Forgot your password?
typodupeerror
Privacy Security

Switzerland Wants To Become the World's Data Vault 131

Posted by samzenpus
from the leave-it-to-us dept.
wiredmikey writes "Business for Switzerland's 55 data centers is booming. They benefit from the Swiss reputation for security and stability, and some predict the nation already famous for its super-safe banks will soon also be known as the world's data vault. For example, housed in one of Switzerland's numerous deserted Cold War-era army barracks, one high-tech data center is hidden behind four-ton steel doors built to withstand a nuclear attack — plus biometric scanners and an armed guard. Such tight security is in growing demand in a world shaking from repeated leaks scandals and fears of spies lurking behind every byte."
This discussion has been archived. No new comments can be posted.

Switzerland Wants To Become the World's Data Vault

Comments Filter:
  • by Anonymous Coward on Wednesday December 11, 2013 @11:07PM (#45667261)

    What is to say that their agency similar to the NSA will not be over all the stored data like a fat kid over cupcakes? It is great intel, especially if it comes to economic or commercial stuff.

    • by Anonymous Coward

      Because no country existing outside of a dystopic novel has anything comparable to the NSA. Inb4 China: China's massive espionage ends at their borders, outside there it's just the usual, they don't even monitor WoW despite the risk of gnome terrorists.

      • Re: (Score:2, Insightful)

        by Anonymous Coward

        Yeah, NSA may be more pervasive worldwide, but if you truly believe China's espionage efforts aren't also focused outside of their country, I know someone with some prime marshland you might be interested in.

        • Given how the Swiss are currently trying to figure out how to limit giving out banking data to the US, Germany, and the UK among others, I don't see how anyone could think their non banking data would be any more secure than their banking information.

          • Given how the Swiss are currently trying to figure out how to limit giving out banking data to the US

            By law our banks aren't allowed to give the data out, anyway.
            The solution chosen by Swiss Banks? Kick out US clients and stop doing any business with them. Problem solved.

        • by Taco Cowboy (5327) on Thursday December 12, 2013 @06:51AM (#45669035) Journal

          Yeah, NSA may be more pervasive worldwide, but if you truly believe China's espionage efforts aren't also focused outside of their country, I know someone with some prime marshland you might be interested in.

          Yes, China does spy on people.

          But at the very least, China does not do that and then say to the world "The world should THANK US for keeping them safe".

          I was from China. In fact, I ran away from China. I dislike China's communist party as much as anybody else, and I am a naturalized American citizen.

          But still, fair is fair.

          While what NSA did technically was not that much different from what others do (which includes democratic countries such as England, Australia, Canada, New Zealand and France), morally, the United States government has sunk lower than that of China !

          China steals others secret but never pretend to be THE PROTECTOR, unlike the Hussein (aka Barry Soetoro) Barack Obama Administration of the United States of America !

          Now, about that piece of marshland, I think you can keep it.

        • by RabidReindeer (2625839) on Thursday December 12, 2013 @08:13AM (#45669323)

          Because no country existing outside of a dystopic novel has anything comparable to the NSA. Inb4 China: China's massive espionage ends at their borders, outside there it's just the usual, they don't even monitor WoW despite the risk of gnome terrorists.

          There are no less than 3 separate sources within the People's Republic of China that hammer on one of my servers 24x7x365 trying to break their way in. They've been at it for a very, very long time.

          • by GTRacer (234395)
            May I ask what kind of server? Is it already public-facing? And just one of your servers?
            • May I ask what kind of server? Is it already public-facing? And just one of your servers?

              Actually, there are really 2 different servers under consistent attack. Yes, they're public-facing (it would be a pretty poor firewall, else). And one of them is at almost the exact opposite end of the country.

          • Only 3? I've been the sys admin for a small number of web servers (for hobby and small business projects) for nearly 15 years and I see break-in attempts (*) from numerous IPs on a near constant basis; every few minutes a new, offending IP ends up getting blocked by my firewall. Nowadays, something close to 95% of these 'attacks' originates from China, where as only a few years ago the attacks were reasonably well distributed across the globe, with places like the Ukraine and Russia appearing highest on the

            • Only 3? I've been the sys admin for a small number of web servers (for hobby and small business projects) for nearly 15 years and I see break-in attempts (*) from numerous IPs on a near constant basis; every few minutes a new, offending IP ends up getting blocked by my firewall. Nowadays, something close to 95% of these 'attacks' originates from China, where as only a few years ago the attacks were reasonably well distributed across the globe, with places like the Ukraine and Russia appearing highest on the list of offenders. Of course, the source IP may just be a proxy for the true source of the attack, so it is hard to say for sure where most originate from.

              * The vast majority of break-in attempts I see are simple password guessing attempts for widely used account usernames. Disabling root login, enforcing use of SSH keys and using something like Fail2ban takes care of these with ease.

              I didn't mention the thousands of casual assaults I deflect daily. These particular offenders, however, are more dedicated. And besides, the original item of contention was specifically on China.

          • by chihowa (366380) *

            As bad as I feel about it, after blocking the entire IP blocks of China and Russia at my firewall, attacks (and spam) have dropped to almost zero. I know that some people can't do this for various reasons and I know that it goes against the spirit of the internet, but I think it was worth the peace of mind for me.

            • As bad as I feel about it, after blocking the entire IP blocks of China and Russia at my firewall, attacks (and spam) have dropped to almost zero. I know that some people can't do this for various reasons and I know that it goes against the spirit of the internet, but I think it was worth the peace of mind for me.

              Ditto. It was bad enough blocking Korea, but there have been occasions when legitimate emails would come to me from Russia. Lack of policing by their ISPs has forced me to block them. You also won't get through to me if you live in Taiwan and use HINET.

              It's more than just the spirit of the Internet. It's like I can't get a postcard from Great-Aunt Sally because the town she lives in has a postoffice that's heavily employed by junk mailers and con men. Or like having to ban all incoming phone calls from Cana

      • by Renevith (1556657)

        China's massive espionage ends at their borders, outside there it's just the usual

        This exhaustively researched report claims the Chinese army has a division that actively hacks Western corporations to steal their data:

        https://www.mandiant.com/blog/mandiant-exposes-apt1-chinas-cyber-espionage-units-releases-3000-indicators/ [mandiant.com]

        While China is behind the NSA in some regards, they are beyond it in others. I think 'comparable' is appropriate.

      • Because no country existing outside of a dystopic novel has anything comparable to the NSA.

        Just like absolutely any other country, Switzerland has secret services too.

        Ours are called "ONYX" and even made some news in the press, when they "accidentally leaked" (in the Blick) an intercepted fax to the egyptian embassy about the CIA "outsourcing" torture in east-europeab black sites.
        (Yup, not only do we have our own NSA, we even have our own whistle blowers).
        (Note: In our case the revealing journalist has been cleared).

        Glory to Arstotzka!

        Yeah, I know, you were sarcastic.

        they don't even monitor WoW despite the risk of gnome terrorists.

        Also known as "The Great War of the Lawn Orname

    • by AHuxley (892839) on Wednesday December 11, 2013 @11:25PM (#45667405) Homepage Journal
      The Swiss mil did a lot of mil 'swaps' and further 'education' with the US. The Swiss also had a lot of their deep bunker information sold to the Soviet Union. Would the US have been invited in to help with security after such an event and friendships formed?
      Switzerland had great skills in ~cold war crypto products for export but did not seem to pose any decryption issues for the GCHQ/NSA over time.
      What an Australia, UK, NZ, Canada gives to the US via generational agreement, the Swiss might give to the US out of staff friendship and ongoing gov trust?
      The other aspect would be the ongoing tax issues with US citizens and the use of EU/Swiss banking products.
      Swiss banking might become more open to US legal requests, would Swiss data protection laws for non Swiss end users bend the same way over time under constant US legal/gov/mil requests?
      • by TubeSteak (669689)

        Give it a few weeks and I bet we'll see a story, sourced from Snowden, about how Switzerland helped the US spy on countries that it doesn't have any diplomatic relations with.

        • Re: (Score:2, Troll)

          by fractoid (1076465)
          The funny thing is that at this point, he could release 'evidence' that the NSA secretly implanted gnomes in Kate Middleton's butt cheeks and people would believe him. Not saying that anything he's leaked so far has been fabricated, but how would we know?
          • by DarkOx (621550)

            Well for one thing Snowden isn't leaking anything anymore and has not been since he got to Russia it's a condition of his freedom there. What's happening is the paper he leaked it to continues to go thru the material and publish the interesting stuff. So Snowden would have needed lots of foresight to arrange something like that. Could the Gaurdian start making up Snowden leaks? I suppose but he might dispute them, and it would harm the papers image, and with the UK government breathing down their necks ov

            • by fractoid (1076465)
              He seems like a canny enough lad, and I'd guess he knows a fair bit about cryptography. Maybe he's digitally signed the files he leaked (so that they can be verified in chunks as being part of the documents he liberated)?
          • by P-niiice (1703362)
            I'm pretty surprised he hasn't monetized this whole thing.
        • about how Switzerland helped the US spy on countries that it doesn't have any diplomatic relations with.

          While also helping China. You know, to stay "neutral" by not favouring one side over the other(*).

          (*): "Don't favour one side" has actually happened a few times as an historical Swiss Military strategy.

  • FAT32 support.
  • SLA agreements... (Score:4, Interesting)

    by mlts (1038732) * on Wednesday December 11, 2013 @11:10PM (#45667295)

    IMHO, I don't care if they store data in the vaults of Mordor... I care about what these firms offer for a SLA, and what happens to the data if the company folds or sells out.

    Here in the US, in theory, the physical servers (and their SAN backends) should be blanked, but if not and the data passes through to another party, that party holding the servers owns that data free and clear. A bank's private records could be available as a torrent, or the new server owner could legally charge a previous client of the folded firm for access to their files. Perhaps even make the files public unless a "reclamation fee" was paid.

    • by cold fjord (826450) on Wednesday December 11, 2013 @11:45PM (#45667485)

      IMHO, I don't care if they store data in the vaults of Mordor...

      I'm thinking that the Swiss are more of the Dwarf miner flavor, don't you think? Tunnels, tunnels everywhere, filled with gold.

      • by jd (1658) <.imipak. .at. .yahoo.com.> on Thursday December 12, 2013 @01:08AM (#45667875) Homepage Journal

        The Swiss could be dwarves, they certainly have Mirrormere (lake Geneva) and the LHC has been accused of being Moria in the past.

        We can definitely rule out the Svart Alfar (dark elves in Norse legend) as that part of the world definitely lacks ugly. Dragons, perhaps - the Swiss are a tough vain at times and have been known to hoard. The mountains are suspiciously mountainy. On the other hand, the chocolateers there are amongst the finest in the world. Dragons can't eat chocolates, as they're related to dogs.

        Ok, Dwarves it is.

      • I'm thinking that the Swiss are more of the Dwarf miner flavor, don't you think? Tunnels, tunnels everywhere, filled with gold.

        Gold...? Really?
        Surely you jest.
        Mithril is what they are after.

    • by mysidia (191772) on Wednesday December 11, 2013 @11:46PM (#45667493)

      Here in the US, in theory, the physical servers (and their SAN backends) should be blanked, but if not and the data passes through to another party, that party holding the servers owns that data free and clear. A bank's private records could be available as a torrent,

      If the bank is adhering to regulations and standards; all the sensitive data such as account numbers should be encrypted at rest.

      Preferably; all data in the vault should be stored with a storage layer encryption on top of that, such that only the legitimate client can operate on the data.

      For anything that needs to be processed onsite --- hardware security modules should be used to decrypt data on the fly.

      The bank should have legal ownership of the authorization tokens required to operate the hardware security modules, and perform decryption tasks on the bank's data.

      There should be a third party required to supervise administration of the hardware tokens required to authenticate to the HSM, and ensure that the tokens and HSM units remain secure at all times, and are operated only with continuing approval of the tenants.

      • by Anonymous Coward

        You are assuming that banks adhere to regulations. This may not be the case. The enforcement is spotty at best, and violations are at best a slap on the wrist with a warning, "don't get caught next time."

        Hardware security modules have been hacked. About four years ago, one OS maker had this happen, and a bogus, backdoored SSH package signed before it was caught and a mechanism to revoke/find stuff put in place.

    • by Anonymous Coward

      Two names are all anyone needs to know here: Borders and Lavabit. The former went bust and has customer information compromised by its sale in bankruptcy court, and the latter was the subject of a secret attempted hostile takeover by a US government agency. In the case of Borders the sysadmins had long ago been dismissed so there was no one to wipe the drives clean. With Lavabit, at least as he tells it, the owner put his freedom at risk by purging the data so it would not fall into the "wrong hands". Both

  • by Sean (422) on Wednesday December 11, 2013 @11:18PM (#45667353)

    Good luck keeping guys with tens of thousands of exploits out of it

    • by jd (1658)

      Where you put the data doesn't matter. SSL can be regarded as broken and BGP4+ definitely is, meaning you lose everything in transit. Nobody needs to access the data silos.

      (I'm not just thinking spy guys - broken is broken, so this includes competitors, patent trolls, lobbyists, home grown terror groups, the PTA, your next door neighbour...)

    • by Hatta (162192)

      Don't they know what happens when you fsck a server in the alps?

  • by spiritgreywolf (683532) * on Wednesday December 11, 2013 @11:18PM (#45667355) Homepage Journal

    Spies don't have to crack them if they're financial based businesses like banks. Every time the IRS expresses an "interest" in the account information, they roll over on their backs. I would expect no less from them if any other three letter agency wanted more information, especially if any of those "interests" involved doing business with the US.

    • Long ago Swiss bank accounts were protected from international scrutiny, and under those rules I would have trusted them with data. Since the accounts are not longer protected, I see no reason to think the data will be.

      Maybe North Korea should do data storage - they never seem to give in to international pressure, but at the same time have to power to act on any data that they find.

  • by Anonymous Coward on Wednesday December 11, 2013 @11:36PM (#45667449)

    Three more Swiss banks join US tax deal - Reuters - 12 hours ago [reuters.com].

    Swiss banks are supposedly the safest place to store money, If the Swiss are willing to share customer data with the US, what else can't they share?

    Just another tentacle of the Nothing is beyond our reach [dailymail.co.uk] motto.

    • by TubeSteak (669689) on Wednesday December 11, 2013 @11:54PM (#45667547) Journal

      Switzerland signs [Organisation for Economic Cooperation and Development] tax convention [swissinfo.ch]
        October 15, 2013

      The convention provides for all forms of mutual assistance including exchange on request, spontaneous tax examinations abroad, simultaneous tax examinations and assistance in tax collection, while protecting taxpayers' rights, the OECD said. Automatic exchange of data is possible under the convention but requires additional agreements between the states involved.

      Once this treaty gets passed through the Swiss legislature, their bank secrecy will become a thing of the past.

    • Three more Swiss banks join US tax deal - Reuters - 12 hours ago [reuters.com].

      Swiss banks are supposedly the safest place to store money, If the Swiss are willing to share customer data with the US, what else can't they share?

      Just another tentacle of the Nothing is beyond our reach [dailymail.co.uk] motto.

      There might be a difference in that the banks that are rolling over have a presence in the US that can be leaned on.

      On top of that I'm not sure how the US thinks it has the ability to levy and collect penalties against Swiss banks located in Switzerland that don't have a presence in the US to start with.

      If the databanks have no business in the US that can be leaned on, perhaps they will be outside the US' legal pressure. Of course they will remain high profile targets for the NSA and any other criminal org

    • by Xest (935314) on Thursday December 12, 2013 @06:55AM (#45669049)

      Switzerland's problem is that it's grown wealthy off the back of dirty money.

      That is, it's banks have obtained large amounts of money from everyone from Nazi looters through to money stolen by common theft, through to the much more benign tax avoiders and evaders.

      This money has been used to invest and bankroll Swiss firms, which is why Switzerland has been able to grow other major firms like Nestle over the years and is what allows Switzerland to have disproportionate corporate punch in the world.

      Most nations are willing to turn a blind eye most of the time because although it's a problem for them, a rational cost/benefit analysis has to be performed and most of the time it's more hassle trying to argue a political solution and implement it than it's worth.

      But since the recession that's changed, countries are desperate for every penny they can find, a few hundred million or a few billion owed to the tax authorities is a non-issue in boom times relative to the lower hanging fruit they can go after back home instead but when the financial crisis hit and as it has dragged on for so long all the low hanging fruit have been plucked, and suddenly even mere hundreds of millions held abroad are worth going after.

      So at this point financially hit countries like the US, UK and much of Western Europe now put the Swiss in their sites, and it becomes an ultimatum for the Swiss at this point - start giving up the criminally held tax, start giving up the tax evaders, or we'll put hefty financial transaction taxes on monetary transfers in and out of your country, or we'll start picking through your nation's companies with a very fine comb looking for fines we can leverage against them.

      This is why the Swiss have allowed their banks to start submitting to US tax deals and so forth because the alternative is much less pleasant (e.g. http://www.bbc.co.uk/news/business-20907359 [bbc.co.uk]).

      Swiss data centres would be no different - they'd be perfectly solid and safe until they become a measurable problem to a major Western nation or two and as with Swiss banks you'd see a slow erosion from complete secrecy, to allowing warrant based requests for data, to general access to information deals and support for cease and desist orders.

      At best therefore they'd be a temporary solution. But if they were willing to host the likes of The Pirate Bay I'd wager that solution would be very temporary indeed given the lobbying power of the MPAA/RIAA and the priority with which the likes of the US would hence pursue such an issue with the Swiss.

      • I'm very glad the IRS did go after the Swiss Banks.

        However I think in light of the recent reports that Sweden was data-mining Russian internet traffic for the NSA, it's likely there is a more secret deal where we leave their crooked banks alone, and they tell us all the secrets.

        I think a lot of people talking of Chinese espionage efforts are missing the bigger picture; China can already BUY THIS STUFF from contractors for the NSA. Go search some old Wikileaks talking about an Israelis firm selling these dat

  • We need a place where global laws don't apply, and there is no such place, for the lawmasters control all.

  • by Anonymous Coward

    When was the last significant hack?

    When was the last significant physical hack?

    Physical security means nothing if you don't have better network security.

  • I don't think physical barriers, no matter how impressive, are going to protect against leaks or spies.

    • Re:Leaks and spies? (Score:4, Interesting)

      by jd (1658) <.imipak. .at. .yahoo.com.> on Thursday December 12, 2013 @01:55AM (#45668083) Homepage Journal

      Despite everything said in recent months, all the evidence from security experts suggests social engineering is the number one weakness. Network and host security are closing the gap, sure, but unless you plan to go EAL7 - which you can do with a general-purpose OS if you've money to burn - there is nothing that can be trusted.

      Nothing? An early backdoor for AT&T Unix was built into the compiler, but it could just as easily have been in any library the compiler used. Auditing the Linux kernel would be bad enough, auditing GCC, glibc and all the maths libraries used by the optimizer? Even with an army of testers and coders, you'd be dead of old age before securing that lot against accidental and deliberate exploits that may arise in code other than that tested.

      (By an army, I mean 100,000 dedicated, skilled people would be capable of getting a specific Linux kernel watertight after about 1.5 years on the first go. Each iteration would take less, such that the series would be convergent, but you'd always lag by several months. With the compiler and libraries, the interactions are too severe and there's too much code. You could never get it watertight and the series would diverge because complexity would increase exponentially but verification would be linear.)

      I would love to see a company on that scale set up for the sole purpose of finding and fixing Linux bugs. I would also love next week's lottery numbers, a girlfriend, a cuddly toy, a chip fabrication plant and something that can make proper tea. (Cue Bruce Forsyth)

      Realistically, I have to limit myself to visions of provably secure kernel components, with the rest of the kernel, and the rest of the OS, being either insecure or half-inched from OpenBSD.

  • by ApplePy (2703131) on Wednesday December 11, 2013 @11:50PM (#45667519)

    All will be fine until 10 years from now, when the Swiss will be accused of hoarding Jewish BitCoin from Holocaust survivors....

  • Someone ought to take a leaf from Cryptonomicon and find a country somewhere that is willing to say "screw you" if the US or its allies come knocking on the door, has a stable political system (whether that be democratically elected or not) and is willing to host a big data center to hold all the crap the US would rather not be hosted (WikiLeaks etc) and all the crap the US wants to get its hands on.

    • by Anonymous Coward

      I believe Fantasy Island meets all your criteria.

    • by jd (1658)

      No, the world doesn't. Consumer OS' need Delay Tolerant Protocol support and Mars One needs to put a giant data server with gigantic solar panels near one of the Martian poles. Anyone with a TV satellite dish and a decent amplifier would be able to put what they wanted there. There's no ISP, no third-party network, no cables that could be cut or tapped, no raidable office, no power switch, no DNS entry to block, no search engine entry to remove.

      There is also no way consumers would pay for it. This is one ca

  • by presidenteloco (659168) on Thursday December 12, 2013 @12:02AM (#45667593)

    The solution to data longevity is such things as:

    -Redundant storage

    -Globally distributed storage

    -Fragmentation and reassembly of data (so no host is responsible for content, since it is all just fragments)

    -A protocol whereby the network monitors how many copies of a datum there are and creates more copies if it can't find enough.

    -A protocol that automatically migrates data fragements to both newer host storage and more reliable host storage gradually over time.

    -Re-wrappable encryption protocol

    -Onion routing for access

    -An economic model such as quid pro quo storage sharing (you store some of anonymous others' fragments, they store some of yours, no money exchanged.

    -Storage of metadata and programming language execution environments and programs (with instructions) along with data

  • I was in the process of writing a post about how physical protection means nothing and how the data would would have to be online to be useful anyway when it hit me. Backups. IMO this doesn't make sense as a "keep people out of my data" thing as much as a "I can't lose my data no matter what" thing.
    • by jcr (53032)

      But you can get that just by fedexing copies of your backups to friends in different cities.

      -jcr

  • You want your data to be safe ? Send it to the moon. Careful about the storage format - etched metal plates are probably the most durable. But pick encoding that an alien could understand and decode. See Voyager Golden Record.

    • by Anonymous Coward

      Crazy as that sounds, there is actually some talk of doing that sort of thing. [wordpress.com]

      With the SpaceX Falcon Heavy (F9H) I can place about 6,000 kg of payload on the Moon. This is enough for a 125 kilowatt powerlander, along with a laser communications system, a petabyte of computer server, and at least 10 small (30 kg each) advanced rovers. The F9H cost is $83m, and the cost of the lander with the desired payload is about $500m. I can immediately generate revenue from the use of the laser communications system. Utterly secure, 25 gigabits/sec communications with an unhackable data server would easily be worth $150-250m/year in revenue to the U.S. government, based on the cost of the Advanced EHF and other wideband military satellites. The yearly cost to support this is $1-2m dollars, thus my first infrastructure payload for mining is already generating strongly positive cash flow.

      I'm a tad skeptical myself, but who knows?

      [taiwanjohn: posting as AC to preserve mod points]

      • by savuporo (658486)

        Right, i have read Wingo's version and others - he is wildly optimistic about this being a business bootstrap and his prices and cost structures. Plus, there is no way you will get the numbers of petabytes he dreams in deep space radiation environment. But, something like that could be conjured up as some super premium service by an existing business with coffers to fund things at couple hundred million dollar level and patience to market it and return the investment on the service.
        However, we know how well

  • Surely centralizing our data will keep it from prying eyes!

  • Not anymore.

    Switzerland stood up to the nazis, but they caved to the American IRS. There is no more reason to trust a Swiss bank today.

    -jcr

  • Not safe anymore (Score:4, Informative)

    by flyingfsck (986395) on Thursday December 12, 2013 @01:49AM (#45668061)
    The Swiss banks are not secret anymore. The laws changed and the NSA and GCHQ monitors all SWIFT and other transfers as well.
  • by Anonymous Coward

    we should not forget, that switzerland has strong data protection laws.

  • by shaitand (626655) on Thursday December 12, 2013 @02:22AM (#45668171) Journal
    The swiss numbered account as a bastion of privacy is a thing of the past. The swiss turn over bank information on request to the US. Why on earth would we even begin to trust them with our data? That's no better than giving it directly to the NSA to begin with.
    • So your complaining that Criminals and Tax Cheats can't hide their money anymore?

      Everything is on a sliding scale. Some Island country isn't going to protect your data any better than Sweden when any other country with bigger guns says; "tell us what we want to know."

      A larger country with ETHICS that will stand on principle -- yes. But Swedish banks never really had ethics so on that basis, why would they not fold like a dollar bill?

      The criminal has a conundrum no matter where they hide their data / funds.

      • by shaitand (626655)
        Who is a criminal and who is not? One state might take one view and another a different view. Making sure your money wasn't at the mercy of the views of any state and protected from them was what the Swiss Banks and Swiss neutrality were supposed to be all about.

        A state might be able to imprison me and try to coerce me in to handing over my property but ultimately the responsibility to resist that and keep my money despite it once rested with me if my money was in a Swiss bank. Now it isn't secure at all, i
  • by Karmashock (2415832) on Thursday December 12, 2013 @02:22AM (#45668173)

    They already caved to the IRS. Why would we expect them not to cave to the NSA?

    We need an organization with the stones to hold the line. The swiss have made it clear that they won't go to bat for anyone else... even their own clients/customers. So... that is over.

    We need to see some one out there willing to sacrifice to hold the line. I want to see a group that has their feet held to the fire until they crisp... and yet not break.

    Sound extreme? Its an extreme game. The swiss bankers are clearly weasels. They'll protect your identity and money so long as its easy and they're not challenged. They're fair weather players. They play when the sun is shining and the winds are calm. But when all hell breaks lose... they'll abandon you to be torn apart by jackals. And we can get that kind of service from any data host on earth. Why bank my data with the Swiss? Anything special about them? The days of numbered bank accounts were clearly just an illusion. We believed they would protect us and they charged us extra for our belief.

    All that is gone. If the swiss want this role... they'll have to show themselves willing to eat some pain for it. Will they suffer so much as the displeasure of the EU or US?

    No... the only protection will be the deep web. Bury the servers so deep that the authorities can't find it. Then its safe.

    Short of that... its all self deception.

  • Many are saying that the banks bent to the US, so the data-centers will too. However, there are a few problems with this comparison and I think it needs to be pointed out that it's quite a different case.

    So Switzerland has had strong bank secrecy laws for years. Also, for years these bank secrecy laws have been heavily critisized all around the world. And for years Switzerland has made a lot of money with them, because clients used Swiss banks to avoid taxes, 'possibly' money laundering and such. So these l

  • What is the armed guard there for ? Who cares if they pinch the hard drives. Prove to me that nobody has access to it by simply giving me the encryption keys. I want to know the data is inaccessible even if they are hosted by the NSA.
    • "AN armed guard"

      Really? One? I mean, at least they could hire two so that they could use the plural and keep us all guessing whether it was a small army.

      • by ScentCone (795499)
        I toured a datacenter once. They had "manned checkpoints." Which meant ... one guy manned some of them, some of the time. They had "escorted co-lo access" - which mean that he helped you find your rack/shelf, and then walked away. They had "man trap" security, which meant ... "a lobby with some bad coffee and a vending machine." I like seeing this stuff in person. "An" armed guard is, you're right, a completely meaningless thing to say. A 4-foot steel door? Just the one? This also sounds like a total fire
  • What's a "leaks scandal"?

  • The swiss could just store the data in unconnected servers and fly in tape on private jets for the critical customers. Only allow servers to be physically connected for live backup restore streams OR use unmarked encrypted hard drives shipped through fedex to a dropoff point where client picks up the data.

    Or send the data on encrypted sd cards to a trained pigeon farm and the pigeon wearing kevlar body armor to protect against hawks flies the last leg.

  • Great news. U.S Internet services are not safe nor secure and can't be trusted anymore. If you are concerned about your business and attracting more customers then you will do well in buying European or Asian services from now on.
  • the swiss aren't as neutral as they seem.

Life is difficult because it is non-linear.

Working...