  21. Smart move for them by ErichTheRed · · Score: 3, Interesting

    Microsoft's betting on Azure being the next IBM mainframe-style lock in device for IT. It seems to me like their goal is to get IT people thinking in Azure terms whenever they design anything, such that it becomes one of only a couple of ways to get anything deployed. Look at Windows Server 2016 and the upcoming Azure Stack -- Microsoft is basically telegraphing that the days of an on-site server not controlled by the Azure resource manager are on the way out. I'm betting Server 2016 is one of the last "monolithic" server releases, and the rest is going to be an Azure-y collection of services that you turn on and off either in the cloud or in your own datacenter.

    Given that, and given Germany's privacy laws, it makes perfect sense that they would essentially build a "Public Azure Stack" to work around that detail. Whether every single company decides they're not afraid of the public cloud or not is in question, but Microsoft's looking to control that conversation and slowly bring everyone into the ongoing monthly charges model. Makes sense too -- either collect one fee for Windows Server one time, or sell it over and over again in monthly installments forever -- the choice seems obvious!

  22. It's Windows 10 by RogerWilco · · Score: 2

    They don't need access to your data in the Azure Cloud any more. They will just read all your data directly from within Windows 10, when you're using it in its unencrypted form.

    --
    RogerWilco the Adventurous Janitor
    1. Re:It's Windows 10 by subanark · · Score: 1

      If you don't trust Windows 10 on your VMs then either:

      A. Set up a firewall at the host level to stop if from talking to non-trusted servers.

      B. Use enterprise edition, which is trusted by people like Amazon (which owns AWS) not to snoop on private information

      C. As part of a major corporation negotiate rights to look at the source code for Windows.

      D. Install linux on Azure (just make sure you use updated hyper-v drivers in your distro).

  23. Similar setup in China by dave562 · · Score: 1

    They did a similar setup in China, but for a different reason. The Chinese government wanted one of their service providers to have access to everything. Same separation of ownership, completely different outcome.

  24. they could serve DT through T-Mobile by swschrad · · Score: 1

    and serve Microsoft in the same writ. I think this sort of hocus-pocus would only work in places where there is minimal infrastructure and no treaties with the US. like, say North Korea. places where you KNOW your data is being analyzed, mangled, and monetized.

    so the ultimate responsibility has to be the Congress formally recognizing the first amendment still applies to technology that didn't exist at the time they were sharpening their goose quills to write the document.

    --
    if this is supposed to be a new economy, how come they still want my old fashioned money?
  25. Germany friendlier? by binkless · · Score: 1

    Who really thinks that the Germans are more friendly about privacy and encryption? European laws might grant individuals some recourse about the use of data by corporations, but don't count on corresponding constraints on government. The difference between what ends up in German vs American government hands has more to do with how developed their snooping infrastructure is, not on whether the legal environment is more "friendly"

    1. Re:Germany friendlier? by Anonymous Coward · · Score: 0

      everyone sane?

    2. Re:Germany friendlier? by Anonymous Coward · · Score: 0

      The difference between what ends up in German vs American government hands has more to do with how developed their snooping infrastructure is, not on whether the legal environment is more "friendly"

      Not really. When you make the environment "friendly" or "cozy" with government snooping groups, the technology comes a long pretty fast regarding that afaik.

  26. Deutsche Telekom by Qbertino · · Score: 1

    You may also know it by it's international Name "T-Mobile".

    --
    We suffer more in our imagination than in reality. - Seneca
  27. Here's an idea by maharvey · · Score: 1

    Stripe the data on the servers. Put two bits in Germany, two in Russia, two in China, and two in Taiwan.

    Nobody has access to all the data, and they're never going to cooperate to get the missing pieces.

  28. Still doing it wrong by Anonymous Coward · · Score: 0

    If anyone (*anyone*!) other than yourself has access for any amount of time to your unencrypted data, your storage provider is doing it wrong.

  29. Needs to be a way to retrieve data by Etherwalk · · Score: 1

    If anyone (*anyone*!) other than yourself has access for any amount of time to your unencrypted data, your storage provider is doing it wrong.

    There needs to be a backup way to retrieve data. Otherwise you get cases like the system that needs seven people to do certain critical things, and one day one of them walks in front of a bus.

  30. Deutsche Telekom and privacy by ooloorie · · Score: 1

    Set up Azure cloud in a foreign region. Because it's under the technical ownership of a German company named Deutsche Telekom, even Microsoft doesn't have access to the data

    Deutsche Telekom is roughly the German equivalent of AT&T: a former government-sponsored monopoly. It is in bed with the German government; they are actually still 30% government owned. You can bet that if you put your data on that cloud, the German government, intelligence agencies, and police are going to get full access to it. And that's the best case scenario: their security and privacy record is actually pretty bad.

  31. Not if there is a single American admin by EmperorOfCanada · · Score: 1

    OK, I am an American admin heading over to Germany for a security audit, code update, bug tracking, etc. (at the airport 8 thugs in cheap suits hand me a security letter from the DOJ saying that if I don't comply I go to jail. If I tell anyone about the security letter, I go to jail. If I call a lawyer they haven't approved, I go to jail. But at the same time they tell me that they are trying to stop very very bad people and that it would improve my job prospects with future applications to various security companies if I do help out.)

    So I go to Germany and do what? Nothing. Yeah some wishful thinking there.

  32. Most Importantly by Anonymous Coward · · Score: 0

    German intelligence has been set up by the Americans. They are their stooges.

    And the German elite is a bunch of traitors who always will bend over to American demands.

  33. Works Differently by Anonymous Coward · · Score: 0

    They have their secret operatives inside all the big companies and the big FOSS projects. They will insert some highly complex, highly covered "bugs" into these projects. You bet they have a special team in the center of blackness who develop these "mishaps". And the exploits to use the mishaps as backdoors.

    Voila - EVERY encryption is easy to break now.

    This is just one of the 1% lies.

    Fiorina and Clinton told the truth some time ago....

  34. Not Entirely New by Anonymous Coward · · Score: 0

    Not exactly unusual for this sort of arrangement if the deal is big enough. Optus/Singtel have a satellite ground station in Australia which not even they can access because it's carrying sensitive government communications, would make sense for same sort of arrangement in other sectors.

  35. Use a Russian cloud then by Anonymous Coward · · Score: 0

    The upsides are Russia will not bend its laws for the West. As long as the customer does not break Russian laws, his data is safe on Russian servers. The only entities potentially surreptiously accessing the data are FSB and possibly Sledcom, the Russian FBI, and none pose a great danger to Western businesses.