×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Switzerland Wants To Become the World's Data Vault

samzenpus posted about 4 months ago | from the leave-it-to-us dept.

Privacy 131

wiredmikey writes "Business for Switzerland's 55 data centers is booming. They benefit from the Swiss reputation for security and stability, and some predict the nation already famous for its super-safe banks will soon also be known as the world's data vault. For example, housed in one of Switzerland's numerous deserted Cold War-era army barracks, one high-tech data center is hidden behind four-ton steel doors built to withstand a nuclear attack — plus biometric scanners and an armed guard. Such tight security is in growing demand in a world shaking from repeated leaks scandals and fears of spies lurking behind every byte."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

131 comments

Swiss's NSA analog? (5, Insightful)

Anonymous Coward | about 4 months ago | (#45667261)

What is to say that their agency similar to the NSA will not be over all the stored data like a fat kid over cupcakes? It is great intel, especially if it comes to economic or commercial stuff.

Plusses and Minuses (-1)

Anonymous Coward | about 4 months ago | (#45667283)

Yes but the distinct lack of niggers helps to explain the booming Swiss economy, offsetting any fears of an NSA type agency. Without the welfare, law enforcement, court system, and prison system black holes (pun intended) niggers represent, they have much more resources they can use to secure their nation without such extreme measures as NSA style spying.

Glory to Arstotzka! (3, Insightful)

Anonymous Coward | about 4 months ago | (#45667399)

Because no country existing outside of a dystopic novel has anything comparable to the NSA. Inb4 China: China's massive espionage ends at their borders, outside there it's just the usual, they don't even monitor WoW despite the risk of gnome terrorists.

Re:Glory to Arstotzka! (2, Insightful)

Anonymous Coward | about 4 months ago | (#45667445)

Yeah, NSA may be more pervasive worldwide, but if you truly believe China's espionage efforts aren't also focused outside of their country, I know someone with some prime marshland you might be interested in.

Re:Glory to Arstotzka! (3)

davester666 (731373) | about 4 months ago | (#45668329)

Given how the Swiss are currently trying to figure out how to limit giving out banking data to the US, Germany, and the UK among others, I don't see how anyone could think their non banking data would be any more secure than their banking information.

I was from China ... (5, Insightful)

Taco Cowboy (5327) | about 4 months ago | (#45669035)

Yeah, NSA may be more pervasive worldwide, but if you truly believe China's espionage efforts aren't also focused outside of their country, I know someone with some prime marshland you might be interested in.

Yes, China does spy on people.

But at the very least, China does not do that and then say to the world "The world should THANK US for keeping them safe".

I was from China. In fact, I ran away from China. I dislike China's communist party as much as anybody else, and I am a naturalized American citizen.

But still, fair is fair.

While what NSA did technically was not that much different from what others do (which includes democratic countries such as England, Australia, Canada, New Zealand and France), morally, the United States government has sunk lower than that of China !

China steals others secret but never pretend to be THE PROTECTOR, unlike the Hussein (aka Barry Soetoro) Barack Obama Administration of the United States of America !

Now, about that piece of marshland, I think you can keep it.

Re:Glory to Arstotzka! (4, Interesting)

RabidReindeer (2625839) | about 4 months ago | (#45669323)

Because no country existing outside of a dystopic novel has anything comparable to the NSA. Inb4 China: China's massive espionage ends at their borders, outside there it's just the usual, they don't even monitor WoW despite the risk of gnome terrorists.

There are no less than 3 separate sources within the People's Republic of China that hammer on one of my servers 24x7x365 trying to break their way in. They've been at it for a very, very long time.

Re:Glory to Arstotzka! (2)

GTRacer (234395) | about 4 months ago | (#45669483)

May I ask what kind of server? Is it already public-facing? And just one of your servers?

Re:Glory to Arstotzka! (1)

RabidReindeer (2625839) | about 4 months ago | (#45669845)

May I ask what kind of server? Is it already public-facing? And just one of your servers?

Actually, there are really 2 different servers under consistent attack. Yes, they're public-facing (it would be a pretty poor firewall, else). And one of them is at almost the exact opposite end of the country.

Re:Glory to Arstotzka! (0)

Anonymous Coward | about 4 months ago | (#45667985)

That's bull. They monitor in other ways. But they probably aren't really interested outside of Asia for now. If u think they're not in Nepal, you're crazy.

Re:Swiss's NSA analog? (5, Informative)

AHuxley (892839) | about 4 months ago | (#45667405)

The Swiss mil did a lot of mil 'swaps' and further 'education' with the US. The Swiss also had a lot of their deep bunker information sold to the Soviet Union. Would the US have been invited in to help with security after such an event and friendships formed?
Switzerland had great skills in ~cold war crypto products for export but did not seem to pose any decryption issues for the GCHQ/NSA over time.
What an Australia, UK, NZ, Canada gives to the US via generational agreement, the Swiss might give to the US out of staff friendship and ongoing gov trust?
The other aspect would be the ongoing tax issues with US citizens and the use of EU/Swiss banking products.
Swiss banking might become more open to US legal requests, would Swiss data protection laws for non Swiss end users bend the same way over time under constant US legal/gov/mil requests?

Re:Swiss's NSA analog? (2)

TubeSteak (669689) | about 4 months ago | (#45667501)

Give it a few weeks and I bet we'll see a story, sourced from Snowden, about how Switzerland helped the US spy on countries that it doesn't have any diplomatic relations with.

Re:Swiss's NSA analog? (1, Troll)

fractoid (1076465) | about 4 months ago | (#45668387)

The funny thing is that at this point, he could release 'evidence' that the NSA secretly implanted gnomes in Kate Middleton's butt cheeks and people would believe him. Not saying that anything he's leaked so far has been fabricated, but how would we know?

Re:Swiss's NSA analog? (0)

Anonymous Coward | about 4 months ago | (#45668695)

Who says it's even him anymore? You could make it up and someone would believe it. "Snowden says US government puts mind control chemicals in Big Macs which are activated by watching porn." -- "I knew it!"

Re:Swiss's NSA analog? (1)

Anonymous Coward | about 4 months ago | (#45668927)

No surprise. Everybody knows Big Macs are a clever way to infiltrate business and political groups all around the world. ;-)

Re:Swiss's NSA analog? (0)

Anonymous Coward | about 4 months ago | (#45668781)

Kate ? .. I believe you're referring to her sister .. her cheeks are apparently out of this world ..

Re:Swiss's NSA analog? (2)

DarkOx (621550) | about 4 months ago | (#45668955)

Well for one thing Snowden isn't leaking anything anymore and has not been since he got to Russia it's a condition of his freedom there. What's happening is the paper he leaked it to continues to go thru the material and publish the interesting stuff. So Snowden would have needed lots of foresight to arrange something like that. Could the Gaurdian start making up Snowden leaks? I suppose but he might dispute them, and it would harm the papers image, and with the UK government breathing down their necks over the leaks it would be risky too.

Re:Swiss's NSA analog? (1)

fractoid (1076465) | about 4 months ago | (#45669145)

He seems like a canny enough lad, and I'd guess he knows a fair bit about cryptography. Maybe he's digitally signed the files he leaked (so that they can be verified in chunks as being part of the documents he liberated)?

Re:Swiss's NSA analog? (0)

Anonymous Coward | about 4 months ago | (#45667553)

Yeah, well, the NSA capitalized on that reputation: http://cryptome.org/jya/nsa-sun.htm

Re:Swiss's NSA analog? (1)

icebike (68054) | about 4 months ago | (#45667833)

A nice yarn, unburdened by any believable evidence.

Re:Swiss's NSA analog? (0)

Anonymous Coward | about 4 months ago | (#45667931)

..not yet, anyway. See you in a few weeks.

Re:Swiss's NSA analog? (-1, Flamebait)

Gen_Music (2420986) | about 4 months ago | (#45668163)

They probably are, but you forget a hugely important factor. The Swiss are not proactive about foreign and homeland policy. They keep themselves to themselves (afaik), don't go stomping into anyone's country and are very open about their decision to not take peer pressure from anyone (hence them being surrounded by EEA and EFTA members but rejecting the proposals themselves so the Swiss is not really a member of what the US regards as "the EU").

Their independence and unwillingness to "co-operate" with other countries (read: submit to peer pressure) on a lot of things is why the GDP there is double anywhere else in the rest of Europe and why I would trust them with my data servers over anyone else.

Re:Swiss's NSA analog? (0)

Anonymous Coward | about 4 months ago | (#45669169)

See Project Onyx.

One more thing.... (1)

DrPBacon (3044515) | about 4 months ago | (#45667269)

FAT32 support.

Re:One more thing.... (-1)

Anonymous Coward | about 4 months ago | (#45667515)

FAT32 support.

I'm the one
that cums around
to post for you cunts
just to say
NIGGERS!! COONS!! JIGABOOS!!!


O by the way yo mamas fatter than ANY 32 yo

SLA agreements... (3, Interesting)

mlts (1038732) | about 4 months ago | (#45667295)

IMHO, I don't care if they store data in the vaults of Mordor... I care about what these firms offer for a SLA, and what happens to the data if the company folds or sells out.

Here in the US, in theory, the physical servers (and their SAN backends) should be blanked, but if not and the data passes through to another party, that party holding the servers owns that data free and clear. A bank's private records could be available as a torrent, or the new server owner could legally charge a previous client of the folded firm for access to their files. Perhaps even make the files public unless a "reclamation fee" was paid.

Re:SLA agreements... (0)

Anonymous Coward | about 4 months ago | (#45667359)

Paranoid much? There has yet to be a cloud provider to have gone bankrupt or sold out in the entire history of the Internet.

Re:SLA agreements... (2)

LordLucless (582312) | about 4 months ago | (#45667633)

The same could be said about the car industry in its first five years.

The internet may have been around much longer, but data-centric cloud storage providers are a very young industry.

Re:SLA agreements... (2)

khallow (566160) | about 4 months ago | (#45667991)

There has yet to be a cloud provider to have gone bankrupt or sold out in the entire history of the Internet.

There's always turnover in colocation services, a cloud thing before the name was invented.

Finally, of the cloud providers that actually use the "cloud" buzzword, I was able to find Nirvanix, Cirtas Systems, Atmos Online, and 2e2. While looking through articles I read through also mentioned a bunch of swapping, selling, and closing of business units that purportedly offered cloud services.

In my view, not thinking about bankruptcy or other disruptions of a cloud provider that you rely on is pretty dangerous. It might not be as bad as having all your data on a single server in a basement somewhere, but it is something you should be aware of and have some sort of contingency available should it occur.

Re:SLA agreements... (5, Funny)

cold fjord (826450) | about 4 months ago | (#45667485)

IMHO, I don't care if they store data in the vaults of Mordor...

I'm thinking that the Swiss are more of the Dwarf miner flavor, don't you think? Tunnels, tunnels everywhere, filled with gold.

Re:SLA agreements... (-1)

Anonymous Coward | about 4 months ago | (#45667741)

IMHO, I don't care if they store data in the vaults of Mordor...

I'm thinking that the Swiss are more of the Dwarf miner flavor, don't you think? Tunnels, tunnels everywhere, filled with gold.

No yer thinkin of the Jews aka Red Sea pedestrians aka kykes aka Yids aka gold niggers. Got it?

Re:SLA agreements... (0, Flamebait)

cold fjord (826450) | about 4 months ago | (#45667783)

So you think that either the Swiss or the Dwarfs are all Jewish?

Piece of advice: you probably shouldn't post while you're either that drunk or stupid. I'm going to guess that means you probably shouldn't post at all.

Re:SLA agreements... (2)

jd (1658) | about 4 months ago | (#45667893)

Nonono. We need a law that allows website owners to fine idiots who PWS (post whilst stupid) or PUIC (post under influence of conspiracies). Slashdot will become immensely rich overnight, will be able to rehire CmdrTaco, and will lose the useless third who we can ship off to another world via the B Ark.

Re:SLA agreements... (1)

Gen_Music (2420986) | about 4 months ago | (#45668197)

conspiracy (kn-spîr-s)
n. pl. conspiracies
1. An agreement to perform together an illegal, wrongful, or subversive act.
2. A group of conspirators.
3. Law An agreement between two or more persons to commit a crime or accomplish a legal purpose through illegal action.
4. A joining or acting together, as if by sinister design: a conspiracy of wind and tide that devastated coastal areas.

So please explain how exactly does Slashdot determine when one posts under the agreement of a criminal?

Re:SLA agreements... (2)

jd (1658) | about 4 months ago | (#45667851)

Tunnels and Trolls is an RPG, not a Slashdot posting policy. Go back to bestgore, where you belong.

Re:SLA agreements... (3, Funny)

jd (1658) | about 4 months ago | (#45667875)

The Swiss could be dwarves, they certainly have Mirrormere (lake Geneva) and the LHC has been accused of being Moria in the past.

We can definitely rule out the Svart Alfar (dark elves in Norse legend) as that part of the world definitely lacks ugly. Dragons, perhaps - the Swiss are a tough vain at times and have been known to hoard. The mountains are suspiciously mountainy. On the other hand, the chocolateers there are amongst the finest in the world. Dragons can't eat chocolates, as they're related to dogs.

Ok, Dwarves it is.

Re:SLA agreements... (0)

Anonymous Coward | about 4 months ago | (#45668255)

As a native cave troll I have to disagree. Tunnels everywhere is true, drumms in the deep as well, but no gold beyond the chasm of Smaug. Event the Balrogs are teethless these days.

Sorry. Nothing to see here, especially when wearing rings.

Re:SLA agreements... (4, Insightful)

mysidia (191772) | about 4 months ago | (#45667493)

Here in the US, in theory, the physical servers (and their SAN backends) should be blanked, but if not and the data passes through to another party, that party holding the servers owns that data free and clear. A bank's private records could be available as a torrent,

If the bank is adhering to regulations and standards; all the sensitive data such as account numbers should be encrypted at rest.

Preferably; all data in the vault should be stored with a storage layer encryption on top of that, such that only the legitimate client can operate on the data.

For anything that needs to be processed onsite --- hardware security modules should be used to decrypt data on the fly.

The bank should have legal ownership of the authorization tokens required to operate the hardware security modules, and perform decryption tasks on the bank's data.

There should be a third party required to supervise administration of the hardware tokens required to authenticate to the HSM, and ensure that the tokens and HSM units remain secure at all times, and are operated only with continuing approval of the tenants.

Re:SLA agreements... (1)

Anonymous Coward | about 4 months ago | (#45670003)

You are assuming that banks adhere to regulations. This may not be the case. The enforcement is spotty at best, and violations are at best a slap on the wrist with a warning, "don't get caught next time."

Hardware security modules have been hacked. About four years ago, one OS maker had this happen, and a bogus, backdoored SSH package signed before it was caught and a mechanism to revoke/find stuff put in place.

One does not simply (0)

Anonymous Coward | about 4 months ago | (#45668591)

One does not simply ssh into Mordor!

do:

ssh root@mordor.tx.us 'mv /dev/ring /mnt/doom'

Where ever you put it (2, Insightful)

Sean (422) | about 4 months ago | (#45667353)

Good luck keeping guys with tens of thousands of exploits out of it

Re:Where ever you put it (0)

Anonymous Coward | about 4 months ago | (#45667443)

Good luck keeping guys with tens of thousands of exploits out of it.

You mean the NSA? That's their target audience.

Re:Where ever you put it (1)

jd (1658) | about 4 months ago | (#45667925)

Where you put the data doesn't matter. SSL can be regarded as broken and BGP4+ definitely is, meaning you lose everything in transit. Nobody needs to access the data silos.

(I'm not just thinking spy guys - broken is broken, so this includes competitors, patent trolls, lobbyists, home grown terror groups, the PTA, your next door neighbour...)

Physical, sure. Data security? Not anymore. (5, Insightful)

spiritgreywolf (683532) | about 4 months ago | (#45667355)

Spies don't have to crack them if they're financial based businesses like banks. Every time the IRS expresses an "interest" in the account information, they roll over on their backs. I would expect no less from them if any other three letter agency wanted more information, especially if any of those "interests" involved doing business with the US.

Re:Physical, sure. Data security? Not anymore. (1)

joe_frisch (1366229) | about 4 months ago | (#45669669)

Long ago Swiss bank accounts were protected from international scrutiny, and under those rules I would have trusted them with data. Since the accounts are not longer protected, I see no reason to think the data will be.

Maybe North Korea should do data storage - they never seem to give in to international pressure, but at the same time have to power to act on any data that they find.

More holes than Swiss cheese (5, Informative)

Anonymous Coward | about 4 months ago | (#45667449)

Three more Swiss banks join US tax deal - Reuters - 12 hours ago [reuters.com].

Swiss banks are supposedly the safest place to store money, If the Swiss are willing to share customer data with the US, what else can't they share?

Just another tentacle of the Nothing is beyond our reach [dailymail.co.uk] motto.

Re:More holes than Swiss cheese (3, Informative)

TubeSteak (669689) | about 4 months ago | (#45667547)

Switzerland signs [Organisation for Economic Cooperation and Development] tax convention [swissinfo.ch]
  October 15, 2013

The convention provides for all forms of mutual assistance including exchange on request, spontaneous tax examinations abroad, simultaneous tax examinations and assistance in tax collection, while protecting taxpayers' rights, the OECD said. Automatic exchange of data is possible under the convention but requires additional agreements between the states involved.

Once this treaty gets passed through the Swiss legislature, their bank secrecy will become a thing of the past.

Re:More holes than Swiss cheese (0)

Anonymous Coward | about 4 months ago | (#45668137)

They are not exactly "willing" however the USA is arresting, extraditing and financially sanctioning anyone/any companies which don't go along with it. It's about as close as the US can get to war on a wealthy western nation without actually sending in soldiers. A referendum on it is coming up - will be very interesting to see what the Swiss people do about that. I don't think they will like having their national sovereignity revoked by the USA, but it's also not clear what they can do about it. A condition of complying with FATCA is you have to engage in the USA's war against any countries that don't comply with it, so any country that resists is fighting not only the USA but all others that were already conquered ....

Here's hoping (2)

bradley13 (1118935) | about 4 months ago | (#45668215)

Here's one Swiss hoping we can vote FATCA down a black hole.

Our government sees itself in a difficult situation: we are very dependent on open trade agreements, not least because we are physically surrounded by the EU. So our government rolls over any time open trade is threatened. Many of us think they need to take a harder line. For example, the agreement with the EU requires us to accept essentially unlimited numbers of immigrants - what sovereign country would ever sign away the right to determine its own immigration policy. Now we that we have the issue with FATCA, there is at least a chance that the population will tell the government that it has gone too far.

Re:More holes than Swiss cheese (1)

sociocapitalist (2471722) | about 4 months ago | (#45668921)

Three more Swiss banks join US tax deal - Reuters - 12 hours ago [reuters.com].

Swiss banks are supposedly the safest place to store money, If the Swiss are willing to share customer data with the US, what else can't they share?

Just another tentacle of the Nothing is beyond our reach [dailymail.co.uk] motto.

There might be a difference in that the banks that are rolling over have a presence in the US that can be leaned on.

On top of that I'm not sure how the US thinks it has the ability to levy and collect penalties against Swiss banks located in Switzerland that don't have a presence in the US to start with.

If the databanks have no business in the US that can be leaned on, perhaps they will be outside the US' legal pressure. Of course they will remain high profile targets for the NSA and any other criminal organization.

Re:More holes than Swiss cheese (4, Interesting)

Xest (935314) | about 4 months ago | (#45669049)

Switzerland's problem is that it's grown wealthy off the back of dirty money.

That is, it's banks have obtained large amounts of money from everyone from Nazi looters through to money stolen by common theft, through to the much more benign tax avoiders and evaders.

This money has been used to invest and bankroll Swiss firms, which is why Switzerland has been able to grow other major firms like Nestle over the years and is what allows Switzerland to have disproportionate corporate punch in the world.

Most nations are willing to turn a blind eye most of the time because although it's a problem for them, a rational cost/benefit analysis has to be performed and most of the time it's more hassle trying to argue a political solution and implement it than it's worth.

But since the recession that's changed, countries are desperate for every penny they can find, a few hundred million or a few billion owed to the tax authorities is a non-issue in boom times relative to the lower hanging fruit they can go after back home instead but when the financial crisis hit and as it has dragged on for so long all the low hanging fruit have been plucked, and suddenly even mere hundreds of millions held abroad are worth going after.

So at this point financially hit countries like the US, UK and much of Western Europe now put the Swiss in their sites, and it becomes an ultimatum for the Swiss at this point - start giving up the criminally held tax, start giving up the tax evaders, or we'll put hefty financial transaction taxes on monetary transfers in and out of your country, or we'll start picking through your nation's companies with a very fine comb looking for fines we can leverage against them.

This is why the Swiss have allowed their banks to start submitting to US tax deals and so forth because the alternative is much less pleasant (e.g. http://www.bbc.co.uk/news/business-20907359 [bbc.co.uk]).

Swiss data centres would be no different - they'd be perfectly solid and safe until they become a measurable problem to a major Western nation or two and as with Swiss banks you'd see a slow erosion from complete secrecy, to allowing warrant based requests for data, to general access to information deals and support for cease and desist orders.

At best therefore they'd be a temporary solution. But if they were willing to host the likes of The Pirate Bay I'd wager that solution would be very temporary indeed given the lobbying power of the MPAA/RIAA and the priority with which the likes of the US would hence pursue such an issue with the Swiss.

Re:More holes than Swiss cheese (0)

Anonymous Coward | about 4 months ago | (#45670005)

Your premise is just plain wrong. First, the Swiss provided an invaluable service to Jews in Nazi Germany by giving them a safe place to hide their money from the German government. It's highly unfortunate but not the fault of the Swiss that most of those Jews were killed by the Nazis. Second, if I lived in a corrupt country like India, the U.S., etc., I would do everything I could to move my money to a more stable place like Switzerland where I don't have to worry about bribes (unlike India), or where at least the government can balance their books (unlike the u.s.).

Re:More holes than Swiss cheese (1)

Vitriol+Angst (458300) | about 4 months ago | (#45670007)

I'm very glad the IRS did go after the Swiss Banks.

However I think in light of the recent reports that Sweden was data-mining Russian internet traffic for the NSA, it's likely there is a more secret deal where we leave their crooked banks alone, and they tell us all the secrets.

I think a lot of people talking of Chinese espionage efforts are missing the bigger picture; China can already BUY THIS STUFF from contractors for the NSA. Go search some old Wikileaks talking about an Israelis firm selling these databases.

This is about Corporate Espionage, Money and Power -- the idea that nation states and governments afraid of "cold war era spying" is quaint and so very behind the times. People don't always recognize what their current age is involved in -- it becomes clear with hindsight. Maybe they aren't spying on each other but are cooperating to spy on anyone not in power.

Not beyond US legal reach. (1)

couchslug (175151) | about 4 months ago | (#45667459)

We need a place where global laws don't apply, and there is no such place, for the lawmasters control all.

Re:Not beyond US legal reach. (0)

Anonymous Coward | about 4 months ago | (#45667803)

We sort of have it- it's called Tor. The problem is you have to have competent full time administrators who actively work to secure the systems AND keep themselves at a distance at the same time. Unfortunately we only have half of that right now. The people who operated Silk Road appear to have been incompetent or just sloppy. The same could probably be said for Freedom Hosting. However I'd defend both in that I think they were working with inadequate resources. You probably need 2-3 extremely competent and security minded paranoid people for a proper operation that is defensible against the resources of the government.

Wooo steel doors! (1)

Anonymous Coward | about 4 months ago | (#45667475)

When was the last significant hack?

When was the last significant physical hack?

Physical security means nothing if you don't have better network security.

Leaks and spies? (1)

AmiMoJo (196126) | about 4 months ago | (#45667479)

I don't think physical barriers, no matter how impressive, are going to protect against leaks or spies.

Re:Leaks and spies? (3, Interesting)

jd (1658) | about 4 months ago | (#45668083)

Despite everything said in recent months, all the evidence from security experts suggests social engineering is the number one weakness. Network and host security are closing the gap, sure, but unless you plan to go EAL7 - which you can do with a general-purpose OS if you've money to burn - there is nothing that can be trusted.

Nothing? An early backdoor for AT&T Unix was built into the compiler, but it could just as easily have been in any library the compiler used. Auditing the Linux kernel would be bad enough, auditing GCC, glibc and all the maths libraries used by the optimizer? Even with an army of testers and coders, you'd be dead of old age before securing that lot against accidental and deliberate exploits that may arise in code other than that tested.

(By an army, I mean 100,000 dedicated, skilled people would be capable of getting a specific Linux kernel watertight after about 1.5 years on the first go. Each iteration would take less, such that the series would be convergent, but you'd always lag by several months. With the compiler and libraries, the interactions are too severe and there's too much code. You could never get it watertight and the series would diverge because complexity would increase exponentially but verification would be linear.)

I would love to see a company on that scale set up for the sole purpose of finding and fixing Linux bugs. I would also love next week's lottery numbers, a girlfriend, a cuddly toy, a chip fabrication plant and something that can make proper tea. (Cue Bruce Forsyth)

Realistically, I have to limit myself to visions of provably secure kernel components, with the rest of the kernel, and the rest of the OS, being either insecure or half-inched from OpenBSD.

Re:Leaks and spies? (0)

Anonymous Coward | about 4 months ago | (#45668649)

Especially considering who are running the infomercial....Anyone could join their company (couple of people in switzerland + people in eastern europe )

What the point of having your data in a bunker if its leaked from everywhere? Unless your operations are also in the bunker, it's all useless.

i have plenty of seed to store in swedish women (0)

Anonymous Coward | about 4 months ago | (#45667509)

nt

Well and good... (2, Funny)

ApplePy (2703131) | about 4 months ago | (#45667519)

All will be fine until 10 years from now, when the Swiss will be accused of hoarding Jewish BitCoin from Holocaust survivors....

Not on your nellie (0)

Anonymous Coward | about 4 months ago | (#45667531)

The US owns the Swiss banking system now, I'd bet they own most of the other infrastructure as well.

the world needs "the crypt" (1)

jonwil (467024) | about 4 months ago | (#45667537)

Someone ought to take a leaf from Cryptonomicon and find a country somewhere that is willing to say "screw you" if the US or its allies come knocking on the door, has a stable political system (whether that be democratically elected or not) and is willing to host a big data center to hold all the crap the US would rather not be hosted (WikiLeaks etc) and all the crap the US wants to get its hands on.

Re: the world needs "the crypt" (1)

Anonymous Coward | about 4 months ago | (#45667565)

I believe Fantasy Island meets all your criteria.

Re:the world needs "the crypt" (1)

jd (1658) | about 4 months ago | (#45668131)

No, the world doesn't. Consumer OS' need Delay Tolerant Protocol support and Mars One needs to put a giant data server with gigantic solar panels near one of the Martian poles. Anyone with a TV satellite dish and a decent amplifier would be able to put what they wanted there. There's no ISP, no third-party network, no cables that could be cut or tapped, no raidable office, no power switch, no DNS entry to block, no search engine entry to remove.

There is also no way consumers would pay for it. This is one case where you do get what you pay for. Although there are more than enough concerned Internet users to actually put a human-less data centre of useful size on Mars, complete with fault tolerance and hot standby capabilities, so close to absolutely none of you would fork over real money to achieve it that it could never happen.

(How close is close? Fewer than a million is close to zero. Fewer than a hundred million, you could do it if a few were very rich. But since a dead server is equal to no server, anything less than enough to get this working is close to zero.)

Data in any single place is vulnerable (4, Informative)

presidenteloco (659168) | about 4 months ago | (#45667593)

The solution to data longevity is such things as:

-Redundant storage

-Globally distributed storage

-Fragmentation and reassembly of data (so no host is responsible for content, since it is all just fragments)

-A protocol whereby the network monitors how many copies of a datum there are and creates more copies if it can't find enough.

-A protocol that automatically migrates data fragements to both newer host storage and more reliable host storage gradually over time.

-Re-wrappable encryption protocol

-Onion routing for access

-An economic model such as quid pro quo storage sharing (you store some of anonymous others' fragments, they store some of yours, no money exchanged.

-Storage of metadata and programming language execution environments and programs (with instructions) along with data

I don't see the need for a data vault. (0)

Anonymous Coward | about 4 months ago | (#45667631)

Its easy to encrypt data for storage. Its easy to store the keys hidden somewhere offline. Why have high security storage?

Now, when it comes to processing and distributing data, then you might have a need to some real security. In cases where you can't do that yourself, such as high volume sites (Say, The Pirate Bay, or perhaps just some stupidly centralized system for foolish users, like email or social networks), having a more secure (against government, as well as private threats) could be handy, especially if you can pay anonymously. I have a feeling they won't offer that kind of thing though. If you offer than, and really have the desired privacy, you see nothing but encrypted data coming and going to unknown users paid for by unknown hosts: that would enable anyone to host anything with full immunity as long as they arn't stupid. There arn't many countries lining up to be the official host of all things oppressed (piracy, hit-men, child porn, human trafficking etc.) Maybe they are willing to really serve up the freedom to the world, but I have a feeling the world wouldn't really stay connected to them if they did.

Backups (2)

chris200x9 (2591231) | about 4 months ago | (#45667635)

I was in the process of writing a post about how physical protection means nothing and how the data would would have to be online to be useful anyway when it hit me. Backups. IMO this doesn't make sense as a "keep people out of my data" thing as much as a "I can't lose my data no matter what" thing.

Re:Backups (1)

jcr (53032) | about 4 months ago | (#45667919)

But you can get that just by fedexing copies of your backups to friends in different cities.

-jcr

Moon (1)

savuporo (658486) | about 4 months ago | (#45667669)

You want your data to be safe ? Send it to the moon. Careful about the storage format - etched metal plates are probably the most durable. But pick encoding that an alien could understand and decode. See Voyager Golden Record.

Re:Moon (1)

Anonymous Coward | about 4 months ago | (#45668019)

Crazy as that sounds, there is actually some talk of doing that sort of thing. [wordpress.com]

With the SpaceX Falcon Heavy (F9H) I can place about 6,000 kg of payload on the Moon. This is enough for a 125 kilowatt powerlander, along with a laser communications system, a petabyte of computer server, and at least 10 small (30 kg each) advanced rovers. The F9H cost is $83m, and the cost of the lander with the desired payload is about $500m. I can immediately generate revenue from the use of the laser communications system. Utterly secure, 25 gigabits/sec communications with an unhackable data server would easily be worth $150-250m/year in revenue to the U.S. government, based on the cost of the Advanced EHF and other wideband military satellites. The yearly cost to support this is $1-2m dollars, thus my first infrastructure payload for mining is already generating strongly positive cash flow.

I'm a tad skeptical myself, but who knows?

[taiwanjohn: posting as AC to preserve mod points]

Re:Moon (1)

savuporo (658486) | about 4 months ago | (#45668551)

Right, i have read Wingo's version and others - he is wildly optimistic about this being a business bootstrap and his prices and cost structures. Plus, there is no way you will get the numbers of petabytes he dreams in deep space radiation environment. But, something like that could be conjured up as some super premium service by an existing business with coffers to fund things at couple hundred million dollar level and patience to market it and return the investment on the service.
However, we know how well big businesses like far out ideas.

Reading Comprehension (0)

Anonymous Coward | about 4 months ago | (#45667727)

You don't haz it.

The number of people pounding on about banks in this story's comments is hilarious. This data vault has nothing to do with a bank!

Physical access (0)

Anonymous Coward | about 4 months ago | (#45667779)

I wouldn't worry so much about the physical access of a data center.

Data is not tangible (0)

Anonymous Coward | about 4 months ago | (#45667869)

The only safe way to store your data is within your own bank, over a secured connection. Unlike tangibles like money and gold, data can be reproduced at marginal cost nearly zero and stored anywhere in the world. You could basically leave it in a remote location with a solar powered system. You can make the data look like garbage too, in a few seconds.

Outside of that, the server rooms are not worth individual storage and just a marketing image

Super-safe banks? (1)

jcr (53032) | about 4 months ago | (#45667915)

Not anymore.

Switzerland stood up to the nazis, but they caved to the American IRS. There is no more reason to trust a Swiss bank today.

-jcr

Not safe anymore (3, Informative)

flyingfsck (986395) | about 4 months ago | (#45668061)

The Swiss banks are not secret anymore. The laws changed and the NSA and GCHQ monitors all SWIFT and other transfers as well.

the article did not mention (1)

Anonymous Coward | about 4 months ago | (#45668127)

we should not forget, that switzerland has strong data protection laws.

Why trust them with data when they sold out banks? (3, Insightful)

shaitand (626655) | about 4 months ago | (#45668171)

The swiss numbered account as a bastion of privacy is a thing of the past. The swiss turn over bank information on request to the US. Why on earth would we even begin to trust them with our data? That's no better than giving it directly to the NSA to begin with.

Re:Why trust them with data when they sold out ban (0)

Anonymous Coward | about 4 months ago | (#45669155)

Swiss privacy laws haven't changed. See my other post. The only time a bank/banker can legally turn over information is when there's evidence that the money is linked to a crime, for example, african and middle eastern leaders that embezzled government money, drug lord money, etc.

Re:Why trust them with data when they sold out ban (1)

Vitriol+Angst (458300) | about 4 months ago | (#45669929)

So your complaining that Criminals and Tax Cheats can't hide their money anymore?

Everything is on a sliding scale. Some Island country isn't going to protect your data any better than Sweden when any other country with bigger guns says; "tell us what we want to know."

A larger country with ETHICS that will stand on principle -- yes. But Swedish banks never really had ethics so on that basis, why would they not fold like a dollar bill?

The criminal has a conundrum no matter where they hide their data / funds. So of course they go to the Caymans where the US protects them because they have both big guns and no scruples.

Unacceptable (2)

Karmashock (2415832) | about 4 months ago | (#45668173)

They already caved to the IRS. Why would we expect them not to cave to the NSA?

We need an organization with the stones to hold the line. The swiss have made it clear that they won't go to bat for anyone else... even their own clients/customers. So... that is over.

We need to see some one out there willing to sacrifice to hold the line. I want to see a group that has their feet held to the fire until they crisp... and yet not break.

Sound extreme? Its an extreme game. The swiss bankers are clearly weasels. They'll protect your identity and money so long as its easy and they're not challenged. They're fair weather players. They play when the sun is shining and the winds are calm. But when all hell breaks lose... they'll abandon you to be torn apart by jackals. And we can get that kind of service from any data host on earth. Why bank my data with the Swiss? Anything special about them? The days of numbered bank accounts were clearly just an illusion. We believed they would protect us and they charged us extra for our belief.

All that is gone. If the swiss want this role... they'll have to show themselves willing to eat some pain for it. Will they suffer so much as the displeasure of the EU or US?

No... the only protection will be the deep web. Bury the servers so deep that the authorities can't find it. Then its safe.

Short of that... its all self deception.

Re:Unacceptable (0)

Anonymous Coward | about 4 months ago | (#45669073)

We need to see some one out there willing to sacrifice to hold the line. I want to see a group that has their feet held to the fire until they crisp... and yet not break.

The Piratebay maybe?

Re:Unacceptable (0)

Anonymous Coward | about 4 months ago | (#45669141)

I believe the privacy laws haven't changed in switzerland. It is still illegal for a bank/banker to release banking information on individuals. The federal government here has tried multiple times to change the constitution to allow it but the changes have been voted down by the swiss each time.

What has happened though is that banks have made payments to foreign governments based on estimates on the amount they hold from foreigners, but without giving any information away on the individuals.

Another thing they did was provided an encrypted file containing information on account holders, but didn't provide the key.

Most Swiss banks no longer take accept americans or anyone that has lived in the u.s. for more than 6 months.

Re:Unacceptable (0)

Anonymous Coward | about 4 months ago | (#45669519)

Why would we expect them not to cave to the NSA?

They already have. Before encryption on computers became commonplace, the Swiss company Crypto AG [wikipedia.org] was one of the world's biggest suppliers of cryptography equipment to governments and corporations. They are now widely believed to have colluded with the NSA (and the German equivalent).

NL Databunker (0)

Anonymous Coward | about 4 months ago | (#45668223)

We had this for ages. Swiss is a tad late on the concept.....
http://cyberbunker.com/web/history.php

Something for nothing (0)

Anonymous Coward | about 4 months ago | (#45668663)

Switzerland mooches its defense off the West, and now seeks to profit from its security.

banks vs data-centers (2)

deaf.seven (2669973) | about 4 months ago | (#45668719)

Many are saying that the banks bent to the US, so the data-centers will too. However, there are a few problems with this comparison and I think it needs to be pointed out that it's quite a different case.

So Switzerland has had strong bank secrecy laws for years. Also, for years these bank secrecy laws have been heavily critisized all around the world. And for years Switzerland has made a lot of money with them, because clients used Swiss banks to avoid taxes, 'possibly' money laundering and such. So these laws have been looked at as rather negative.

So then the financial crisis hit and all of a sudden all the nations were looking for quick and easy money. The US, Germany and many more. Well, it turns out that you can quickly make some money by simply collecting all these taxes that you've missed out on for years. And I mean these clients that tried to avoid taxes by putting their money into Swiss banks simply did something illegal.

So the banks were pressured very hard to release the information. And banks are a very very big deal in Switzerland. I mean the UBS is huge for Switzerland. It's simply the 'too-big-to-fail' company in Switzerland. In order to 'save' the banking business Switzerland didn't have much of a choice then to simply give in.

Now le'ts look at the situation with data-centers:
Firstly, they're far far away from being as big and important as the banks. If the trend keeps going then they will gain importance, but I doubt that data-centers will ever deal with as much money as banks.

Secondly, the privacy laws in Switzerland are not looked at as negative. Instead they're looked at as highly positive and this only got stronger with snowden's leak.

So with the bank secrecy laws it was like the world vs Switzerland. With the privacy laws it's more like the world behind Switzerland vs the US.

Of course with the privacy laws there is the problem that a lot of piracy may happen in those data-centers and that might give the US some attack surface. E.g. the Swiss based firm rapidshare gets under a lot of pressure because of that. But that can still be solved separately from privacy and I don't believe it's comparable to the bank secrecy situation.

And a word about the Swiss intelligence service: Compared to the NSA it's joke.
Obviously the funding of the two isn't comparable at all. The local laws are completely different (we don't have any kind of patriot act).

No, load of rubbish (0)

Anonymous Coward | about 4 months ago | (#45668789)

I'm pretty sure that even a small nuke would burn through four tons of steel in a door.

Notwithstanding that you don't need to destroy the door to get in, the hinges would suffice.

Armed guard (1)

giorgist (1208992) | about 4 months ago | (#45668851)

What is the armed guard there for ? Who cares if they pinch the hard drives. Prove to me that nobody has access to it by simply giving me the encryption keys. I want to know the data is inaccessible even if they are hosted by the NSA.

More importantly (1)

Overzeetop (214511) | about 4 months ago | (#45669185)

"AN armed guard"

Really? One? I mean, at least they could hire two so that they could use the plural and keep us all guessing whether it was a small army.

Re:More importantly (1)

ScentCone (795499) | about 4 months ago | (#45669353)

I toured a datacenter once. They had "manned checkpoints." Which meant ... one guy manned some of them, some of the time. They had "escorted co-lo access" - which mean that he helped you find your rack/shelf, and then walked away. They had "man trap" security, which meant ... "a lobby with some bad coffee and a vending machine." I like seeing this stuff in person. "An" armed guard is, you're right, a completely meaningless thing to say. A 4-foot steel door? Just the one? This also sounds like a total fire death trap if there aren't other fire exits. Is that the only way for workers to escape death by halon? Details, Swissdatacentercompany, details!

does it have WINDOWS? (0)

Anonymous Coward | about 4 months ago | (#45669265)

lovely. GO home Plug AV : )

secure data transfer (1)

FishTankX (1539069) | about 4 months ago | (#45670071)

The swiss could just store the data in unconnected servers and fly in tape on private jets for the critical customers. Only allow servers to be physically connected for live backup restore streams OR use unmarked encrypted hard drives shipped through fedex to a dropoff point where client picks up the data.

Or send the data on encrypted sd cards to a trained pigeon farm and the pigeon wearing kevlar body armor to protect against hawks flies the last leg.

Excellent (1)

Reliable Windmill (2932227) | about 4 months ago | (#45670171)

Great news. U.S Internet services are not safe nor secure and can't be trusted anymore. If you are concerned about your business and attracting more customers then you will do well in buying European or Asian services from now on.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...