<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>Agreed, I think there's a significant distinction between
      free/"token payment" user grade "cloud storage" (iCloud, google
      drive, consumer onedrive etc) and business grade object storage
      (AWS S3, Azure Storage, Google Cloud Storage, Wasabi, etc etc).
      I'd want to check the references in your article to see exactly
      which "Google" services they are talking about.<br>
    </p>
    <p>Not having seen the article, its is not necessarily "FUD", but
      perhaps highlights that the free consumer services may analyse the
      data to provide searching or other convenience features, as well
      as perhaps extracting data to improve advertising to cover the
      cost of the free service.<br>
    </p>
    <p>AWS maintains data security certifications/accreditation,
      frequently audits their infrastructure. They use their KMS service
      to maintain encryption at rest keys that only your account has
      access to. I'm sure Azure and Google Cloud do much the same.</p>
    <p>I can also confirm that AWS S3 stores objects only in the region
      you specify (by default replicated to multiple sites (availability
      zones) in the same region, I think you can now also set up
      automated replication to other regions). I'm also sure Azure lets
      you specify where data resides (though note Azure/AWS terminology
      around regions/zones are very different). Both allow organisations
      to meet their data residency requirements.</p>
    <p><a class="moz-txt-link-freetext" href="https://aws.amazon.com/compliance/">https://aws.amazon.com/compliance/</a><br>
<a class="moz-txt-link-freetext" href="https://azure.microsoft.com/en-au/overview/trusted-cloud/compliance/">https://azure.microsoft.com/en-au/overview/trusted-cloud/compliance/</a><br>
      <a class="moz-txt-link-freetext" href="https://cloud.google.com/security/compliance">https://cloud.google.com/security/compliance</a><br>
    </p>
    On 25/10/20 3:58 pm, James Hodgkinson wrote:<br>
    <blockquote type="cite"
      cite="mid:a8a9a9d3-433e-4e4d-8a3e-ae1bb7feb47e@www.fastmail.com">
      <meta http-equiv="content-type" content="text/html; charset=UTF-8">
      <title></title>
      <style type="text/css">p.MsoNormal,p.MsoNoSpacing{margin:0}</style>
      <div>Pretty sure the user stuff gets parsed, like google drive and
        photos - I'd be very surprised if they messed with the
        object/disk storage...<br>
      </div>
      <div style="font-family:"Times New Roman", times,
        serif;"><br>
      </div>
      <div style="font-family:"Times New Roman", times,
        serif;">James</div>
      <div style="font-family:"Times New Roman", times,
        serif;"><br>
      </div>
      <div style="font-family:"Times New Roman", times,
        serif;">On 2020-10-25 14:42 Matthew Scutter wrote:<br>
      </div>
      <blockquote type="cite" id="qt" style="">
        <div dir="ltr">
          <div>Going to call a [citation needed] on that, because it
            reeks of FUD to me.<br>
          </div>
          <div><br>
          </div>
          <div class="qt-gmail_quote">
            <div dir="ltr" class="qt-gmail_attr">On Sun, Oct 25, 2020 at
              1:11 PM Kai <<a href="mailto:vk6ksj@westnet.com.au"
                moz-do-not-send="true">vk6ksj@westnet.com.au</a>>
              wrote:<br>
            </div>
            <blockquote class="qt-gmail_quote"
style="margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,
              204, 204);padding-left:1ex;">
              <div>Hi folks,<br>
              </div>
              <div> <br>
              </div>
              <div> Thank you for all the feedback, greatly appreciated.<br>
              </div>
              <div> <br>
              </div>
              <div> I read an article yesterday which said that in the
                same way that GMail <br>
              </div>
              <div> parses email content for AI learning and targeting
                ads, that Google <br>
              </div>
              <div> cloud storage may also index content, including
                facial recognition, with <br>
              </div>
              <div> any photo's, for behaviour learning and targeted
                ads.<br>
              </div>
              <div> That's one of the reasons I'm not keen to store data
                on Google cloud. <br>
              </div>
              <div> They're on a need-to-know basis with my activities.<br>
              </div>
              <div> <br>
              </div>
              <div> Does anyone know if Microsoft, AWS or other
                providers may allow <br>
              </div>
              <div> themselves access to stored files?<br>
              </div>
              <div> <br>
              </div>
              <div> On 25/10/20 10:25 am, Jacob Taylor wrote:<br>
              </div>
              <div> > An important question to ask is whether you
                require file storage or <br>
              </div>
              <div> > object storage.<br>
              </div>
              <div> > <br>
              </div>
              <div> > While the S3 portal provides a veneer of a
                filesystem-style hierarchy, <br>
              </div>
              <div> > S3 is really a key-value object store. If you
                build an application on S3 <br>
              </div>
              <div> > but use filesystem-style queries ("list all
                files in a directory" as an <br>
              </div>
              <div> > example), it can end up being very costly.<br>
              </div>
              <div> > <br>
              </div>
              <div> > If you just want a place to upload big files,
                such as backups, VMs, <br>
              </div>
              <div> > images, and videos, then S3 is ideal.<br>
              </div>
              <div> > <br>
              </div>
              <div> > If you are looking for something that requires
                a file hierarchy, then it <br>
              </div>
              <div> > might not be appropriate.<br>
              </div>
              <div> > <br>
              </div>
              <div> > To reiterate what Shaun says, the data you put
                in an S3 bucket mastered <br>
              </div>
              <div> > in the Sydney region (ap-southeast-2) *will not
                be stored elsewhere* <br>
              </div>
              <div> > unless you explicitly want it to (via
                cross-region replication or other <br>
              </div>
              <div> > sync methods).<br>
              </div>
              <div> > <br>
              </div>
              <div> > To go into more detail on encryption options:<br>
              </div>
              <div> > <br>
              </div>
              <div> >   * Server Side Encryption (SSE): Encryption is
                done in the S3 service<br>
              </div>
              <div> >     itself, you upload/download in plaintext.
                Comes in a few flavours,<br>
              </div>
              <div> >     but they all use the same
                algorithm (AES-256):<br>
              </div>
              <div> >       o SSE-S3: This is the simplest and
                easiest to use, basically<br>
              </div>
              <div> >         turnkey. S3 will use an AWS-managed key
                in KMS to encrypt your<br>
              </div>
              <div> >         files.<br>
              </div>
              <div> >       o SSE-KMS: Same as above, however it uses
                a custom key you manage<br>
              </div>
              <div> >         (could be generated on-prem and
                uploaded, as an example).<br>
              </div>
              <div> >       o SSE-C: Encrypts files with a key given
                to S3 by your application<br>
              </div>
              <div> >         at the time of upload, and you cannot
                download the file without<br>
              </div>
              <div> >         providing the same key at the time you
                request it.<br>
              </div>
              <div> >   * Client Side Encryption: Describes any
                scenario where your<br>
              </div>
              <div> >     application encrypts a file prior to
                uploading, and decrypts after<br>
              </div>
              <div> >     downloading.<br>
              </div>
              <div> > <br>
              </div>
              <div> > Disclaimer: I work for AWS<br>
              </div>
              <div> > <br>
              </div>
              <div> > On Sun, Oct 25, 2020 at 12:34 PM Shaun Ewing
                <<a href="mailto:shaun@shaun.net" target="_blank"
                  moz-do-not-send="true">shaun@shaun.net</a> <br>
              </div>
              <div> > <mailto:<a href="mailto:shaun@shaun.net"
                  target="_blank" moz-do-not-send="true">shaun@shaun.net</a>>>
                wrote:<br>
              </div>
              <div> > <br>
              </div>
              <div> >     Data uploaded to S3 will stay entirely
                within a region unless you<br>
              </div>
              <div> >     explicitly configure cross-region
                replication.____<br>
              </div>
              <div> > <br>
              </div>
              <div> >     __ __<br>
              </div>
              <div> > <br>
              </div>
              <div> >     There’s a bunch of encryption options
                including Amazon S3-Managed<br>
              </div>
              <div> >     Keys and customer provided keys.____<br>
              </div>
              <div> > <br>
              </div>
              <div> >     __ __<br>
              </div>
              <div> > <br>
              </div>
              <div> >     (Disclosure: I work for AWS)____<br>
              </div>
              <div> > <br>
              </div>
              <div> >     __ __<br>
              </div>
              <div> > <br>
              </div>
              <div> >     *From:*AusNOG <<a
                  href="mailto:ausnog-bounces@lists.ausnog.net"
                  target="_blank" moz-do-not-send="true">ausnog-bounces@lists.ausnog.net</a><br>
              </div>
              <div> >     <mailto:<a
                  href="mailto:ausnog-bounces@lists.ausnog.net"
                  target="_blank" moz-do-not-send="true">ausnog-bounces@lists.ausnog.net</a>>>
                *On Behalf Of *Giles Pollock<br>
              </div>
              <div> >     *Sent:* Sunday, 25 October 2020 12:08 PM<br>
              </div>
              <div> >     *To:* Kai <<a
                  href="mailto:vk6ksj@westnet.com.au" target="_blank"
                  moz-do-not-send="true">vk6ksj@westnet.com.au</a>
                <mailto:<a href="mailto:vk6ksj@westnet.com.au"
                  target="_blank" moz-do-not-send="true">vk6ksj@westnet.com.au</a>>><br>
              </div>
              <div> >     *Cc:* Ausnog <<a
                  href="mailto:ausnog@lists.ausnog.net" target="_blank"
                  moz-do-not-send="true">ausnog@lists.ausnog.net</a>
                <mailto:<a href="mailto:ausnog@lists.ausnog.net"
                  target="_blank" moz-do-not-send="true">ausnog@lists.ausnog.net</a>>><br>
              </div>
              <div> >     *Subject:* Re: [AusNOG] Australian based
                cloud storage____<br>
              </div>
              <div> > <br>
              </div>
              <div> >     __ __<br>
              </div>
              <div> > <br>
              </div>
              <div> >     Amazon have a region, ap-southeast-2 which
                is Sydney based. Can't<br>
              </div>
              <div> >     comment whether stuff that goes into s3
                gets replicated elsewhere, I<br>
              </div>
              <div> >     believe you can set the class so it
                doesn't, but you'd need to talk<br>
              </div>
              <div> >     to someone at AWS to confirm. ____<br>
              </div>
              <div> > <br>
              </div>
              <div> >     __ __<br>
              </div>
              <div> > <br>
              </div>
              <div> >     On Sun, 25 Oct 2020, 12:02 Kai, <<a
                  href="mailto:vk6ksj@westnet.com.au" target="_blank"
                  moz-do-not-send="true">vk6ksj@westnet.com.au</a><br>
              </div>
              <div> >     <mailto:<a
                  href="mailto:vk6ksj@westnet.com.au" target="_blank"
                  moz-do-not-send="true">vk6ksj@westnet.com.au</a>>>
                wrote:____<br>
              </div>
              <div> > <br>
              </div>
              <div> >         Hi folks,<br>
              </div>
              <div> > <br>
              </div>
              <div> >         Happy weekend.<br>
              </div>
              <div> >         I'm searching for Australian based
                cloud storage.<br>
              </div>
              <div> > <br>
              </div>
              <div> >         Google, Microsoft and the other big
                names might have cache<br>
              </div>
              <div> >         server here<br>
              </div>
              <div> >         but the data is also stored overseas,
                I'm looking for providers who<br>
              </div>
              <div> >         either allow you to choose your cloud
                storage location, or only<br>
              </div>
              <div> >         have<br>
              </div>
              <div> >         hosting within Australia, and have
                storage which is encrypted.<br>
              </div>
              <div> > <br>
              </div>
              <div> >         Any feedback is welcome.<br>
              </div>
              <div> > <br>
              </div>
              <div> >         Cheers<br>
              </div>
              <div> >         Kai<br>
              </div>
              <div> >       
                 _______________________________________________<br>
              </div>
              <div> >         AusNOG mailing list<br>
              </div>
              <div> >         <a
                  href="mailto:AusNOG@lists.ausnog.net" target="_blank"
                  moz-do-not-send="true">AusNOG@lists.ausnog.net</a>
                <mailto:<a href="mailto:AusNOG@lists.ausnog.net"
                  target="_blank" moz-do-not-send="true">AusNOG@lists.ausnog.net</a>><br>
              </div>
              <div> >         <a
                  href="http://lists.ausnog.net/mailman/listinfo/ausnog____"
                  rel="noreferrer" target="_blank"
                  moz-do-not-send="true">http://lists.ausnog.net/mailman/listinfo/ausnog____</a><br>
              </div>
              <div> > <br>
              </div>
              <div> >   
                 _______________________________________________<br>
              </div>
              <div> > <br>
              </div>
              <div> >     ____<br>
              </div>
              <div> > <br>
              </div>
              <div> >     AusNOG mailing list<br>
              </div>
              <div> > <br>
              </div>
              <div> >     ____<br>
              </div>
              <div> > <br>
              </div>
              <div> >     <a href="mailto:AusNOG@lists.ausnog.net"
                  target="_blank" moz-do-not-send="true">AusNOG@lists.ausnog.net</a> 
                <mailto:<a href="mailto:AusNOG@lists.ausnog.net"
                  target="_blank" moz-do-not-send="true">AusNOG@lists.ausnog.net</a>><br>
              </div>
              <div> > <br>
              </div>
              <div> >     ____<br>
              </div>
              <div> > <br>
              </div>
              <div> >     <a
                  href="http://lists.ausnog.net/mailman/listinfo/ausnog"
                  rel="noreferrer" target="_blank"
                  moz-do-not-send="true">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
              </div>
              <div> > <br>
              </div>
              <div> >     ____<br>
              </div>
              <div> > <br>
              </div>
              <div> >   
                 _______________________________________________<br>
              </div>
              <div> >     AusNOG mailing list<br>
              </div>
              <div> >     <a href="mailto:AusNOG@lists.ausnog.net"
                  target="_blank" moz-do-not-send="true">AusNOG@lists.ausnog.net</a>
                <mailto:<a href="mailto:AusNOG@lists.ausnog.net"
                  target="_blank" moz-do-not-send="true">AusNOG@lists.ausnog.net</a>><br>
              </div>
              <div> >     <a
                  href="http://lists.ausnog.net/mailman/listinfo/ausnog"
                  rel="noreferrer" target="_blank"
                  moz-do-not-send="true">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
              </div>
              <div> > <br>
              </div>
              <div> _______________________________________________<br>
              </div>
              <div> AusNOG mailing list<br>
              </div>
              <div> <a href="mailto:AusNOG@lists.ausnog.net"
                  target="_blank" moz-do-not-send="true">AusNOG@lists.ausnog.net</a><br>
              </div>
              <div> <a
                  href="http://lists.ausnog.net/mailman/listinfo/ausnog"
                  rel="noreferrer" target="_blank"
                  moz-do-not-send="true">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
              </div>
            </blockquote>
          </div>
        </div>
        <div>_______________________________________________<br>
        </div>
        <div>AusNOG mailing list<br>
        </div>
        <div><a href="mailto:AusNOG@lists.ausnog.net"
            moz-do-not-send="true">AusNOG@lists.ausnog.net</a><br>
        </div>
        <div><a href="http://lists.ausnog.net/mailman/listinfo/ausnog"
            moz-do-not-send="true">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
        </div>
        <div><br>
        </div>
      </blockquote>
      <div style="font-family:"Times New Roman", times,
        serif;"><br>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <pre class="moz-quote-pre" wrap="">_______________________________________________
AusNOG mailing list
<a class="moz-txt-link-abbreviated" href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>
<a class="moz-txt-link-freetext" href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a>
</pre>
    </blockquote>
  </body>
</html>