<!DOCTYPE html><html><head><title></title><style type="text/css">p.MsoNormal,p.MsoNoSpacing{margin:0}</style></head><body><div>Pretty sure the user stuff gets parsed, like google drive and photos - I'd be very surprised if they messed with the object/disk storage...<br></div><div style="font-family:"Times New Roman", times, serif;"><br></div><div style="font-family:"Times New Roman", times, serif;">James</div><div style="font-family:"Times New Roman", times, serif;"><br></div><div style="font-family:"Times New Roman", times, serif;">On 2020-10-25 14:42 Matthew Scutter wrote:<br></div><blockquote type="cite" id="qt" style=""><div dir="ltr"><div>Going to call a [citation needed] on that, because it reeks of FUD to me.<br></div><div><br></div><div class="qt-gmail_quote"><div dir="ltr" class="qt-gmail_attr">On Sun, Oct 25, 2020 at 1:11 PM Kai <<a href="mailto:vk6ksj@westnet.com.au">vk6ksj@westnet.com.au</a>> wrote:<br></div><blockquote class="qt-gmail_quote" style="margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204, 204, 204);padding-left:1ex;"><div>Hi folks,<br></div><div> <br></div><div> Thank you for all the feedback, greatly appreciated.<br></div><div> <br></div><div> I read an article yesterday which said that in the same way that GMail <br></div><div> parses email content for AI learning and targeting ads, that Google <br></div><div> cloud storage may also index content, including facial recognition, with <br></div><div> any photo's, for behaviour learning and targeted ads.<br></div><div> That's one of the reasons I'm not keen to store data on Google cloud. <br></div><div> They're on a need-to-know basis with my activities.<br></div><div> <br></div><div> Does anyone know if Microsoft, AWS or other providers may allow <br></div><div> themselves access to stored files?<br></div><div> <br></div><div> On 25/10/20 10:25 am, Jacob Taylor wrote:<br></div><div> > An important question to ask is whether you require file storage or <br></div><div> > object storage.<br></div><div> > <br></div><div> > While the S3 portal provides a veneer of a filesystem-style hierarchy, <br></div><div> > S3 is really a key-value object store. If you build an application on S3 <br></div><div> > but use filesystem-style queries ("list all files in a directory" as an <br></div><div> > example), it can end up being very costly.<br></div><div> > <br></div><div> > If you just want a place to upload big files, such as backups, VMs, <br></div><div> > images, and videos, then S3 is ideal.<br></div><div> > <br></div><div> > If you are looking for something that requires a file hierarchy, then it <br></div><div> > might not be appropriate.<br></div><div> > <br></div><div> > To reiterate what Shaun says, the data you put in an S3 bucket mastered <br></div><div> > in the Sydney region (ap-southeast-2) *will not be stored elsewhere* <br></div><div> > unless you explicitly want it to (via cross-region replication or other <br></div><div> > sync methods).<br></div><div> > <br></div><div> > To go into more detail on encryption options:<br></div><div> > <br></div><div> > * Server Side Encryption (SSE): Encryption is done in the S3 service<br></div><div> > itself, you upload/download in plaintext. Comes in a few flavours,<br></div><div> > but they all use the same algorithm (AES-256):<br></div><div> > o SSE-S3: This is the simplest and easiest to use, basically<br></div><div> > turnkey. S3 will use an AWS-managed key in KMS to encrypt your<br></div><div> > files.<br></div><div> > o SSE-KMS: Same as above, however it uses a custom key you manage<br></div><div> > (could be generated on-prem and uploaded, as an example).<br></div><div> > o SSE-C: Encrypts files with a key given to S3 by your application<br></div><div> > at the time of upload, and you cannot download the file without<br></div><div> > providing the same key at the time you request it.<br></div><div> > * Client Side Encryption: Describes any scenario where your<br></div><div> > application encrypts a file prior to uploading, and decrypts after<br></div><div> > downloading.<br></div><div> > <br></div><div> > Disclaimer: I work for AWS<br></div><div> > <br></div><div> > On Sun, Oct 25, 2020 at 12:34 PM Shaun Ewing <<a href="mailto:shaun@shaun.net" target="_blank">shaun@shaun.net</a> <br></div><div> > <mailto:<a href="mailto:shaun@shaun.net" target="_blank">shaun@shaun.net</a>>> wrote:<br></div><div> > <br></div><div> > Data uploaded to S3 will stay entirely within a region unless you<br></div><div> > explicitly configure cross-region replication.____<br></div><div> > <br></div><div> > __ __<br></div><div> > <br></div><div> > There’s a bunch of encryption options including Amazon S3-Managed<br></div><div> > Keys and customer provided keys.____<br></div><div> > <br></div><div> > __ __<br></div><div> > <br></div><div> > (Disclosure: I work for AWS)____<br></div><div> > <br></div><div> > __ __<br></div><div> > <br></div><div> > *From:*AusNOG <<a href="mailto:ausnog-bounces@lists.ausnog.net" target="_blank">ausnog-bounces@lists.ausnog.net</a><br></div><div> > <mailto:<a href="mailto:ausnog-bounces@lists.ausnog.net" target="_blank">ausnog-bounces@lists.ausnog.net</a>>> *On Behalf Of *Giles Pollock<br></div><div> > *Sent:* Sunday, 25 October 2020 12:08 PM<br></div><div> > *To:* Kai <<a href="mailto:vk6ksj@westnet.com.au" target="_blank">vk6ksj@westnet.com.au</a> <mailto:<a href="mailto:vk6ksj@westnet.com.au" target="_blank">vk6ksj@westnet.com.au</a>>><br></div><div> > *Cc:* Ausnog <<a href="mailto:ausnog@lists.ausnog.net" target="_blank">ausnog@lists.ausnog.net</a> <mailto:<a href="mailto:ausnog@lists.ausnog.net" target="_blank">ausnog@lists.ausnog.net</a>>><br></div><div> > *Subject:* Re: [AusNOG] Australian based cloud storage____<br></div><div> > <br></div><div> > __ __<br></div><div> > <br></div><div> > Amazon have a region, ap-southeast-2 which is Sydney based. Can't<br></div><div> > comment whether stuff that goes into s3 gets replicated elsewhere, I<br></div><div> > believe you can set the class so it doesn't, but you'd need to talk<br></div><div> > to someone at AWS to confirm. ____<br></div><div> > <br></div><div> > __ __<br></div><div> > <br></div><div> > On Sun, 25 Oct 2020, 12:02 Kai, <<a href="mailto:vk6ksj@westnet.com.au" target="_blank">vk6ksj@westnet.com.au</a><br></div><div> > <mailto:<a href="mailto:vk6ksj@westnet.com.au" target="_blank">vk6ksj@westnet.com.au</a>>> wrote:____<br></div><div> > <br></div><div> > Hi folks,<br></div><div> > <br></div><div> > Happy weekend.<br></div><div> > I'm searching for Australian based cloud storage.<br></div><div> > <br></div><div> > Google, Microsoft and the other big names might have cache<br></div><div> > server here<br></div><div> > but the data is also stored overseas, I'm looking for providers who<br></div><div> > either allow you to choose your cloud storage location, or only<br></div><div> > have<br></div><div> > hosting within Australia, and have storage which is encrypted.<br></div><div> > <br></div><div> > Any feedback is welcome.<br></div><div> > <br></div><div> > Cheers<br></div><div> > Kai<br></div><div> > _______________________________________________<br></div><div> > AusNOG mailing list<br></div><div> > <a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a> <mailto:<a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a>><br></div><div> > <a href="http://lists.ausnog.net/mailman/listinfo/ausnog____" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog____</a><br></div><div> > <br></div><div> > _______________________________________________<br></div><div> > <br></div><div> > ____<br></div><div> > <br></div><div> > AusNOG mailing list<br></div><div> > <br></div><div> > ____<br></div><div> > <br></div><div> > <a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a> <mailto:<a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a>><br></div><div> > <br></div><div> > ____<br></div><div> > <br></div><div> > <a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br></div><div> > <br></div><div> > ____<br></div><div> > <br></div><div> > _______________________________________________<br></div><div> > AusNOG mailing list<br></div><div> > <a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a> <mailto:<a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a>><br></div><div> > <a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br></div><div> > <br></div><div> _______________________________________________<br></div><div> AusNOG mailing list<br></div><div> <a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br></div><div> <a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br></div></blockquote></div></div><div>_______________________________________________<br></div><div>AusNOG mailing list<br></div><div><a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br></div><div><a href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br></div><div><br></div></blockquote><div style="font-family:"Times New Roman", times, serif;"><br></div></body></html>