Still Think the Cloud is Secure?

[DontAsk]

Amazon stuck with months of repairs after drone strikes on data centers

AWS stops billing Middle East cloud customers as repairs to war damage drag on.

arstechnica.com

"unable to support customer applications", "AWS expects the full restoration of cloud services to potentially take half a year", etc,...

Always make sure you have a backup and disaster recovery plan and remember: if you don't own the server you don't own the data.

 

[gpietersz]

A war is understandable.

If you want AWS to be resilient in the face of something like this you need to use it appropriately. Use multiple regions so if one goes down.

What is more of a problem IMO is the very poor track record of some cloud services. AWS US East, for example. SaaS which people use to save a bit of hassle running their own server is a lot worse: have you looked at Github uptime recently? Scarely a week goes by without an incident. I get better uptime running my own repos (Fossil, not git, which makes it easier).

 

[Paul Kelly ICHYB]

Surely one of the benefits of AWS is if your region goes down, you can set it up to fall over to another one?

 

[DontAsk]

Surely one of the benefits of AWS is if your region goes down, you can set it up to fall over to another one?

You would think so but the advice from AWS for customers to migrate suggests many do not have such a set-up. Maybe the cost?

 

[fisicx]

Surely one of the benefits of AWS is if your region goes down, you can set it up to fall over to another one?

Yes but some of the key nodes are in US East. If that falls over everything else can collapse. But they might have fixed it now.

 

[gpietersz]

Surely one of the benefits of AWS is if your region goes down, you can set it up to fall over to another one?

Yes, but you have to set it up. Not everyone does. I have come across a lot of people using AWS as essentially an expensive VPS. As @DontAsk says the advice to migrate suggests this is common, if not usual.

If you do the work to set up systems that failover, will be better off using multiple suppliers rather than just one. Otherwise you are vulnerable to things like this: https://www.theregister.com/2024/05/09/unisuper_google_cloud_outage_caused/

 

[gpietersz]

Just to clarify my last comment. The case in the link would have been a lot worse if the regulator had not required they had two cloud providers.

 

[gpietersz]

Yes but some of the key nodes are in US East. If that falls over everything else can collapse. But they might have fixed it now.

I do not know about broader ramifications, but AWS East had another issue this week that took them more than 24 hours to resolve: https://health.aws.amazon.com/health/status?t=2026-05-07

 

[Gill Courage]

“The cloud” is another name for “somebody else’s computer”. Always keep your own backups.

 

[Craig3141]

And add to the fact that AI keeps being given permissions and deleting stuff. I want airgapped backups as a service from my cloud files but hard to find at the consumer/prosumer level. I think you have to be big corporate.

 

[gpietersz]

And add to the fact that AI keeps being given permissions and deleting stuff. I want airgapped backups as a service from my cloud files but hard to find at the consumer/prosumer level. I think you have to be big corporate.

Use a different provider for backups. its safer anyway as it protects you against the account with the cloud provider getting compromised. I have used many things for this on different projects: Backblaze B2, rsync.net, just a VPS with lots of storage, a local device. All provide some protection for a compromise affecting backups.

The safest is probably pull backup which the first two do not do - but they do keep recent backups as well as the current one so unless they are compromised as well as your server you are fine.

 

[ctrlbrk]

And add to the fact that AI keeps being given permissions and deleting stuff. I want airgapped backups as a service from my cloud files but hard to find at the consumer/prosumer level. I think you have to be big corporate.

I use Mega for remote backups (https://mega.io/).

This service offers two options: sync or backup. With backup you can't accidentally delete the remote backup even if you own it, which is pretty good.

 

[fisicx]

And add to the fact that AI keeps being given permissions and deleting stuff. I want airgapped backups as a service from my cloud files but hard to find at the consumer/prosumer level. I think you have to be big corporate.

Just stop using anything cloudy. Problem solved.

 

[Craig3141]

I do backup to gdrive abd one drive. I don't trust the permission based you can't delete, could have permissions edited, I also back up to an external hard drive but the problem with the airgapped offline service is that it is all in my house not offside. I'd love a offline as a service where I could send data via cloud abd hace ut stored via airgapped tape or unplugged hard drives or something.