One time pad. :)
On Tue, Jun 4, 2013 at 9:50 PM, Ken Schaefer <[email protected]> wrote:
> Interesting. What encryption algorithm do you use, that you can guarantee
> that it’s not going to be obsolete years, let alone decades from now?
>
>
>
> --
>
> http://au.linkedin.com/in/kschaefer
>
> Typed on a Lenovo Helix – apologies for brevity
>
>
>
>
>
>
>
> From: [email protected] [mailto:[email protected]]
> On Behalf Of Jean-Paul N
> Sent: Wednesday, 5 June 2013 12:56 PM
> To: [email protected]
> Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers
>
>
>
> Not sure how this plays into the scheme of things, but I deal with offsite
> data backup ( for exchange, ad, file servers etc...) except someone gives
> the authorities the encryption key, they will spend decades trying to
> decrypt the data).
>
> ________________________________
>
> From: [email protected]
> To: [email protected]
> Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers
> Date: Wed, 5 Jun 2013 01:40:24 +0000
>
> Governments that “don’t play by the rules” aren’t going to be stopped on
> your company’s doorstop by some lawyers either.
>
>
>
> Governments like Russia’s can find ways to throw you in jail for decades and
> steal your multi-billion dollar company (Khordorkovsky and Yukos) without
> too much trouble. Or assassinate you if you’re not quite as high profile.
> And Russia’s government isn’t even particularly nasty in the global scheme
> of things.
>
>
>
> In fact, the only way I can see your method working is for each organisation
> to have their own data centres, with their own security guards and so on.
> Each time you contract someone else for data centre facilities you run the
> risk that they might let some “authority” in to take away your hardware or
> data. Organisations with plenty of legal firepower have been using 3rd party
> data centres for a long time, so there must be ways to manage this risk. I
> don’t know what they are, but I can assure you that most major banks do not
> own their own DC facilities in every country that they’re in.
>
>
>
> Cheers
>
> Ken
>
>
>
> From: [email protected] [mailto:[email protected]]
> On Behalf Of Jon Harris
> Sent: Wednesday, 5 June 2013 11:06 AM
> To: [email protected]
> Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers
>
>
>
> I am trying to point out that not all governments will play totally by the
> rules. A search warrant, at least in the states, requires some proof of
> wrong doing along with a judges blessing. The warrant I am referring to is
> just a government letter saying we want access, and would potentially
> specify that the cloud vendor not tell their client that this is happening
> the agency does not even have to get a judges blessing on the search. I
> believe there have been a number of instances where this has happened
> already but I can't site any specifically. On premise data would at least
> be safer from that kind of thing happening. It is harder to have government
> agents walk up to a door of a company and tell them 'hey we demand access to
> all of your servers so that we can snoop around and see what you are doing'
> and not have a bunch of lawyers demanding to see the proof of wrong doing.
> A cloud vendor would not be in a position until all the legal challenges are
> done to tell those same government agents 'no' without incurring some
> liability. Once all the legal challenges are done and the cloud vendors
> have all the legal contracts in place and some sort of protection from the
> potential criminal liability then the cloud would be to some degree safer
> for companies to move to it. I am not condemning it's use just handing out
> an opinion as to this movement with less than critical thinking by SMB's.
>
> Jon
>
>
> ________________________________
>
> From: [email protected]
> To: [email protected]
> Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers
> Date: Wed, 5 Jun 2013 00:41:35 +0000
>
> I hate to say it but I see a lot of companies regretting the decision to
> jump to the web when some gov decides it can just issue a warrant and start
> searching that businesses digital material.
>
>
>
>
>
> What does “jumping to the web” have to do with cloud? If the authorities can
> get a warrant, they can just turn up at your door and seize your paper files
> if you insist on not having anything digital.
>
>
>
> Perhaps I’m a bit confused as to whether you’re condemning (1) the use of
> digital media, (2) putting things onto the WWW, or (3) using a cloud
> provider. If it’s either (1) or (2) I think you’d have a hard time
> convincing anyone that the risks and costs outweigh the benefits.
>
>
> Cheers
>
> Ken
>
>
>
> From: [email protected] [mailto:[email protected]]
> On Behalf Of Jon Harris
> Sent: Wednesday, 5 June 2013 10:17 AM
> To: [email protected]
> Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers
>
>
>
> I hate to say it but I see a lot of companies regretting the decision to
> jump to the web when some gov decides it can just issue a warrant and start
> searching that businesses digital material. The IRS has been doing it with
> emails claiming they have the right to do it. It may not be the American
> gov that does this first (but I would not bet against it) and it will cost
> some company big time.
>
> I seem to also remember someone on the list a few months ago posting an
> article about a hack that allowed for cloud machines to be compromised if
> where were on the same hypervisor.
>
> Jon
>
>
> ________________________________
>
> From: [email protected]
> To: [email protected]
> Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers
> Date: Wed, 5 Jun 2013 00:05:46 +0000
>
> It won’t happen overnight. But my prediction is that eventually the
> providers will, after grabbing the non-complex mass market, start going
> after industry verticals. They’ll start with the low-hanging fruit (i.e.
> smaller firms that exist in just one jurisdiction). They’ll get a bunch of
> lawyers, talk to regulators and so on, and start marketing a ‘certified’
> solution for that industry – possibly with some level of indemnification.
>
>
>
> It’s definitely customers who are pushing the “cloud” thing – even in some
> large FSI corps that I’ve colleagues in are pushing this. They’re turning to
> their current outsourcers and asking “why can’t I get the same
> flexibility/pricing/etc from you that I can get from Amazon?” “Why does it
> take you 6 weeks to give me a server whereas Amazon can give me one in 2
> hours?” and so on. It’s going to be a huge issue for HP/CSC/IBM, which is
> why they’re scrambling to put together their own cloud offerings. VMWare’s
> also sniffing around – touting their services business as a replacement for
> incumbent outsourcers.
>
>
>
> Cheers
>
> Ken
>
>
>
> From: [email protected] [mailto:[email protected]]
> On Behalf Of James Rankin
> Sent: Wednesday, 5 June 2013 1:07 AM
>
>
> To: [email protected]
> Subject: Re: [NTSysADM] RE: Microsoft's 'Blue' servers
>
>
>
> Hmmm, sounds like MS' approach is that they've decided that The Cloud is
> unavoidable, or will at least represent the "sensible choice" in future
>
>
>
> For dev and test environments, sure, and maybe smaller enterprises without
> regulatory requirements and/or no budget to spare for private
> infrastructure, but throw in any kind of data security and integrity -
> particularly anything that has implications related to storing information
> in other global jurisdictions - and I just get the feeling that it won't
> take off as much as everyone would have us believe.
>
>
>
> I'm also becoming less convinced of Microsoft's capability to respond to
> customer requirements, although to be honest that's exhibiting more in the
> consumer end at the moment than business.
>
>
>
> I'm not known as any kind of trend-predictor or tech commentator, though, so
> I'm just stating my gut feelings :-)
>
>
>
>
> On 4 June 2013 15:52, <[email protected]> wrote:
>
> They will never position it as something you HAVE to do or else (like
> Google). They are developing the technology so that when you’re ready, it
> will be ready for your needs. The Cloud leader will be the one that can show
> “why” it makes sense to move, not that moving is the only choice.
>
>
>
> Sent from Microsoft Surface Pro
>
>
>
> From: James Rankin
> Sent: Tuesday, June 4, 2013 9:33 AM
> To: [email protected]
>
>
>
> But the expectation is that "years later" everyone will go cloud-based of
> some sort?
>
>
>
> I can see that not flying for a lot of orgs - if MS take the "shove it down
> your throat regardless" option they did with some of the Win8 features, it
> might change the landscape somewhat
>
>
>
> Just my ill-informed and quickly-formulated opinion :-)
>
>
>
> On 4 June 2013 15:27, Michael B. Smith <[email protected]> wrote:
>
> Microsoft wants to drive you to the cloud.
>
>
>
> Some people will settle on a single version of the software and then move
> years later. There is no ostensible requirement to keep pace with Microsoft.
