Cloud Provider: Zero Trust. You must implement Least Privileged Access everywhere
Me: Okay. You get no access.
Cloud Provider: Not like that! You need to give me ALL the access, so I can know who to give the least access to.
I mean seriously, what's our countdown clock on years until extremely angry actual fascists succeed in getting 100% control of the Amazon and Microsoft corporate networks, either via the boardroom or via the US Presidency?
And then what, they're just going to sit there and not weaponise the information equivalent of a nuclear weapon? They're going to just go "man we could really get our Dark MAGA pogrom on, but, gentlemen don't read each other's hypervisors"
We really think that?
@natecull people don't actually "think" if you drum "cloudy saves money so you get your bonuses" into their collective heads. Even though it's demonstrably wrong.
What really runs me the wrong way is that even before your end game scenario, there is no exit strategy. How do you propose to leave m365 or AWS if you need to for some reason?
Basically Microsoft/Amazon are the new "Nobody ever got fired for buying IBM".
They've somehow become Trusted in industry so if you want to do anything else, you have to first make a watertight case.
If it all explodes and it's Microsoft's fault, well, oh dear but never mind you did the Due Diligence by buying the Market Leader.
@natecull that is exactly right. Getting into the spot vacated by IBM was ms' genius coup.
Interestingly nobody questions it or holds them responsible for the abysmal security situation they've got us in with their wares.
Maybe their fall from grace will be ad swift as IBM's, but there's going to be blood spilled by the cloudsuckers (i.e., literally every large company).
@natecull and normies still think the fact that I'm practically undiscoverable online by my powerword: irlname or my email address, and that there are zero photos of my face on Facebook, is a cute/frustrating quirk.
appropriation of data by the Fourth Reich has always factored heavily into my threat model.
@natecull Yeah, short of practical homomorphic encryption of general computation, we're not getting that sort of hosting anytime soon.
Colocation is better than VPSes as far as that isolation goes, but that only lasts as long as it takes for an employee to physically get to the cabinet.
The original server operated by the Mastodon gGmbH non-profit