Well then, time to start fining them under GDPR.
They can be fined if they actually use the data wrongly. However, them admitting is already important. It should be very obvious to anyone that there is not such thing as ‘European enclaves’ in these hyperscalers. Even if they host the data in Europe, unless it is an european company that does not have to comply with the US state, then the data is available to the US government.
This is why I’m migrating all the servers I own to EU data centres owned by EU companies. It’s insanely hard to get enterprises off the big 3 cloud providers, but for the smaller clients I support they don’t know why difference and in the long run it ends up saving then money
Do you know if there is a community of devops/admins/devs who are doing the same? I am interested in doing the same thing.
Not as far as I know, but the self-hosting community is generally moving over to VM runners and off the vendored solutions, any cloud provider can give you those.
Scaleway gives the most was style of services like managed kubernetes, FAAS, managed gateway etc. you pay for the convenience though.
Which ones are you using? I only have worked with hetzner, ionos and ovh, with mixed results.
Hetzner VMs generally, there are a couple of issues I’ve needed to workaround like private IP assignment with terraform, but other than that, if you’re comfortable deploying a k8s cluster yourself, just throw things on the cluster. The VMs aren’t the fastest but they give the biggest bang for your buck.
I’m currently experimenting with scaleway, but the cost is pretty high, so I’ll probably just migrate over to dedicated machines in hetzner and add more machines as the cluster grows
I’ve used Digital Ocean, Hetzner and OVH just because they’re cheap. It depends on your expectations.
Digital Ocean is American, tho.
Never said they weren’t
OP mentioned about EU based ones, that’s what I asked about.
I like Hetzner, what kind of issues did you have with them?
Seconding, have had nothing positive experiences with Hetzner. In fact they are the ones hosting this very Lemmy instance - that’s where the federate.cc VM is!
I will use this opportunity to post this link
Share it to someone that needs an alternative to windows :)
thank you
Unless you need Windows for work, in which case you’re fucked.
I literally only need one thing, which is a bank authentication token that prompts me to plug in a USB dongle, which then reads a certificate off of the device and pushes it to a browser plugin.
But that dongle software in itself? Windows only. And since I have to approve all outbound transactions (maker/checker principle), there’s no way around.
I mean that’s been known since the Snowden leaks
Hopefully this will get something moving
I highly doubt that this will get anything moving: In 2020 the European Court of Justice already invalidated the Privacy Shield agreement with the US for precisely this reason.
The majority of EU-companies however just continued to use US services despite the fact that user data could be accessed by the US government at any time, contrary to EU data protection regulations, and even without a court order (patriot act and such). No effective penalties - or more like no penalties whatsoever - were imposed on those companies that simply ignored the ruling.
The end result was that the EU entered into a new agreement with the US, the EU-US Data Privacy Framework (DPF) – just a new name: nothing has changed. European users’ data on US servers is still not protected in accordance with European law.
This statement only confirms what has long been known - nothing has changed.
So I can’t see why the EU would change course now, unfortunately. They could have years ago for the same reason but didn’t because, well, money…
I mean, they cant really blow up their entire infrastructure. They would be smart to force industry to cycle things out and give them a deadline but it will be expensive and slow going and the second the conservatives get power they will undo it all.
It’s going to happen on some scale eventually. The earlier we get the USA traitors off our data the better.
I was thinking of government internal software moving away from microsoft. Denmark, a German state and a French city are already doing it
Yes, that’s only right and sensible.
Unfortunately, things are moving too slowly here in Germany, but at least one federal state, Schleswig-Holstein, plans to switch to Linux and LibreOffice in the fall.
I’m not aware of any other plans in other federal states or at the national level.
Bavaria, a deeply conservative federal state, even uses Palantir, which is just absurd.
If it makes you feel any better, Microsoft can’t protect US data from Chinese access either.
If this doesn’t get the French state to get Microsoft and US tech out of all their public offices, I don’t know what will.
The national Police is planning to renew all the computers not supported by windows 11 while our Gendarmerie (same thing but different) is using Ubuntu since approximately 17 years. The head of Polytechnique signed a deal with microsoft to put restricted zones on o365. We are not there yet and it is a fucking shame. All the usual state contractors are hand in hand with microsoft so I don’t see any move in the close future. It could be easy to fine the USA companies into oblivion because they can’t respect GDPR but the EU is too submissive for that.
France has been right about digital sovereignty since the beginning. It’s a little disappointing that it hasn’t gone very far. Maybe this will give it new momentum.
If the Gendarmerie can do it, the national police should be able to too, but from what I read, they are years behind on wages.
In my opinion, only one of them should exists or they should be responsible for each other instead of internal investigation, firstly, but the police is not part of the military so that’s a first point, and with our fascist interior minister (responsible for the police), i don’t think this is a priority. I am sure that migrating to gendbuntu would not be too hard for the police, but it seems that they are rivals so I don’t see it coming. Kinda deadlocked as a situation
They are rivals? Why? That doesn’t make much sense. Shouldn’t they be colleagues?
Rivalry between two state organizations with the same role is to be expected I guess. Maybe some historical too as the roots of the national police lay in Vichy’s France…
Haha, as if bureaucratic change at that speed was remotely possible.
I hope I’m horribly mistaken and just looking at it through the eyes of what I know about Finnish bureaucracy.
It’s the same with Chinese companies. In the past we thought that the US was benign but not any more.
I’ve never thought it and don’t know why others did. If you where not American why would giving the US control of your infrastructure be a good thing? People just didn’t plan for relations to change I guess.
You may not however in Australia our systems were supplied by US corporations for decades before cloud storage and processing became a thing. Every data centre was local but then some started to be owned/operated by those corporations, then started hosting in foreign countries. It’s a gradual transition where the risks were not obvious. Not so today.
The EU and Canada must stop immediately using closed source software, especially from US Vendors
Oh that’s happening alright. Canonical and SUSE have been preparing for exactly this moment for years. They are ready.
I don’t trust canonical one bit
Why? Of all the Linux based big business companies they appear to be among the least problematic?
Aside from snaps I don’t see a problem with Ubuntu either.
Do we have another Redhat alternative other than SUSE, because I don’t find canonical to be trustworthy
If you can’t trust Canonical or SUSE, I don’t think there’s any enterprise option left for you, gotta use one of dem free distros
I trust SUSE, not canonical. So are there more SUSE-like organizations that are not in AmeriKKa that I can check out ??
What’s wrong with using SUSE if you want to avoid the other 2?
Rocky and Alma aim to give you the same software as RHEL, but no support unfortunately.
I just said I trust SUSE.
Fuck Microsoft but aren’t there data residency laws that say French data must be stored in Europe?
So that way, when push comes to shove, no country has their data hosted on enemy servers?
I’m not saying companies follow this, but I always thought they made these laws as part of GDPR.
Fuck Microsoft but aren’t there data residency laws that say French data must be stored in Europe?
The problem with U.S. companies operating in Europe is the CLOUD Act. It doesn’t matter where the physical servers are located, if the U.S. Government wants access to the data, U.S. Based companies are required by law to allow it.
If they wanted to, they would do like they do with taxes. “Oh. It is not our data, that data is owned by Microsoft company of the virgin islands, which is totally a different company from Microsoft USA”
Sure, but you have to remember that U.S. based corporations and Microsoft in particular are formed from pure evil out of the deepest darkest pits of hell and they love nothing more than sucking the asshole of the U.S. Government, who turns a blind eye to their monopoly and lets them get away with the most foul and disgusting business practices their little black hearts can think of.
They happily facilitate the U.S. Government to spy on U.S. Citizens when there isn’t even some heinous law that allows them to legally do so. If they don’t even give a single shit about their friends, family and neighbors- what are the odds they would go out of their way to protect Europeans, what with their love of ‘consumer protections’ and ‘anti monopoly’ laws?
An important point of the CLOUD is that subsidiaries are essentially also covered, unlike what happens with taxes/income.
I work for a french public owned company in transport. The whole company uses Microsoft 365, “sysadmin is an idiot and I don’t trust his password system” [ editing done] etc… Oh yeah, no one thought about cleaning up the system so copilot’s here all right, just sipping in the corner.
We are truly f***d .Doesn’t matter whom attacks, the US, China, Russia, indépendants. They can paralyse this transportation network in a snap. And I know it’s far from a lone example.
The french public services are hopeless as far as computing and basic security is concerned. There are a few times when they struck genius and got productive, secure services out, but day to day companies that are the infrastructure of the country itself are hopeless.
They can paralyse this regional transportation network in a snap
Not to be like overtly careful or avoid discussion of the subject, but maybe don’t make that easier for people by giving somewhat specialised tips like your first paragraph.
I’m not saying the Russians on Lemmy will pick up on that specifically but I don’t think you being that specific brought any more to the comment than having said “our admin is an idiot and I don’t trust his password system at all”.
I’m being way too prudish and cautious — for now.
But I’ve definitely started being more vague about some things, just as practice for when this shit gets worse. I’d like to say “if”, but I don’t believe that rn.
Especially when nowadays technically someone could genuinely just have an LLM crawl for anything like that and then check out who those people are. I don’t underestimate Russian spycraft. Their military, yeah. Their spycraft and sabotage? Less so.
Yeah, this is information that’s going to be permanently in my brain now is that the French communication network is crazy easy to paralyze
Those laws exists, but from the article, US laws supersedes those regulations, and apparently they rather comply there than in the EU. Guess they did the math and figured the consequences in the EU are easier to stomach.
Yes BUT, the US government can fine them whatever they want / threaten contracts / revoke their ability to do business in the US.
Ultimately their ability to function in the US is largely dependent on them doing whatever the fuck the government wants. If forced to choose between the US and EU, they’re almost always going to choose US.
Isn’t this no different then what people complain about Chinese companies? So if your not American there is no difference between Chinese and American companies.
I really dont think that it matters if the data is in Europe. If the company is American then it will not matter. The data must be in Europe AND the company must be also European, this way it can not be forced by the US to do anything.
Microsoft is a scummy company. Go Linux!
Has nothing to do with Windows. It’s about the different services Microsoft offers. Like Azure or OneDrive. You could run Linux (Microsoft has their own distro btw) on their cloud and they would give the US everything they asked for.
what is their distro called
Azure Linux. It was specifically developed for their cloud.
AWS also has their own. I assumed this is common with all cloud providers https://aws.amazon.com/blogs/aws/amazon-linux-2023-a-cloud-optimized-linux-distribution-with-long-term-support/#%3A~%3Atext=Amazon+Linux+is+the+most+used+Linux%2Cpartners+are+supporting+Amazon+Linux+2023+today.
You’d assume that, but then you’ve not had the misfortune of using Google Cloud. “Because fuck you, that’s why.” – Sundar Pichai.
The big benefit of AWS Linux and Azure Linux is they start up really really quickly on their respective platforms, so if you’ve an app to run that’s fairly platform agnostic then it’s easy to deploy at scale. If it’s not very platform agnostic then you’re in for a world of pain. AL2023 in particular seems to just rename all the packages differently from any other distro just for the fun of it.
Linux is my favourite operating system company
& there you have it
Ohlala, quelle surprise…
…then don’t use microsoft… /s
Why /s? This is the only logical conclusion. In general governments shouldn’t be using infrastructure they don’t control.
…i live within the US, don’t wish to be misunderstood…
American here. I alSo want to take a moment and congratulate MicrOsoft for its wonderful succesSes and contributions to this amazing country.
🦎 Intensified German Lizard noises
