Its late in 2024, and its time to recap the transitions in the technology space for Internet and web security. I’ve been reading the Internet Society’s pulse pages, and it gets me thinking…
HTTPS: generally this is well deployed with 97% of top 1000 web sites. But conversely, some 30 web sites don’t think the integrity (let alone the privacy) of data transfer from/to their web site is worth the effort? Here’s looking at you, Australia BOM, still force redirecting clients to unencrypted HTTP, particularly in light of your security incidents and increased funding for cyber security over the last decade.
TLS 1.3: Introduced in 2018, it only started taking off in 2019, and now sites as being available on 80% of the top 1000 sites. That’s some 200 sites that haven’t had the upgrade from older versions, which is almost exclusively TLS 1.2 (even older versions are gone, luckily).
HTTP/3: Based on a UDP transport instead of TCP, its seen a massive DROP in usage in the top 1000 with sites switching back to HTTP/2.
IPv6: Now sitting around 45%. For me, this is a trivial item to enable on Cloud; but some Internet Access Providers (ISPs, Telcos) are sweating their existing installations instead of moving their engineering forward (hello Optus: is IPv6 still not Yes!).
For me, these four technologies are a baseline implementation that do not add significant additional cost for operations, but provide speed, security, and connectivity enhancements.
I always recommend tools like SSLLabs.com, SecurityHeaders.com, Hardenize.com, and SSL.sh to test your services and help improve your delivery. If your web service misses these items, then you may need to consider upskilling your team or service provider, or switching your telco/carrier.
30 years ago, in 1994, I started studying at The University of Western Australia (UWA). At the start of the semester, an Orientation Day (O-Day) is held, where the various student clubs would try and recruit members.
Starting as a Computer Science student, I gravitated towards the University Computer Club stand, and signed up to become a member for a few dollars. Founded in 1974, it pre-dates and outlasts the famed Homebrew Computer Club (1975 – 1986), and even pre-dates the UWA Department of Computer Science.
This year the club turns 50, and a dinner was held.
Dr Andrew Williams on stage at the UCC 50th, University Club, UWA
Around 90 past and present members met for dinner at The UWA University Club function centre to reminisce, celebrate, and look forward to the future.
One key element to the ongoing success of a student club is having a space to congregate and to store equipment. Without a physical space that can be the club, it becomes very ephemeral, and often organisations disappear. The UWA Student Gild has supported the UCC with space for most of the 50 year history, and since the early 1990s, this has been a large space in the loft of Cameron Hall.
The UCC as seen from above, with Michael Deegan, James Bromberger and Shay Telfer, on the night of the UCC 50th anniversary dinnerThe UCC at UWA, on the night of the 50th anniversary, 21 Sept 2024.
In the above, you can see a green roof space on the left hand side: this is the UCC Machine Room. A few of us built this space around 1996 in order to house some of the servers that we had acquired, and to duct the air-conditioning (hanging from a window) to keep them cool. Nearly 30 years later, this structure is still standing, make from wood purchased from Bunnings, and a pair of frosted glass doors acquired from a recycling center in Bayswater.
On the shelves you can see manuals – lots of them, for things like BeOS, NextStep, various programming languages, Sun hardware, IBM hardware, On the shelfs is various hardware, cables, connectors and adaptors. On the tables are terminals, 3d printers, soldering irons, disk packs, tape reels, half built robot brains — spanning decades of technology changes. Posters from events past and present adorn surfaces, encouraging participation in activities, experimentation in software and hardware, and more.
One thing clear from the pictures shown is the impact technology ha had on our society. In 1994 I had a digital camera, a Kodak DC40. I took, stored and retained many photos, straight to digital, when most people were still using film (and taking that film to their local pharmacist/chemist to process/print???!). Today, everyone uses digital photography, mostly form their phones. Its normalised, ubiquitous, and the incremental cost for an image is practically zero (just the storage costs of the data produced). The quality is good today compared with 30 years ago.
Dr Williams (above) was one of the first in the world to put a CCD camera on the end of a telescope at the WA Observatory to record images, leading to many observations that would have historically been missed (not to mention, the flexibility to be one of the first astronomers to be working from home on cold nights).
Along one wall is a framed colour picture, taken by a West Australian newspaper photographer around 1997 or so. It shows a series of old IBM 360 cabinets – parts of a large mainframe computer, that was being disposed of from the UWA storage facility in the suburb of Shenton Park. Many old computers had names; this one was called Ben. It had been donated to the UCC well before my arrival, but now the time had come that this storage facility was being repurposed, and Ben had to go. Luckily it was being donated to a museum collector, and over the years I believe it made its way to the Living Computer Museum in Seattle.
But sitting on the wall of the UCC for the last 30 years has been my picture. Watching thousands of UCCans arrive fresh faced, and seen them learn, connect and evolve into some of the individuals who have powered organisations like Apple, Google, Amazon, Shell, BHP, Rio Tinto, The Square Kilometer Array, and many more.
I served as UCC President in 1996, and I helped organise the UCC’s 18th anniversary, 21st, and 25th. Now at 50, its clear that having the physical space to meet – and eat pizza, discuss news, share tips and skills – has been a key part of the longevity of the UCC.
In 2013 I was presenting to representatives of the South Australian government on the benefits of AWS Cloud. Security was obviously a prime consideration, and my role as the (only) AWS Security Solution Architect for Australia and New Zealand meant that this was a long discussion.
Clearly the shared responsibility model for cloud was a key driver, and continues to be so.
But the question came up: “We’re government, we need our own Region“. At that time, the US had just made its first US GovCloud in August of 2011. I knew then that the cost for a private region then was around US$600M, before you spun up your first (billed) workload.
The best thing about public cloud is, with the safeguards in place around tenant isolation, there are a whole bunch of costs that get shared amongst all users. The more users, the less cost impact per individual. At scale, many things considered costly for one individual, become almost free.
Private AWS Regions are another story: there is not a huge client base to share these costs across. With a single tenant, that tenant pays 100% of the cost. But then that tenant can demand stricter controls, encryption and security protocols, etc.
This difference will perhaps be reflected in the individual unit costs (eg, per EC2 instance per hour, etc).
Numerous secret regions have been created since 2013, such as the Mercury Veil Project for the CIA’s secret AWS Cloud Region.
Today we have two more interesting private regions currently being commissioned: the previously announced European Sovereign Region, and today, the Australian Secret Region at an initial AUD$2B cost.
After 11 years, the cost of a private (dedicated) Region has seemingly increased 333%.
If you thought cloud skills were getting passe, then there’s a top secret world that’s about to take off.
If there is one thing that Cloud customers look for, it is long term availability and stability of the Cloud.
Not only cannot it not go down, but it needs to be long-term sustainable for the provider to operate. And so it comes as some surprise to me that Alibaba has decided to shutter its Regions in India and Australia, according to an article on The Register.
To me this is a clear signal that Alibaba does not want important, long term engagements with customers, anywhere. If they can close these Regions and tell their customers to get out or lose their data, then they can do this in any other Region.
The cost to play the Cloud Provider game is high, and the optics are critical.
This reminds me of the statements made by Google in 2018 , as CNBC reported:
In early 2018, top executives at Alphabet debated whether the company should leave the public cloud business, but eventually set a goal of becoming a top-two player by 2023, according to a report from The Information on Tuesday.
CNBC
Any kinds of indication that the Cloud Provider is not committed long term (multi decade) to being a cloud provider is going to limit the customers trust. of course, the providers then just address the optics by providing statistics slide and diced in such a way as to how them in a favourable light, or including stuff that’s not really cloud in their revenue reporting lines, like software licences.
It’s best to stick to independent industry analysts views of the leaders in the Cloud market place, and to understand the perspective of global versus within a specific country.
If there are any soon-to-be-former Alibaba clients in India or Australia who are now somewhat alarmed at the rug pull from under them, please reach out and I can put you in touch with teams of experts who can help migrate your workloads. See also, my AWS Cloud Migration Consideration series.
Pretty easy to see: time flies pretty quickly if you’re doing what you love. Cloud has been such a change to the IT service delivery industry. For those in the AWS ecosystem, there’s a group of senior experts in the partner (professional & managed services) community, there’s some telling numbers in the statistics, when looking at the AWS Partner Ambassadors.
Universally seen as the original program for the expert engineers in the AWS partners in Australia and New Zealand was called the Cloud Warrior program; this morphed into the Partner Ambassador program in 2017.
Formally, this pre-dates the AWS Community Heroes program by several years.
Perusing the participants of this program sorted by date, who in 2024 are still there, we notice that the Australian Ambassadors are still prevalent:
Country of the original and still active AWS Ambassadors, at April 2024
Incidentally, there are three listed with a start date of 2017: Greg Cockburn, Jem Richards and myself — that’s 7 years! And if you expand the view of older Ambassadors to those that joined in 2017 or 2018 and are still active, you see the majority are also from Australia. That’s the core of the AmbassadAussies.
Et ansi? (So what?)
Cloud has a deep history in Australia now, and Australia has a rich history of adopting new technologies and technical expertise. It’s a country where many new technologies are tested, before being “reinvented” in the European or US Markets.
Even though these individuals may work for different organisations during the day, but as engineers, we’re also esteemed peers and friends. We’ve all crossed paths many times in the IT industry over the last few decades.
Greg Cockburn & James Bromberger in Sydney, 2024
Helpfully we have seen some of the Ambassadors having written books, many have written blog posts and articles that have helped guide the industry into the secure and reliable use of AWS Cloud.
All of this helps give knowledge and confidence in to the industry. While my favourite topics are the continuing roll out of IPv6, ever increasing security controls, stronger crypto options, and better managed technical services, the Ambassador group covers nearly all topics, at a level that helps advance the state of the AWS Cloud. And as a community its key to embrace all. No one company has a monopoly on good ideas.
