Here comes the 'Five Eyes' fallout: Last month, the so-called Five Eyes nations of the US, UK, Canada, New Zealand and Australia held their latest meeting on intelligence-sharing and cybersecurity matters. While the subject of law enforcement's ability to access encrypted messages was expected to be a focal point of the meeting, an official post-mortem said very little about it.
Some weeks later, the encryption debate is about to ramp up, with Australia's government proposing a new law that would compel companies such as Google to decrypt messages from alleged terrorists and other types of criminals, as the AP reports:
The new law would be modeled on Britain’s Investigatory Powers Act, which was passed by the British Parliament in November and gave intelligence agencies some of the most extensive surveillance powers in the Western world, the government said.
Under the law, internet companies would have the same obligations telephone companies do to help law enforcement agencies, Prime Minister Malcolm Turnbull said. Law enforcement agencies would need warrants to access the communications.
“We’ve got a real problem in that the law enforcement agencies are increasingly unable to find out what terrorists and drug traffickers and pedophile rings are up to because of the very high levels of encryption,” Turnbull told reporters.
“Where we can compel it, we will, but we will need the cooperation from the tech companies,” he added.
POV: "I am sympathetic to government and law enforcement's interest—on the surface—to access the telecommunications of wrongdoers and suspects, just as they do conventionally," says Constellation VP and principal analyst Steve Wilson. "But the reality is that cloud service providers have been under more and more pressure to remove themselves from the business affairs of their tenants. And the upshot has been encryption protocols where the keys are under control of the tenants. Several providers have moved to the same posture: We couldn't decode your data even if we wanted to."
That of course means that law enforcement would have to serve a warrant on clients, not cloud providers, Wilson notes: "It's important to see that this is not about encryption protocols but key management protocols. The cloud providers don't have the keys. So when governments say they insist that conventional rule of law applies to tech providers, do they appreciate how the technology works?"
It's easy to see a scenario where law enforcement demands data concerning a certain client, and then cloud providers simply hand them encrypted files, which officials would then have to crack on their own. Alternatively, is the government's intent to make cloud providers change their business models in order to retain clients' keys? "That's the only way to access suspects' data without a crypto backdoor," Wilson says.
Rimini Street makes tactical shift in Oracle suit appeal: Independent software support provider Rimini Street has taken a new legal tack in its appeal of a copyright judgment Oracle won against it in 2015, with its lawyer telling an appeals court that the dispute really is about contractual rights, as the Register reports:
The case hinges on Rimini Street's 2010 decision to host Oracle software on its own servers, as well as "cloning" that software and making it available to multiple customers.
The smaller company accepted some of the charges against it, saying it will pay $35.6m for "innocently infringing the software", but appealed against the rest following the October 2016 judgment.
Oral arguments in the case were heard by three judges in the Ninth Circuit yesterday, where Rimini's lawyer Mark Perry argued that the case should come under contractural – not copyright – laws.
Perry said that a "single fundamental error infected and pervaded the entire copyright case", arguing that Rimini should have been allowed to copy the software for its clients, as they had paid licence fees.
POV: The Oracle-Rimini Street case is complicated, and it's fairly easy to go deep into a rabbit hole in the course of understanding all of the issues and arguments. But it's also an important case to follow, given Rimini's status as the face of the third-party maintenance market.
IBM Watson's performance under Wall Street's microscope: IBM has generated plenty of hype around its Watson cognitive computing technology, but questions remain about how much Watson is delivering in terms of revenue, equity analyst firm Jefferies argues in a new, in-depth report.
While IBM has issued 200 press releases with Watson in the headline since 2013, and spent $15 billion on cognitive computing development between 2010 and 2015, "the company has been very circumspect about sharing financial information about Watson," analyst James Kisner writes.
Moreover, while Watson is one of the most complete off-the-shelf platforms in the market, it requires quite a bit of consulting services, and IBM is also being outgunned in the competition for AI talent by the likes of Amazon, Microsoft and Google, he argues.
Azure gets nested virtualization: Microsoft added support for nested virtualization in Windows Server 2016, but it's only now that the capability is available on the Azure cloud platform.
Nested virtualization is just what it sounds like: You can use it to run a hypervisor and VMs inside a VM. Why would you want to do that? There are multiple reasons, as Microsoft notes in a blog post announcing the new feature:
Such nested environment provides great flexibility in supporting your needs in various areas such as development, testing, customer training, demo, etc. For example, suppose you have a testing team using Hyper-V hosts on-prem today. They can now easily move their workloads to Azure by using nested VMs as virtualized test machines.
You could also use nested virtualization to run pre-production code on a server used by multiple users without impacting them, Microsoft adds.
POV: The public cloud war is being waged on multiple fronts: Cost, global availability and performance, and feature richness. Nested virtualization might be a bit in-the-weeds on its face, but its something that Microsoft shops large and small will find an appealing addition to Azure. Given the feature's sweet spots, it will also help customers build an on-ramp to using Azure more widely.
