Slashdot Mirror
Microsoft Opens Up Azure Cloud in Germany Even It Can't Access (windowsitpro.com)
Reader v3rgEz writes: International customers are becoming increasingly concerned about the U.S.'s data snooping practices, and it appears Microsoft has devised a solution to make them happy: Set up Azure cloud in a foreign region. Because it's under the technical ownership of a German company named Deutsche Telekom, even Microsoft doesn't have access to the data. The move is not surprising, but it could set a precedent that encourages others to move their corporate data away from U.S. shores to countries that take a friendlier view of encryption and data privacy. From the official blog post, "Microsoft has -- in this new model -- no rights at all to access customer data. Only for special purpose like a support call from a customer a temporary access will be granted by the Data Trustee to the Microsoft engineer, and only for the specified area. After that time (using a technology similar to what you might know as JIT) all access is revoked automatically. So to repeat: Access is granted to the Microsoft engineer only by the Data Trustee. Microsoft has no way to grant that access to itself."
I'm freaked out right now. Whats going on here?
Just a little Mom and Pop business in Germany with an $81 Billion USD market capitalization. :)
I think most people would associate JIT with Just-In-Time compilers, but I fail to see how that translates to credentialing.
Your hair look like poop, Bob! - Wanker.
Yet again, laws matter.
If the US wants to keep data centers in the US, it needs to understand that making draconian laws is NOT the way to go about it.
Simply put, right now, I would NOT be building a data center in the US if my primary customer base was outside of the US, period.
It is actually a German comedy act - die Telekomiker. They also own the "T-" brand, as in T-Shirt, T-Rex and T-Bone Steak.
"It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
US Government: "We will fine you until you comply with the order giving us access to the servers."
Microsoft:"Those aren't our servers. We don't have access."
Government: "Comply or be fined a million dollars a day."
Microsoft files bankruptcy in AD 3276.
Thus begins the first Year of Linux on the Desktop.
You're confusing them with Der Wienerschnitzel...
I've abandoned my search for truth; now I'm just looking for some useful delusions.
Or they could just barter intelligence deals with German intelligence to have *them* hand over the information directly.
These are government intelligence agencies here. The NSA certainly could social engineer themselves the information, or induce faults on a case by case basis, but why do that when you can just cut a deal or two? The NSA has so much juicy information that German intelligence would be happy to trade for.
Sorry, what? German intelligence would never do that? Yes... sorry... I'm not laughing, that's just a lot of coughing. That's the ticket.
After betraying their customers for years by doing stupid shit like uploading their encryption keys to OneDrive by default, Microsoft wants to jump in on the fame and honor that Apple is getting for refusing to make malware in order to unlock a terrorist's iPhone. Hurray, off-shore data lodging! Ultimately though this'll mean nothing but a teeny bit more latency for PRISM, which Microsoft has oh-so-willingly cooperated with the NSA to power for years.
Not quite. This thing is a response to: https://en.wikipedia.org/wiki/...
Basically, Microsoft has been fighting this case for years now. If the US wins, then it can mandate that Microsoft must turn over data anywhere in the world with just a warrant. That doesn't pass muster with EU laws. So, if the US wins, then all of a sudden it becomes illegal for an EU business to use any Microsoft cloud service, or at least extremely risky for them to do so.
This new service is something where they can tell the US government, "We phisically can't do that." Just like how Apple will probably push out an IOS upgrade that prevents flashing new firmware to a phone while locked without wiping the device.
So lets pretend that we've just completed writing this code, as opposed to having just completed sabotaging it -Altera
The NSA doesn't need this, any more than they need a National Security Letter to access US data, as long as it's not encrypted well. When I worked at MS, we would half-joking blame (assumed) NSA taps on the low quality we'd see in WAN connections between DCs. It was a bit of a shock to discover from Snowden it was all true (MONKEY PUZZLE was the codename for those NSA taps, IIRC).
It's different if the data is encrypted in such a way that MS only has access to the metadata (which should be enough for customer service). Of course, with the right National Security Letter, MS could be compelled to design their system in a flawed way.
Socialism: a lie told by totalitarians and believed by fools.
Like most things this I'm guessing this comes down to money (not that that's always a bad thing).
In many market segments (think government, healthcare) data residency requirements are build into any contracts. Having a European data center likely allows them to big and win business in these markets.
Well, Deutche Telekom is (or was) the German State telephone company, kind of like the Post Office in Britain, owned and operated by the government. They have many subsidiary companies, in the U.S. we know them as T-Mobile and T-Systems.
So, they are one step closer to ease of mass surveillance than we are in the US, in that the "cloud" data or whatever is _already_ in the German Gov't.'s hands, basically.
-- You are in a maze of little, twisty passages, all different... --
tnk1, I'm inclined to think that the worm has turned in Germany. Exposure of spying by the US on the Chancellor and other high government officials has poisoned the well. It would be a political death sentence for any politician or government employee who was caught helping the US spy on Germans.
"He took a duck in the face at 250 knots." -- William Gibson, Pattern Recognition
Microsoft's betting on Azure being the next IBM mainframe-style lock in device for IT. It seems to me like their goal is to get IT people thinking in Azure terms whenever they design anything, such that it becomes one of only a couple of ways to get anything deployed. Look at Windows Server 2016 and the upcoming Azure Stack -- Microsoft is basically telegraphing that the days of an on-site server not controlled by the Azure resource manager are on the way out. I'm betting Server 2016 is one of the last "monolithic" server releases, and the rest is going to be an Azure-y collection of services that you turn on and off either in the cloud or in your own datacenter.
Given that, and given Germany's privacy laws, it makes perfect sense that they would essentially build a "Public Azure Stack" to work around that detail. Whether every single company decides they're not afraid of the public cloud or not is in question, but Microsoft's looking to control that conversation and slowly bring everyone into the ongoing monthly charges model. Makes sense too -- either collect one fee for Windows Server one time, or sell it over and over again in monthly installments forever -- the choice seems obvious!
They don't need access to your data in the Azure Cloud any more. They will just read all your data directly from within Windows 10, when you're using it in its unencrypted form.
RogerWilco the Adventurous Janitor
It doesn't have to be an American 3-letter agency - it's not as if the BND doesn't have a track record of violating German citizens' privacy.
#DeleteChrome
Well, Deutche Telekom is (or was) the German State telephone company
"Was". It was privatized a long time ago. So there is no direct control of the Deutsche Telekom by the German government.
Of, course, when the German government asks Deutsche Telekom for a "favor", they are not going to say no. Especially if there are some laws backing the government up. There's another set of secret squirrels in Germany called "Verfassungsschutz", which means something like "protection of the constitution". They have broad powers for snooping on folks that are deemed enemies of the state.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!