Discussion:
The new world that VMS will be living in
Add Reply
Arne Vajhøj
2020-12-07 19:10:06 UTC
Reply
Permalink
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.

From the press:

<quote>
The two companies on Friday finalized a cloud computing agreement under
which the German lender plans to shift most of its data onto Google
servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>

This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.

VMS will need to function - and function well - in such new
environments.

Arne
Bill Gunshannon
2020-12-07 19:35:18 UTC
Reply
Permalink
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement under
which the German lender plans to shift most of its data onto Google
servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Arne
Once you move your data to The Cloud it ceases to be your
data. Hell of a way to run a business.

bill
Jan-Erik Söderholm
2020-12-07 19:40:02 UTC
Reply
Permalink
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement under
which the German lender plans to shift most of its data onto Google
servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert said
in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Arne
Once you move your data to The Cloud it ceases to be your
data.  Hell of a way to run a business.
bill
So you do not have your savings at the bank either, right?
Since it then ceases to be your money, if I understand you.
And banks are a hell of a way to manage your savings.
Bill Gunshannon
2020-12-08 01:05:37 UTC
Reply
Permalink
Post by Jan-Erik Söderholm
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Arne
Once you move your data to The Cloud it ceases to be your
data.  Hell of a way to run a business.
bill
So you do not have your savings at the bank either, right?
Since it then ceases to be your money, if I understand you.
And banks are a hell of a way to manage your savings.
Another typical bad analogy. If someone else knows the color of my
money it's still mine.

Now, we all know how tightly protected the VMS Customer List has
always been. With The Cloud you put it on another persons machine
under their control and relying on their security. If it gets out
nothing can ever make it secure again. Now, tell me, what exactly
has any Cloud Provider done to make me want to trust them?

And that's only one aspect. How about reliability? How long can]
your business run if your Cloud Provider goes down? What exactly
have they done to make you feel that t herfe is no chance of that
happening?

And the list goes on and on. If anyone did real Risk Analysis
before moving to the Cloud no one would.

bill
Arne Vajhøj
2020-12-08 01:25:40 UTC
Reply
Permalink
Post by Jan-Erik Söderholm
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.  Hell of a way to run a business.
So you do not have your savings at the bank either, right?
Since it then ceases to be your money, if I understand you.
And banks are a hell of a way to manage your savings.
Another typical bad analogy.  If someone else knows the color of my
money it's still mine.
Yes. But putting money in the bank is a bit more.
Now, we all know how tightly protected the VMS Customer List has
always been.  With The Cloud you put it on another persons machine
under their control and relying on their security.  If it gets out
nothing can ever make it secure again.
Are you concerned that Amazon, Microsoft, Google etc. will
get a list with 10-25% of VMS customers based on who runs
VMS in their cloud and the list will leak??
   Now, tell me, what exactly
has any Cloud Provider done to make me want to trust them?
Driven successful business for many years will convince
many.

It may not be enough for you?
And that's only one aspect.  How about reliability?  How long can]
your business run if your Cloud Provider goes down?
How long can they run if their own data center goes down.

Same.
  What exactly
have they done to make you feel that t herfe is no chance of that
happening?
Regions, availability zones etc..

Cloud does not change the redundancy requirements - it just make it
a bit easier and cheaper to meet them.

If it was necessary with 2 data centers with a certain distance between
for on premise, then that is still necessary with cloud.
And the list goes on and on.  If anyone did real Risk Analysis
before moving to the Cloud no one would.
You don't think Deutsche Bank did a risk analysis??

Arne
Arne Vajhøj
2020-12-08 01:45:14 UTC
Reply
Permalink
Post by Arne Vajhøj
And that's only one aspect.  How about reliability?  How long can]
your business run if your Cloud Provider goes down?
How long can they run if their own data center goes down.
Same.
                                                    What exactly
have they done to make you feel that t herfe is no chance of that
happening?
Regions, availability zones etc..
Cloud does not change the redundancy requirements - it just make it
a bit easier and cheaper to meet them.
If it was necessary with 2 data centers with a certain distance between
for on premise, then that is still necessary with cloud.
If you today have two buildings with separate power and network then
with cloud you go for two availability zones.

If you today have two data centers in different states then with
cloud you go for two regions.

Arne
Bill Gunshannon
2020-12-08 02:18:41 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Jan-Erik Söderholm
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,”
Leukert said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.  Hell of a way to run a business.
So you do not have your savings at the bank either, right?
Since it then ceases to be your money, if I understand you.
And banks are a hell of a way to manage your savings.
Another typical bad analogy.  If someone else knows the color of my
money it's still mine.
Yes. But putting money in the bank is a bit more.
My money in the bank is insured. And it's existence is not a
valuable trade secret.
Post by Arne Vajhøj
Now, we all know how tightly protected the VMS Customer List has
always been.  With The Cloud you put it on another persons machine
under their control and relying on their security.  If it gets out
nothing can ever make it secure again.
Are you concerned that Amazon, Microsoft, Google etc. will
get a list with 10-25% of VMS customers based on who runs
VMS in their cloud and the list will leak??
Not Amazon, Microsoft or Google. But how about that third shift
operator who thinks he should be earning a lot more than they pay
him?

And I was using the idea of VSI moving to the Cloud and thus
having their entire customer list in someone else's hands.
A theoretical example. But it applies to pretty much any
major business and most minor ones.
Post by Arne Vajhøj
                                    Now, tell me, what exactly
has any Cloud Provider done to make me want to trust them?
Driven successful business for many years will convince
many.
Many years? Guess it depends on what you consider The Cloud.
Some papers say Mainframes were the Cloud back in the 60's.
Post by Arne Vajhøj
It may not be enough for you?
And that's only one aspect.  How about reliability?  How long can]
your business run if your Cloud Provider goes down?
How long can they run if their own data center goes down.
Same.
Yes, but if they have their own facilities they can ensure the
means to continue operations (spares, COOP Site, etc) exist.
Can the same be said (with any real trust!) about the commercial
Cloud sites? And then we have something as simple as loss of
communications. If you keep your datacenter on your own
premises the responsibility and the control is in your hands
and not in the hands of someone you may trust, but actually have
no reason to actually trust.
Post by Arne Vajhøj
                                                    What exactly
have they done to make you feel that t herfe is no chance of that
happening?
Regions, availability zones etc..
Cloud does not change the redundancy requirements - it just make it
a bit easier and cheaper to meet them.
If it was necessary with 2 data centers with a certain distance between
for on premise, then that is still necessary with cloud.
And the list goes on and on.  If anyone did real Risk Analysis
before moving to the Cloud no one would.
You don't think Deutsche Bank did a risk analysis??
Sadly, my experience from when I was still doing this commercially
leads me to think that if real risk analysis was done it is very likely
that the conclusion was established before the actual analysis.

And that applies to much more than just The Cloud.

bill
Arne Vajhøj
2020-12-08 02:29:33 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Bill Gunshannon
Now, we all know how tightly protected the VMS Customer List has
always been.  With The Cloud you put it on another persons machine
under their control and relying on their security.  If it gets out
nothing can ever make it secure again.
Are you concerned that Amazon, Microsoft, Google etc. will
get a list with 10-25% of VMS customers based on who runs
VMS in their cloud and the list will leak??
Not Amazon, Microsoft or Google.  But how about that third shift
operator who thinks he should be earning a lot more than they pay
him?
What about him?

He will likely only have access to a small fraction of those
10-25%.
And I was using the idea of VSI moving to the Cloud and thus
having their entire customer list in someone else's hands.
A theoretical example.  But it applies to pretty much any
major business and most minor ones.
Ah.

They will not put it in their cloud providers hands
unless you assume that cloud provider has broken AES.
Post by Arne Vajhøj
Post by Bill Gunshannon
                                    Now, tell me, what exactly
has any Cloud Provider done to make me want to trust them?
Driven successful business for many years will convince
many.
Many years?  Guess it depends on what you consider The Cloud.
Some papers say Mainframes were the Cloud back in the 60's.
That is a huge stretch. So much that I don't think
it makes much sense.
Post by Arne Vajhøj
Post by Bill Gunshannon
And that's only one aspect.  How about reliability?  How long can]
your business run if your Cloud Provider goes down?
How long can they run if their own data center goes down.
Same.
Yes, but if they have their own facilities they can ensure the
means to continue operations (spares, COOP Site, etc) exist.
Can the same be said (with any real trust!) about the commercial
Cloud sites?
The big cloud providers have millions of spare servers
and hundreds of locations world wide.

Way more than any corporate IT department has.
  And then we have something as simple as loss of
communications.  If you keep your datacenter on your own
premises the responsibility and the control is in your hands
and not in the hands of someone you may trust, but actually have
no reason to actually trust.
The modern economy to large extent rely on some sort of trust.
Post by Arne Vajhøj
Post by Bill Gunshannon
And the list goes on and on.  If anyone did real Risk Analysis
before moving to the Cloud no one would.
You don't think Deutsche Bank did a risk analysis??
Sadly, my experience from when I was still doing this commercially
leads me to think that if real risk analysis was done it is very likely
that the conclusion was established before the actual analysis.
If they did not do a proper risk analysis, they would be toast
with internal auditors, regulatory auditors, other business'es
auditors.

Arne
Chris
2020-12-08 23:10:40 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Post by Bill Gunshannon
Now, we all know how tightly protected the VMS Customer List has
always been. With The Cloud you put it on another persons machine
under their control and relying on their security. If it gets out
nothing can ever make it secure again.
Are you concerned that Amazon, Microsoft, Google etc. will
get a list with 10-25% of VMS customers based on who runs
VMS in their cloud and the list will leak??
Not Amazon, Microsoft or Google. But how about that third shift
operator who thinks he should be earning a lot more than they pay
him?
What about him?
He will likely only have access to a small fraction of those
10-25%.
Post by Bill Gunshannon
And I was using the idea of VSI moving to the Cloud and thus
having their entire customer list in someone else's hands.
A theoretical example. But it applies to pretty much any
major business and most minor ones.
Ah.
They will not put it in their cloud providers hands
unless you assume that cloud provider has broken AES.
Post by Bill Gunshannon
Post by Arne Vajhøj
Post by Bill Gunshannon
Now, tell me, what exactly
has any Cloud Provider done to make me want to trust them?
Driven successful business for many years will convince
many.
Many years? Guess it depends on what you consider The Cloud.
Some papers say Mainframes were the Cloud back in the 60's.
That is a huge stretch. So much that I don't think
it makes much sense.
Post by Bill Gunshannon
Post by Arne Vajhøj
Post by Bill Gunshannon
And that's only one aspect. How about reliability? How long can]
your business run if your Cloud Provider goes down?
How long can they run if their own data center goes down.
Same.
Yes, but if they have their own facilities they can ensure the
means to continue operations (spares, COOP Site, etc) exist.
Can the same be said (with any real trust!) about the commercial
Cloud sites?
The big cloud providers have millions of spare servers
and hundreds of locations world wide.
Way more than any corporate IT department has.
Post by Bill Gunshannon
And then we have something as simple as loss of
communications. If you keep your datacenter on your own
premises the responsibility and the control is in your hands
and not in the hands of someone you may trust, but actually have
no reason to actually trust.
The modern economy to large extent rely on some sort of trust.
Post by Bill Gunshannon
Post by Arne Vajhøj
Post by Bill Gunshannon
And the list goes on and on. If anyone did real Risk Analysis
before moving to the Cloud no one would.
You don't think Deutsche Bank did a risk analysis??
Sadly, my experience from when I was still doing this commercially
leads me to think that if real risk analysis was done it is very likely
that the conclusion was established before the actual analysis.
If they did not do a proper risk analysis, they would be toast
with internal auditors, regulatory auditors, other business'es
auditors.
Arne
I would think that giving Google all your data is like giving a
burglar keys to you safe and telling him how to find it.

Thye whole purpose of Google to collect other's data by any
meab=ns legal (?) and sell it to others, and you really think that
is in any way secure ?.

Must be out of their mind...

Chris
Arne Vajhøj
2020-12-09 01:03:31 UTC
Reply
Permalink
Post by Chris
I would think that giving Google all your data is like giving a
burglar keys to you safe and telling him how to find it.
I believe putting AES encrypted data on a hard-drive owned
by Google is very different from that.
Post by Chris
Thye whole purpose of Google to collect other's data by any
meab=ns legal (?) and sell it to others, and you really think that
is in any way secure ?.
Must be out of their mind...
That is a very misleading description of what Google does.

Their B2B business including cloud is charging customers
for services.

Their B2B business including search is based on providing
some services that customers want and being able to
show them ads that they will click on. They can
improve the likelihood of customers clicking
if they know more about the users interests so
they can show more relevant ads.

Arne
Simon Clubley
2020-12-09 13:07:03 UTC
Reply
Permalink
Post by Arne Vajhøj
You don't think Deutsche Bank did a risk analysis??
I'm sure that RBS did a risk analysis before moving its mainframe
day to day operations to India:

https://www.theregister.com/2013/06/21/rbs_chernobyl_one_year_on/

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
Arne Vajhøj
2020-12-09 14:53:36 UTC
Reply
Permalink
Post by Simon Clubley
Post by Arne Vajhøj
You don't think Deutsche Bank did a risk analysis??
I'm sure that RBS did a risk analysis before moving its mainframe
https://www.theregister.com/2013/06/21/rbs_chernobyl_one_year_on/
I am sure that they did.

But the risk of an operator making a mistake during a software upgrade
rollback is inherent. Unless it is an automated process then there is
some risk of human error. And whether the person sits on Scotland
or Hyderabad or whether the person wear a RBS badge or a XYZ badge
does not matter. Experience and ability to stay calm in a critical
situation matter.

And it is worth noting that the story in The Register has never been
confirmed.

Maybe it is true. Maybe it was just a story planted by ex-employees
unhappy to have been laid off.

The official story from RBS is that it all happened in Edinburgh.

Arne
Simon Clubley
2020-12-09 18:22:36 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Simon Clubley
Post by Arne Vajhøj
You don't think Deutsche Bank did a risk analysis??
I'm sure that RBS did a risk analysis before moving its mainframe
https://www.theregister.com/2013/06/21/rbs_chernobyl_one_year_on/
I am sure that they did.
But the risk of an operator making a mistake during a software upgrade
rollback is inherent. Unless it is an automated process then there is
some risk of human error. And whether the person sits on Scotland
or Hyderabad or whether the person wear a RBS badge or a XYZ badge
does not matter. Experience and ability to stay calm in a critical
situation matter.
And it is worth noting that the story in The Register has never been
confirmed.
Maybe it is true. Maybe it was just a story planted by ex-employees
unhappy to have been laid off.
The official story from RBS is that it all happened in Edinburgh.
It's been a while but the RBS statement was worded very carefully IIRC.
It talked about where the hardware was physically located and where
senior management were located but didn't actually say anything about
where the day-to-day operations staff were located.

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
Arne Vajhøj
2020-12-09 18:43:02 UTC
Reply
Permalink
Post by Simon Clubley
Post by Arne Vajhøj
Post by Simon Clubley
Post by Arne Vajhøj
You don't think Deutsche Bank did a risk analysis??
I'm sure that RBS did a risk analysis before moving its mainframe
https://www.theregister.com/2013/06/21/rbs_chernobyl_one_year_on/
I am sure that they did.
But the risk of an operator making a mistake during a software upgrade
rollback is inherent. Unless it is an automated process then there is
some risk of human error. And whether the person sits on Scotland
or Hyderabad or whether the person wear a RBS badge or a XYZ badge
does not matter. Experience and ability to stay calm in a critical
situation matter.
And it is worth noting that the story in The Register has never been
confirmed.
Maybe it is true. Maybe it was just a story planted by ex-employees
unhappy to have been laid off.
The official story from RBS is that it all happened in Edinburgh.
It's been a while but the RBS statement was worded very carefully IIRC.
It talked about where the hardware was physically located and where
senior management were located but didn't actually say anything about
where the day-to-day operations staff were located.
You own link has this:

<quote>
Hester and RBS have said their investigations found the error occurred
during operations “managed and operated by our team in Edinburgh.”
</quote>

on page 2.

Arne
Simon Clubley
2020-12-09 18:55:57 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Simon Clubley
Post by Arne Vajhøj
Post by Simon Clubley
Post by Arne Vajhøj
You don't think Deutsche Bank did a risk analysis??
I'm sure that RBS did a risk analysis before moving its mainframe
https://www.theregister.com/2013/06/21/rbs_chernobyl_one_year_on/
I am sure that they did.
But the risk of an operator making a mistake during a software upgrade
rollback is inherent. Unless it is an automated process then there is
some risk of human error. And whether the person sits on Scotland
or Hyderabad or whether the person wear a RBS badge or a XYZ badge
does not matter. Experience and ability to stay calm in a critical
situation matter.
And it is worth noting that the story in The Register has never been
confirmed.
Maybe it is true. Maybe it was just a story planted by ex-employees
unhappy to have been laid off.
The official story from RBS is that it all happened in Edinburgh.
It's been a while but the RBS statement was worded very carefully IIRC.
It talked about where the hardware was physically located and where
senior management were located but didn't actually say anything about
where the day-to-day operations staff were located.
<quote>
Hester and RBS have said their investigations found the error occurred
during operations ?managed and operated by our team in Edinburgh.?
</quote>
on page 2.
Arne
Like I said, very carefully worded.

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
Dave Froble
2020-12-09 15:22:52 UTC
Reply
Permalink
Post by Simon Clubley
Post by Arne Vajhøj
You don't think Deutsche Bank did a risk analysis??
I'm sure that RBS did a risk analysis before moving its mainframe
https://www.theregister.com/2013/06/21/rbs_chernobyl_one_year_on/
Simon.
I might suggest that it was a "greed" analysis ...

What is the logic is moving IT to somewhere other than where one does
business? Perhaps to some extent to deny employment to some of the
entity's customers, and neighbors, and such?

Doesn't make sense to me, and never will ...
--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: ***@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486
Arne Vajhøj
2020-12-09 16:40:38 UTC
Reply
Permalink
Post by Dave Froble
Post by Simon Clubley
Post by Arne Vajhøj
You don't think Deutsche Bank did a risk analysis??
I'm sure that RBS did a risk analysis before moving its mainframe
https://www.theregister.com/2013/06/21/rbs_chernobyl_one_year_on/
I might suggest that it was a "greed" analysis ...
Businesses are run to generate profit.

So obviously profit maximizing (aka greed) plays
a big role in business decisions.
Post by Dave Froble
What is the logic is moving IT to somewhere other than where one does
business?  Perhaps to some extent to deny employment to some of the
entity's customers, and neighbors, and such?
Doesn't make sense to me, and never will ...
Lower cost.

Skill availability.

Less regulation.

Arne
Bill Gunshannon
2020-12-09 18:19:04 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Dave Froble
Post by Simon Clubley
Post by Arne Vajhøj
You don't think Deutsche Bank did a risk analysis??
I'm sure that RBS did a risk analysis before moving its mainframe
https://www.theregister.com/2013/06/21/rbs_chernobyl_one_year_on/
I might suggest that it was a "greed" analysis ...
Businesses are run to generate profit.
So obviously profit maximizing (aka greed) plays
a big role in business decisions.
Post by Dave Froble
What is the logic is moving IT to somewhere other than where one does
business?  Perhaps to some extent to deny employment to some of the
entity's customers, and neighbors, and such?
Doesn't make sense to me, and never will ...
Lower cost.
Higher security risk.
Post by Arne Vajhøj
Skill availability.
Lower skill level.
Post by Arne Vajhøj
Less regulation.
Less legal protection.

Like I said in a another post, many risk analyses start with a
desired conclusion and move on from there.

bill
Dave Froble
2020-12-09 19:11:34 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Dave Froble
Post by Simon Clubley
Post by Arne Vajhøj
You don't think Deutsche Bank did a risk analysis??
I'm sure that RBS did a risk analysis before moving its mainframe
https://www.theregister.com/2013/06/21/rbs_chernobyl_one_year_on/
I might suggest that it was a "greed" analysis ...
Businesses are run to generate profit.
Usually, businesses need customers. It is a two way street. When a
business forgets that, it's asking for trouble.
--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: ***@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486
Arne Vajhøj
2020-12-09 19:37:44 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Dave Froble
Post by Simon Clubley
Post by Arne Vajhøj
You don't think Deutsche Bank did a risk analysis??
I'm sure that RBS did a risk analysis before moving its mainframe
https://www.theregister.com/2013/06/21/rbs_chernobyl_one_year_on/
I might suggest that it was a "greed" analysis ...
Businesses are run to generate profit.
Usually, businesses need customers.  It is a two way street.  When a
business forgets that, it's asking for trouble.
Totally agree.

But it seems pretty rare that customers decide to
ditch a vendor because of where the vendor has some
employees (as long as the customer is not interacting
directly with them).

Arne
Simon Clubley
2020-12-10 13:19:39 UTC
Reply
Permalink
Post by Dave Froble
Post by Arne Vajhøj
Post by Dave Froble
Post by Simon Clubley
Post by Arne Vajhøj
You don't think Deutsche Bank did a risk analysis??
I'm sure that RBS did a risk analysis before moving its mainframe
https://www.theregister.com/2013/06/21/rbs_chernobyl_one_year_on/
I might suggest that it was a "greed" analysis ...
Businesses are run to generate profit.
Usually, businesses need customers. It is a two way street. When a
business forgets that, it's asking for trouble.
Businesses do need customers. The senior managers in the business OTOH
only need those customers to stay with the business until the managers
decide to leave the company.

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
Simon Clubley
2020-12-08 13:25:24 UTC
Reply
Permalink
Post by Jan-Erik Söderholm
And banks are a hell of a way to manage your savings.
They can indeed be literal hell if you upset the government which
has regulatory authority over the bank managing your savings.

The same is true for cloud companies and any countries in which they
are subject to regulatory control.

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
Arne Vajhøj
2020-12-07 19:44:16 UTC
Reply
Permalink
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.
I do not see that.

It is legally still your data.

And assuming proper encryption is used, then you have access
to data while the cloud provider does not have access to data.

Arne
Dave Froble
2020-12-07 20:24:57 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.
I do not see that.
It is legally still your data.
And assuming proper encryption is used, then you have access
to data while the cloud provider does not have access to data.
Arne
I believe that you totally miss Bill's point. The issue is whether your
data is protected from loss.

There have already been instances of cloud providers going out of
business, and customer's data being lost. Now, that's a hell of a way
to run a business.

Yes, one can lose data on computers. But one can mitigate the situation
with reliable backups and other procedures. In the cloud, one might not
have such control of data protection.
--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: ***@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486
Arne Vajhøj
2020-12-07 20:49:17 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.
I do not see that.
It is legally still your data.
And assuming proper encryption is used, then you have access
to data while the cloud provider does not have access to data.
I believe that you totally miss Bill's point.  The issue is whether your
data is protected from loss.
Yes, one can lose data on computers.  But one can mitigate the situation
with reliable backups and other procedures.  In the cloud, one might not
have such control of data protection.
Cloud is not magic.

If some data need to be backed up when the data are stored on premise,
then the data still need to be backed up when moved to cloud.

AWS (Amazon), Azure (Microsoft) and GCP (Google) all offer backup
services, where you can setup the backup you want.
There have already been instances of cloud providers going out of
business, and customer's data being lost. Now, that's a hell of a way
to run a business.
Again cloud is not magic.

You need to find a reliable vendor.

Your neighbors nephews garage company does not cut it.

For IaaS cloud I would go for one of the 3 big ones (Amazon,
Microsoft, Google) or one of the traditional enterprise
vendors (IBM, Oracle).

I would avoid the small unknown companies they could and
likely will go out of business. And I would avoid the Chinese
companies (Alibaba, Tencent) due to risk of the relationship
between China and the west going totally sour.

Arne
Dave Froble
2020-12-08 03:33:35 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Dave Froble
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.
I do not see that.
It is legally still your data.
And assuming proper encryption is used, then you have access
to data while the cloud provider does not have access to data.
I believe that you totally miss Bill's point. The issue is whether
your data is protected from loss.
Yes, one can lose data on computers. But one can mitigate the
situation with reliable backups and other procedures. In the cloud,
one might not have such control of data protection.
Cloud is not magic.
If some data need to be backed up when the data are stored on premise,
then the data still need to be backed up when moved to cloud.
AWS (Amazon), Azure (Microsoft) and GCP (Google) all offer backup
services, where you can setup the backup you want.
Post by Dave Froble
There have already been instances of cloud providers going out of
business, and customer's data being lost. Now, that's a hell of a way
to run a business.
Again cloud is not magic.
You need to find a reliable vendor.
Your neighbors nephews garage company does not cut it.
You don't know what my neighbor's nephew is offering ...
Post by Arne Vajhøj
For IaaS cloud I would go for one of the 3 big ones (Amazon,
Microsoft, Google) or one of the traditional enterprise
vendors (IBM, Oracle).
I would avoid the small unknown companies they could and
likely will go out of business.
If everyone listened to you ....

But perhaps some smaller providers might offer a better and safer service.

If your "big 3" don't see competition, why should they get any better?
Post by Arne Vajhøj
And I would avoid the Chinese
companies (Alibaba, Tencent) due to risk of the relationship
between China and the west going totally sour.
It's already sour.

Don't kid yourself, the ChiComs goal is world domination. They may be
patient. But I'm sure the people of Hong Kong can tell you how the
ChiComs keep their word.

How can anyone trust those they know will lie to them?

Like Iran?
--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: ***@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486
Arne Vajhøj
2020-12-08 13:47:34 UTC
Reply
Permalink
Post by Dave Froble
Post by Arne Vajhøj
You need to find a reliable vendor.
Your neighbors nephews garage company does not cut it.
You don't know what my neighbor's nephew is offering ...
(IaaS) cloud is a pretty expensive business to be in.

It seems to require investment of 1 B$ per quarter to stay
competitive.
Post by Dave Froble
Post by Arne Vajhøj
For IaaS cloud I would go for one of the 3 big ones (Amazon,
Microsoft, Google) or one of the traditional enterprise
vendors (IBM, Oracle).
I would avoid the small unknown companies they could and
likely will go out of business.
If everyone listened to you ....
But perhaps some smaller providers might offer a better and safer service.
They can't compete with the economies of scale from the big ones.

Not price wise and not regarding investing in tools and processes.

What they can do and what some of them do is to provide value
added services on top of basic IaaS from one of the big players.
Post by Dave Froble
If your "big 3" don't see competition, why should they get any better?
3 big ones and with IBM and Oracle wanting to become big, then
there are competition.

Which is sort of proven by how fast cloud evolve.
Post by Dave Froble
Post by Arne Vajhøj
And I would avoid the Chinese
companies (Alibaba, Tencent) due to risk of the relationship
between China and the west going totally sour.
It's already sour.
Don't kid yourself, the ChiComs goal is world domination.  They may be
patient.  But I'm sure the people of Hong Kong can tell you how the
ChiComs keep their word.
It is already sour, but it can get worse.

At some point them turning off access for western companies
can become an option.

Arne
Stephen Hoffman
2020-12-07 22:09:49 UTC
Reply
Permalink
Post by Dave Froble
Yes, one can lose data on computers. But one can mitigate the
situation with reliable backups and other procedures. In the cloud,
one might not have such control of data protection.
If you need or want local servers and local storage, go for it.

If you want rid of local hardware and/or local staff, host it.

Given AWS can meet US HIPAA requirements, higher-end hosting options
are available.

Irrespective of what some might want, OpenVMS is going to have to
operate hosted.

Which is part of why I've grumbled about the difficulties around and
the security around installations and deployments, but I digress.

And yes, we've all heard about both hosted losses, and about local data
losses, and about disaster-tolerant clustering, and about local and
hosted service outages.
--
Pure Personal Opinion | HoffmanLabs LLC
Mark Berryman
2020-12-08 01:25:33 UTC
Reply
Permalink
Post by Stephen Hoffman
Yes, one can lose data on computers.  But one can mitigate the
situation with reliable backups and other procedures.  In the cloud,
one might not have such control of data protection.
If you need or want local servers and local storage, go for it.
If you want rid of local hardware and/or local staff, host it.
Given AWS can meet US HIPAA requirements, higher-end hosting options are
available.
Irrespective of what some might want, OpenVMS is going to have to
operate hosted.
Which is part of why I've grumbled about the difficulties around and the
security around installations and deployments, but I digress.
And yes, we've all heard about both hosted losses, and about local data
losses, and about disaster-tolerant clustering, and about local and
hosted service outages.
Data loss can be protected against. For me, the real issue is the
number of instances (that have been reported) of the major cloud vendors
saying "oops, we accidentally leaked this customer's data". AWS is the
vendor I've seen this happen to the most.

Another issue that will need to be resolved is the performance of VMS
backup. I use an LTO7 tape library for backups, which has a theoretic
maximum transfer rate of 300MB/S. On a DS15, with a 1GHZ cpu clock, I
can't get any more that 75MB/S. On an RX2620, with a 1.6GHZ cpu clock,
I can't get any more than 95MB/S. In both cases, the rate limit was hit
because the backup process had maxed out the CPU.

By comparison, when I backup my Mac to the same tape drive (all systems
are part of a SAN) I get over 200MB/S.

It seems to me that a speedier file system and backup program will be
needed as VMS moves into larger storage capacities.

Mark Berryman
Arne Vajhøj
2020-12-08 01:40:09 UTC
Reply
Permalink
  For me, the real issue is the
number of instances (that have been reported) of the major cloud vendors
saying "oops, we accidentally leaked this customer's data".  AWS is the
vendor I've seen this happen to the most.
It has happened and it has gotten some press.

An example is the Capital One AWS leak in 2019.

But if you look at what was the problem then it was two
specific problems:
* a mis-configured web application firewall
* the web application firewall having too many permissions

That is bad.

But it is not really cloud specific.

If someone put a VMS system in the cloud (when VMS x86-64 is
ready), allows telnet/ssh from anywhere and make the
SYSTEM password SYSTEM, then it will get hacked. But I will
not blame cloud for that.

Arne
Mark Berryman
2020-12-08 01:59:04 UTC
Reply
Permalink
Post by Arne Vajhøj
                                         For me, the real issue is the
number of instances (that have been reported) of the major cloud
vendors saying "oops, we accidentally leaked this customer's data".
AWS is the vendor I've seen this happen to the most.
It has happened and it has gotten some press.
An example is the Capital One AWS leak in 2019.
But if you look at what was the problem then it was two
* a mis-configured web application firewall
* the web application firewall having too many permissions
That is bad.
But it is not really cloud specific.
If someone put a VMS system in the cloud (when VMS x86-64 is
ready), allows telnet/ssh from anywhere and make the
SYSTEM password SYSTEM, then it will get hacked. But I will
not blame cloud for that.
From an article in The Register in August of this year:

"Misconfigured AWS S3 storage buckets exposing massive amounts of data
to the internet are like an unexploded bomb just waiting to go off, say
experts.

The team at Truffle Security said its automated search tools were able
to stumble across some 4,000 open Amazon-hosted S3 buckets that included
data companies would not want public – things like login credentials,
security keys, and API keys."

Setting aside for the moment whether these issues are the fault of
Amazon or the fault of the customer, I look at it this way:

If people in my organization misconfigure systems such that their data
is exposed, it is exposed only within my network (my border security is
run by people who know what they are doing, the same can't be said for
the various system admins). However, if I give my data to a cloud
vendor and something happens to expose the data, it is exposed to the
entire internet. Big difference.

Mark Berryman
Arne Vajhøj
2020-12-08 02:18:47 UTC
Reply
Permalink
Post by Mark Berryman
Post by Arne Vajhøj
                                         For me, the real issue is
the number of instances (that have been reported) of the major cloud
vendors saying "oops, we accidentally leaked this customer's data".
AWS is the vendor I've seen this happen to the most.
It has happened and it has gotten some press.
An example is the Capital One AWS leak in 2019.
But if you look at what was the problem then it was two
* a mis-configured web application firewall
* the web application firewall having too many permissions
That is bad.
But it is not really cloud specific.
If someone put a VMS system in the cloud (when VMS x86-64 is
ready), allows telnet/ssh from anywhere and make the
SYSTEM password SYSTEM, then it will get hacked. But I will
not blame cloud for that.
"Misconfigured AWS S3 storage buckets exposing massive amounts of data
to the internet are like an unexploded bomb just waiting to go off, say
experts.
The team at Truffle Security said its automated search tools were able
to stumble across some 4,000 open Amazon-hosted S3 buckets that included
data companies would not want public – things like login credentials,
security keys, and API keys."
Setting aside for the moment whether these issues are the fault of
Amazon or the fault of the customer,
The article says:

<quote>
That the Truffle Security team was able to turn up roughly 4,000
insecure buckets with private information shows just how common it is
for companies to leave their cloud storage instances unguarded.

Though AWS has done what it can to get customers to lock down their
cloud instances, finding exposed storage buckets and databases is pretty
trivial for trained security professionals to pull off.
</quote>
Post by Mark Berryman
If people in my organization misconfigure systems such that their data
is exposed, it is exposed only within my network (my border security is
run by people who know what they are doing, the same can't be said for
the various system admins).  However, if I give my data to a cloud
vendor and something happens to expose the data, it is exposed to the
entire internet.  Big difference.
If you move to cloud then I would expect your border security
people to switch role from securing your on premise network to
securing your virtual cloud network.

And if they are good then after learning the new tool set,
then they should be just as good.

Arne
Stephen Hoffman
2020-12-08 17:38:29 UTC
Reply
Permalink
Post by Mark Berryman
Data loss can be protected against. For me, the real issue is the
number of instances (that have been reported) of the major cloud
vendors saying "oops, we accidentally leaked this customer's data".
AWS is the vendor I've seen this happen to the most.
Ayup. Folks configuring their storage and configuring their backups and
configuring their security, we all get in trouble here.

That's not new either, and that's not unique to hosted, and that's not
unique to our increasingly-networked private networks and private
hosts. Where those are actually private. Which I'm increasingly
skeptical about.

Same risks arise locally. OpenVMS lacks full-disk encryption support,
which means you need external hardware to secure your data. And I'd
expect some folks reading this posting aren't yet using BACKUP
encryption. And so on.

Same scheiße, different data locality.
Post by Mark Berryman
Another issue that will need to be resolved is the performance of VMS
backup. I use an LTO7 tape library for backups, which has a theoretic
maximum transfer rate of 300MB/S. On a DS15, with a 1GHZ cpu clock, I
can't get any more that 75MB/S. On an RX2620, with a 1.6GHZ cpu clock,
I can't get any more than 95MB/S. In both cases, the rate limit was
hit because the backup process had maxed out the CPU.
I've grumbled about OpenVMS BACKUP and its
approaching-the-theoretical-limits design, too.
Post by Mark Berryman
By comparison, when I backup my Mac to the same tape drive (all systems
are part of a SAN) I get over 200MB/S.
Local SMB performance tests (entirely untuned) are showing ~100 GBps
read and ~100 GBps write between a Mac and a RAID-1 GbE NAS box, and
that's undoubtedly being throttled by the switched GbE connection.
Post by Mark Berryman
It seems to me that a speedier file system and backup program will be
needed as VMS moves into larger storage capacities.
Ayup. And beyond the file systems, likely also work in the various
associated device driver I/O stacks. Packet-processing times being
inversely proportional to bus speeds. ~672 ns per GbE frame, ~67.2 ns
per frame 10 GbE, IIRC. Figure out your processor cycle count from your
clock-speed, and from there the instruction rate and the maximum number
of instructions per the frame / packet / buffer if the host drivers are
not throttling, and if the NIC isn't throttling on your behalf.

With the production release in a year or three, we'll get a better idea
how much faster OpenVMS running on x86-64 hardware has gotten, as
compared with Itanium.
--
Pure Personal Opinion | HoffmanLabs LLC
Simon Clubley
2020-12-09 13:04:20 UTC
Reply
Permalink
Post by Stephen Hoffman
Irrespective of what some might want, OpenVMS is going to have to
operate hosted.
I wonder how long it will be before someone asks if they can still
run DECnet Phase IV "in the cloud". :-)

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
Dave Froble
2020-12-09 15:24:42 UTC
Reply
Permalink
Post by Simon Clubley
Post by Stephen Hoffman
Irrespective of what some might want, OpenVMS is going to have to
operate hosted.
I wonder how long it will be before someone asks if they can still
run DECnet Phase IV "in the cloud". :-)
Simon.
As much as it can be run locally today.
--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: ***@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486
Stephen Hoffman
2020-12-09 19:19:27 UTC
Reply
Permalink
Post by Stephen Hoffman
Irrespective of what some might want, OpenVMS is going to have to
operate hosted.
I wonder how long it will be before someone asks if they can still run
DECnet Phase IV "in the cloud". :-)
Shortly after the attempt to switch the MAC address barfs, if past
experience applies.
--
Pure Personal Opinion | HoffmanLabs LLC
Simon Clubley
2020-12-10 13:16:42 UTC
Reply
Permalink
Post by Stephen Hoffman
Post by Stephen Hoffman
Irrespective of what some might want, OpenVMS is going to have to
operate hosted.
I wonder how long it will be before someone asks if they can still run
DECnet Phase IV "in the cloud". :-)
Shortly after the attempt to switch the MAC address barfs, if past
experience applies.
:-)

Well, it will be one way of _finally_ getting people off DECnet...

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
Stephen Hoffman
2020-12-10 15:55:35 UTC
Reply
Permalink
Post by Simon Clubley
Post by Stephen Hoffman
Post by Stephen Hoffman
Irrespective of what some might want, OpenVMS is going to have to
operate hosted.
I wonder how long it will be before someone asks if they can still run
DECnet Phase IV "in the cloud". :-)
Shortly after the attempt to switch the MAC address barfs, if past
experience applies.
:-)
Well, it will be one way of _finally_ getting people off DECnet...
Apropos of secure hosted server configurations, and of which DECnet is
not typically part:

El Reg: "How'd they do that? It's classified: Microsoft's Azure cloud
goes Top Secret"

https://www.theregister.com/2020/12/08/microsoft_in_brief/
--
Pure Personal Opinion | HoffmanLabs LLC
alexru...@gmail.com
2020-12-19 02:51:16 UTC
Reply
Permalink
when my kids were in middle school they had an assembly about social media. they were taught to consider anything they post to be "public and permanent" putting your business, and customer, data on a commercial cloud provider is much the same. in doing so you relinquish control over who administers your business and where in the world your information is accessible from. these commercial services either employ staff or deploy systems in regions that may be considered "unfriendly" and impose immeasurable risk.
Post by Stephen Hoffman
Post by Simon Clubley
Post by Stephen Hoffman
Post by Stephen Hoffman
Irrespective of what some might want, OpenVMS is going to have to
operate hosted.
I wonder how long it will be before someone asks if they can still run
DECnet Phase IV "in the cloud". :-)
Shortly after the attempt to switch the MAC address barfs, if past
experience applies.
:-)
Well, it will be one way of _finally_ getting people off DECnet...
Apropos of secure hosted server configurations, and of which DECnet is
El Reg: "How'd they do that? It's classified: Microsoft's Azure cloud
goes Top Secret"
https://www.theregister.com/2020/12/08/microsoft_in_brief/
--
Pure Personal Opinion | HoffmanLabs LLC
David Wade
2020-12-19 15:41:10 UTC
Reply
Permalink
Post by ***@gmail.com
when my kids were in middle school they had an assembly about social media. they were taught to consider anything they post to be "public and permanent" putting your business, and customer, data on a commercial cloud provider is much the same. in doing so you relinquish control over who administers your business and where in the world your information is accessible from. these commercial services either employ staff or deploy systems in regions that may be considered "unfriendly" and impose immeasurable risk.
In the UK much of the data Local and Central government hold on you is
held in Amazon or Microsoft cloud servers. New provision MUST consider
cloud based solutions first.

https://www.gov.uk/government/publications/cloud-guide-for-the-public-sector/cloud-guide-for-the-public-sector

or

https://tinyurl.com/ybxeyvfg


The Cloud First Policy
When procuring new or existing services, public sector organisations
should consider and fully evaluate potential cloud solutions first
before considering any other option. The policy was reassessed in 2019
and remains a flagship technology policy.

By not having a cloud solution you are cutting yourself off from a host
of public sector contracts. Any one in the public sector avoiding the
above guidance would face the prospect of dismissal for misconduct.

<<***warning*** Politics>>>>
It also gets makes a mockery of any post brexit "buy british" policy
because no mainstream cloud provider has UK based severs. So it neatly
answers the brexiteers cry for "no immigration" whilst allowing the
government to employ low cost staff without them actually having to come
to the UK, which is kind of where we started...
<<***end*** Politics>>>>

Dave
Andy Burns
2020-12-19 15:50:08 UTC
Reply
Permalink
Post by David Wade
It also gets makes a mockery of any post brexit "buy british" policy
because no mainstream cloud provider has UK based severs.
Within Microsoft Azure you can specify one of two UK regions
(south=london or west=cardiff) where your data will be stored.
David Wade
2020-12-19 16:05:08 UTC
Reply
Permalink
Post by Andy Burns
Post by David Wade
It also gets makes a mockery of any post brexit "buy british" policy
because no mainstream cloud provider has UK based severs.
Within Microsoft Azure you can specify one of two UK regions
(south=london or west=cardiff) where your data will be stored.
Thats changed. Last time I looked it was Ireland or Holland.
Chris Townley
2020-12-19 16:22:55 UTC
Reply
Permalink
Post by David Wade
Post by Andy Burns
Post by David Wade
It also gets makes a mockery of any post brexit "buy british" policy
because no mainstream cloud provider has UK based severs.
Within Microsoft Azure you can specify one of two UK regions
(south=london or west=cardiff) where your data will be stored.
Thats changed. Last time I looked it was Ireland or Holland.
Did MS not have the Scottish underwater farm?

Chris
Andy Burns
2020-12-19 16:44:30 UTC
Reply
Permalink
Post by Chris Townley
Post by David Wade
Post by Andy Burns
Within Microsoft Azure you can specify one of two UK regions
(south=london or west=cardiff) where your data will be stored.
Thats changed. Last time I looked it was Ireland or Holland.
News to me, I have .gov.uk customers were advised to use the uk regions.
Post by Chris Townley
Did MS not have the Scottish underwater farm?
They did, not sure if real customer storage/processing was done
underwater, or it it was just a dogfood trial?
John Dallman
1970-01-01 00:00:00 UTC
Reply
Permalink
Post by Andy Burns
Within Microsoft Azure you can specify one of two UK regions
(south=london or west=cardiff) where your data will be stored.
That's changed. Last time I looked it was Ireland or Holland.
That'll be due to Brexit.

John

Stephen Hoffman
2020-12-19 16:48:49 UTC
Reply
Permalink
Post by ***@gmail.com
when my kids were in middle school they had an assembly about social
media. they were taught to consider anything they post to be "public
and permanent" putting your business, and customer, data on a
commercial cloud provider is much the same. in doing so you relinquish
control over who administers your business and where in the world your
information is accessible from. these commercial services either employ
staff or deploy systems in regions that may be considered "unfriendly"
and impose immeasurable risk.
That social media session is an ancient speech in newer togs. There's
the "Never do nothing you wouldn't want printed on the front page of
The New York Times." and the "The microphone is always hot" among many
older versions. The so-called "Right To Be Forgotten" hasn't gotten all
that much traction, either.

Around discussions of servers, there's physical location, there's
server ownership, and there's server control. And in 2020, ~nobody
controls their own servers. That whether those servers are local or
hosted.

A little light reading from 2014 explaining issues of control, "Why
Johnny can’t tell if he is compromised, and what you can do about it"
providing some background on this:

https://docs.google.com/presentation/d/1dRk1czhS0FSNcWEFdRea2_QN7AVuGFLjxL-7gEXBe7w/edit#slide=id.p


Some light reading from 2015, an example of competing backdoors in the
same common VPN server:

https://blog.cryptographyengineering.com/2015/12/22/on-juniper-backdoor/

(And how many of us running local servers in 2020 aren't also running
VPN servers for remote access?)

Or lower-tech, pay somebody for network access, or threaten somebody
for access, or embeds somebody with access. "Plata o Plumo", as it's
also known. Silver or Lead. Or some entity gets a law passed allowing
or requiring access and/or a backdoor.

OpenVMS and VSI and app developers and hardware vendors all have some
work ahead in these system-integrity discussions, whether we're
discussing local or hosted computing.

ps: it's looking likely that HPE won't re-issue the OpenVMS kit-signing
certificate due to expire in 2029, for some of the tracking implemented
within OpenVMS.
--
Pure Personal Opinion | HoffmanLabs LLC
Bill Gunshannon
2020-12-08 01:12:01 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.
I do not see that.
It is legally still your data.
And when your customer list hits the dark web?
Post by Arne Vajhøj
And assuming proper encryption is used, then you have access
to data while the cloud provider does not have access to data.
Once you put it on someone else's machine they have possession of
that data and you are trusting them to keep it safe. Within your
own organization one of the biggest dangers is the insider threat
(at least according to a lot of published papers lately). But you
no longer have control over the insiders.

The Cloud is a bad idea on more dimensions than I can even
imagine. The only way to guarantee the safety of your IT
Systems is to keep them entirely under your control and not
trust people who have done nothing to instill that trust.

bill
Arne Vajhøj
2020-12-08 01:30:47 UTC
Reply
Permalink
Post by Bill Gunshannon
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.
I do not see that.
It is legally still your data.
And when your customer list hits the dark web?
And how should that happen?

You think Amazon/Microsoft/Google has broken AES so their
employees can decrypt the content?

Or?
Post by Bill Gunshannon
Post by Arne Vajhøj
And assuming proper encryption is used, then you have access
to data while the cloud provider does not have access to data.
Once you put it on someone else's machine they have possession of
that data and you are trusting them to keep it safe.  Within your
own organization one of the biggest dangers is the insider threat
(at least according to a lot of published papers lately).  But you
no longer have control over the insiders.
They have possession of a disk with some AES encrypted data.

The owner have possession of the key and therefore the data.

Arne
Bill Gunshannon
2020-12-08 02:24:38 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,”
Leukert said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.
I do not see that.
It is legally still your data.
And when your customer list hits the dark web?
And how should that happen?
You think Amazon/Microsoft/Google has broken AES so their
employees can decrypt the content?
Or?
Do you even follow the numerous news reports on data breasches?
The data is almost never encrypted. Moving it to The Cloud is
not going to magically encrypt it.
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
And assuming proper encryption is used, then you have access
to data while the cloud provider does not have access to data.
Once you put it on someone else's machine they have possession of
that data and you are trusting them to keep it safe.  Within your
own organization one of the biggest dangers is the insider threat
(at least according to a lot of published papers lately).  But you
no longer have control over the insiders.
They have possession of a disk with some AES encrypted data.
The owner have possession of the key and therefore the data.
That is an assumption I am not prepared to make. And I would
hope no one else would either.

bill
Arne Vajhøj
2020-12-08 02:35:48 UTC
Reply
Permalink
Post by Bill Gunshannon
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,”
Leukert said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.
I do not see that.
It is legally still your data.
And when your customer list hits the dark web?
And how should that happen?
You think Amazon/Microsoft/Google has broken AES so their
employees can decrypt the content?
Or?
Do you even follow the numerous news reports on data breasches?
The data is almost never encrypted.  Moving it to The Cloud is
not going to magically encrypt it.
Cloud makes it pretty easy, but it does not work by magic.

Almost all companies encrypt important data today.

If not then they are in big problems with GDPR, CCPA etc..

Breaches still happens because most breaches are not via
HW access but via SW vulnerabilities.

Arne
David Wade
2020-12-08 19:40:04 UTC
Reply
Permalink
Post by Bill Gunshannon
Post by Arne Vajhøj
Or?
Do you even follow the numerous news reports on data breasches?
The data is almost never encrypted.  Moving it to The Cloud is
not going to magically encrypt it.
Almost all Banking data needs to be encrypted at rest, which is why IBM
brought in "Encryption at rest"
Post by Bill Gunshannon
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
And assuming proper encryption is used, then you have access
to data while the cloud provider does not have access to data.
Once you put it on someone else's machine they have possession of
that data and you are trusting them to keep it safe.  Within your
own organization one of the biggest dangers is the insider threat
(at least according to a lot of published papers lately).  But you
no longer have control over the insiders.
They have possession of a disk with some AES encrypted data.
The owner have possession of the key and therefore the data.
That is an assumption I am not prepared to make.  And I would
hope no one else would either.
There are nuances, but I seem both points.

The problem VMS faces is that businesses are making commercial decisions
to move their data to "cloud" based providers. Generally we have no say
in that decision. The conversation will be :-

Customer. "Can we move our VMS systems to the loud?"
Supplier. No its insecure, and we don't trust it.
Customer. "well in that case if VMS blocks our strategic plans we will
have to replace it.

Actually the second customer response would probably be more earthy...

Indeed the organization may have no choice. One of my co-workers
expressed similar concerns to yours, when told "we" were moving some
data to a cloud based solution and he wouldn't allow it.

As I pointed out he had little choice as we were a local government
organization, the cloud based provider had the relevant certifications,
which approved by central government, and the service levels offered
exceeded those we could promise internally. In law he wasn't allowed to
discriminate.

However the cloud solution was way more expensive than the internal
solution...
Post by Bill Gunshannon
bill
Dave
Fortunately retired, and so no longer have to explain to my manager why
he can't sack all his IT staff if he moves data to the cloud.
Chris
2020-12-08 23:13:07 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.
I do not see that.
It is legally still your data.
If you think that Google would tack account of ethical niceties,
then I have a bridge to sell you...

Chris
Post by Arne Vajhøj
And assuming proper encryption is used, then you have access
to data while the cloud provider does not have access to data.
Arne
Arne Vajhøj
2020-12-09 00:27:08 UTC
Reply
Permalink
Post by Chris
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.
I do not see that.
It is legally still your data.
If you think that Google would tack account of ethical niceties,
then I have a bridge to sell you...
There is difference between law and ethical nice.

And being unethical does not by magic make one able to
break AES.

Arne
Dave Froble
2020-12-09 05:12:02 UTC
Reply
Permalink
Post by Chris
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.
I do not see that.
It is legally still your data.
If you think that Google would tack account of ethical niceties,
then I have a bridge to sell you...
Arne is so trusting ....

I also have a few bridges for sale, and some highways to go along with
them. We could make Arne some really good deals.
--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: ***@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486
Chris
2020-12-09 13:23:22 UTC
Reply
Permalink
Post by Dave Froble
Post by Chris
Post by Arne Vajhøj
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Once you move your data to The Cloud it ceases to be your
data.
I do not see that.
It is legally still your data.
If you think that Google would tack account of ethical niceties,
then I have a bridge to sell you...
Arne is so trusting ....
I also have a few bridges for sale, and some highways to go along with
them. We could make Arne some really good deals.
If you have responsibility for security anywhere, or even for your own
systems, the default assumption is that any encryption can be broken
given sufficient time and resources. I would assume that NSA etc can
already do that, but more dangerous are the state level actors in
places like China and Russia.

Making that assumption, you can then form a strategy to mitigate the
risk...

Chris
Simon Clubley
2020-12-09 13:29:14 UTC
Reply
Permalink
Post by Chris
If you have responsibility for security anywhere, or even for your own
systems, the default assumption is that any encryption can be broken
given sufficient time and resources. I would assume that NSA etc can
already do that, but more dangerous are the state level actors in
places like China and Russia.
Making that assumption, you can then form a strategy to mitigate the
risk...
A more immediate problem is what happens if you or your government
upsets the government which has regulatory authority over the cloud
company you are using ?

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
Arne Vajhøj
2020-12-09 14:41:59 UTC
Reply
Permalink
Post by Simon Clubley
A more immediate problem is what happens if you or your government
upsets the government which has regulatory authority over the cloud
company you are using ?
Yes.

Avoiding a cloud provider based in China seems wise.

Things could escalate to where cutting off western companies access
where deemed beneficial in Beijing.

Arne
Simon Clubley
2020-12-09 18:19:46 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Simon Clubley
A more immediate problem is what happens if you or your government
upsets the government which has regulatory authority over the cloud
company you are using ?
Yes.
Avoiding a cloud provider based in China seems wise.
Or in the US in some cases.
Post by Arne Vajhøj
Things could escalate to where cutting off western companies access
where deemed beneficial in Beijing.
Or to certain factions in Washington, DC.

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
Arne Vajhøj
2020-12-09 18:32:15 UTC
Reply
Permalink
Post by Simon Clubley
Post by Arne Vajhøj
Post by Simon Clubley
A more immediate problem is what happens if you or your government
upsets the government which has regulatory authority over the cloud
company you are using ?
Yes.
Avoiding a cloud provider based in China seems wise.
Or in the US in some cases.
For a north korean or iranian business then a chinese
cloud provider may be more safe than a US cloud provider.

But for UK, Denmark etc. then US would be safer.

Arne
Arne Vajhøj
2020-12-09 14:36:05 UTC
Reply
Permalink
Post by Chris
If you have responsibility for security anywhere, or even for your own
systems, the default assumption is that any encryption can be broken
given sufficient time and resources. I would assume that NSA etc can
already do that, but more dangerous are the state level actors in
places like China and Russia.
Making that assumption, you can then form a strategy to mitigate the
risk...
You mean no network communication at all and sending mag tapes
in armored cars??

Somehow I don't think that will work in todays world.

Arne
Chris
2020-12-09 15:26:27 UTC
Reply
Permalink
Post by Arne Vajhøj
Post by Chris
If you have responsibility for security anywhere, or even for your own
systems, the default assumption is that any encryption can be broken
given sufficient time and resources. I would assume that NSA etc can
already do that, but more dangerous are the state level actors in
places like China and Russia.
Making that assumption, you can then form a strategy to mitigate the
risk...
You mean no network communication at all and sending mag tapes
in armored cars??
Somehow I don't think that will work in todays world.
Arne
What a ridiculous straw man argument. Really need to try harder :-)...

Chris
Arne Vajhøj
2020-12-09 19:39:43 UTC
Reply
Permalink
Post by Chris
Post by Arne Vajhøj
Post by Chris
If you have responsibility for security anywhere, or even for your own
systems, the default assumption is that any encryption can be broken
given sufficient time and resources. I would assume that NSA etc can
already do that, but more dangerous are the state level actors in
places like China and Russia.
Making that assumption, you can then form a strategy to mitigate the
risk...
You mean no network communication at all and sending mag tapes
in armored cars??
Somehow I don't think that will work in todays world.
What a ridiculous straw man argument.
Well give your claim of "the default assumption is that any
encryption can be broken", then it seems a valid concern
how to do secure network communication.

Arne
Dave Froble
2020-12-07 20:19:49 UTC
Reply
Permalink
Post by Bill Gunshannon
Post by Arne Vajhøj
Deutsche Bank just announced that they have signed with
Google to move most of their IT To Google cloud.
<quote>
The two companies on Friday finalized a cloud computing agreement
under which the German lender plans to shift most of its data onto
Google servers, technology head Bernd Leukert said in a phone interview.
...
The deal will include “applications at the heart of our IT,” Leukert
said in an interview,
</quote>
This follow that Capital One closed down their last data center
a month ago after migrating everything to Amazon cloud.
VMS will need to function - and function well - in such new
environments.
Arne
Once you move your data to The Cloud it ceases to be your
data. Hell of a way to run a business.
bill
I cannot either agree, or disagree.

Is it really your data, if you're storing it on disks, or SSDs, or
whatever, if you need vendors? Do you have the capability of recovering
data from failed devices? I'm thinking that no one is ever totally self
reliant when it comes to computing.

I can envision compute services that are totally reliable. I'm not
ready to accept today's services as totally reliable. But at some time,
there may be services that one can totally rely upon.
--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: ***@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486
Loading...