Switzerland Wants To Become the World's Data Vault 131
wiredmikey writes "Business for Switzerland's 55 data centers is booming. They benefit from the Swiss reputation for security and stability, and some predict the nation already famous for its super-safe banks will soon also be known as the world's data vault. For example, housed in one of Switzerland's numerous deserted Cold War-era army barracks, one high-tech data center is hidden behind four-ton steel doors built to withstand a nuclear attack — plus biometric scanners and an armed guard. Such tight security is in growing demand in a world shaking from repeated leaks scandals and fears of spies lurking behind every byte."
SLA agreements... (Score:4, Interesting)
IMHO, I don't care if they store data in the vaults of Mordor... I care about what these firms offer for a SLA, and what happens to the data if the company folds or sells out.
Here in the US, in theory, the physical servers (and their SAN backends) should be blanked, but if not and the data passes through to another party, that party holding the servers owns that data free and clear. A bank's private records could be available as a torrent, or the new server owner could legally charge a previous client of the folded firm for access to their files. Perhaps even make the files public unless a "reclamation fee" was paid.
Re:Leaks and spies? (Score:4, Interesting)
Despite everything said in recent months, all the evidence from security experts suggests social engineering is the number one weakness. Network and host security are closing the gap, sure, but unless you plan to go EAL7 - which you can do with a general-purpose OS if you've money to burn - there is nothing that can be trusted.
Nothing? An early backdoor for AT&T Unix was built into the compiler, but it could just as easily have been in any library the compiler used. Auditing the Linux kernel would be bad enough, auditing GCC, glibc and all the maths libraries used by the optimizer? Even with an army of testers and coders, you'd be dead of old age before securing that lot against accidental and deliberate exploits that may arise in code other than that tested.
(By an army, I mean 100,000 dedicated, skilled people would be capable of getting a specific Linux kernel watertight after about 1.5 years on the first go. Each iteration would take less, such that the series would be convergent, but you'd always lag by several months. With the compiler and libraries, the interactions are too severe and there's too much code. You could never get it watertight and the series would diverge because complexity would increase exponentially but verification would be linear.)
I would love to see a company on that scale set up for the sole purpose of finding and fixing Linux bugs. I would also love next week's lottery numbers, a girlfriend, a cuddly toy, a chip fabrication plant and something that can make proper tea. (Cue Bruce Forsyth)
Realistically, I have to limit myself to visions of provably secure kernel components, with the rest of the kernel, and the rest of the OS, being either insecure or half-inched from OpenBSD.
Re:More holes than Swiss cheese (Score:5, Interesting)
Switzerland's problem is that it's grown wealthy off the back of dirty money.
That is, it's banks have obtained large amounts of money from everyone from Nazi looters through to money stolen by common theft, through to the much more benign tax avoiders and evaders.
This money has been used to invest and bankroll Swiss firms, which is why Switzerland has been able to grow other major firms like Nestle over the years and is what allows Switzerland to have disproportionate corporate punch in the world.
Most nations are willing to turn a blind eye most of the time because although it's a problem for them, a rational cost/benefit analysis has to be performed and most of the time it's more hassle trying to argue a political solution and implement it than it's worth.
But since the recession that's changed, countries are desperate for every penny they can find, a few hundred million or a few billion owed to the tax authorities is a non-issue in boom times relative to the lower hanging fruit they can go after back home instead but when the financial crisis hit and as it has dragged on for so long all the low hanging fruit have been plucked, and suddenly even mere hundreds of millions held abroad are worth going after.
So at this point financially hit countries like the US, UK and much of Western Europe now put the Swiss in their sites, and it becomes an ultimatum for the Swiss at this point - start giving up the criminally held tax, start giving up the tax evaders, or we'll put hefty financial transaction taxes on monetary transfers in and out of your country, or we'll start picking through your nation's companies with a very fine comb looking for fines we can leverage against them.
This is why the Swiss have allowed their banks to start submitting to US tax deals and so forth because the alternative is much less pleasant (e.g. http://www.bbc.co.uk/news/business-20907359 [bbc.co.uk]).
Swiss data centres would be no different - they'd be perfectly solid and safe until they become a measurable problem to a major Western nation or two and as with Swiss banks you'd see a slow erosion from complete secrecy, to allowing warrant based requests for data, to general access to information deals and support for cease and desist orders.
At best therefore they'd be a temporary solution. But if they were willing to host the likes of The Pirate Bay I'd wager that solution would be very temporary indeed given the lobbying power of the MPAA/RIAA and the priority with which the likes of the US would hence pursue such an issue with the Swiss.
Re:Glory to Arstotzka! (Score:5, Interesting)
Because no country existing outside of a dystopic novel has anything comparable to the NSA. Inb4 China: China's massive espionage ends at their borders, outside there it's just the usual, they don't even monitor WoW despite the risk of gnome terrorists.
There are no less than 3 separate sources within the People's Republic of China that hammer on one of my servers 24x7x365 trying to break their way in. They've been at it for a very, very long time.