In 2004, I was living in London, and decided it was time I had my own little virtual private server somewhere online. As a Debian developer since the start of 2000, it had to be Debian, and it still is…
This was before “cloud” as we know it today. Virtual Private Servers (VPS) was a new industry, providing root login to virtual servers that individuals could rent. And so I started being a client of Bytemark, who in turn offered me a discount as a Debian Gnu/Linux developer. With 1 GB of RAM, the initial VPS was very limited, but I ran my own mail server (with multiple domains), several web site s(all with SNI TLS enabled web sites, my own DNS server, and more.
Several years back I took the move to migrate my domains from being self-hosted on a VPS, to using AWS Route53. It was a small incremental cost, but I had long since stopped playing around and experimenting with DNS, and I wanted something that had high availability then a single virtual machine.
I have run a blog on my web site since the mid 1990’s (30+ years now), and WordPress has been my main platform since the late 2000s. This is WordPress now (2024), however a few years back I slotted AWS CloudFront in front of my origin service, to provide some level of global caching.
Several of the websites I run have also moved off to Amazon CloudFront, in particular all my small MTA STS web sites that serve just one small text file: the Mail Transport Agent Strict Transport Security policy document.
I still run my own mail server, with Exim4, PostgresQL, DoveCot Spamd, ClamD, etc. It lets me experiment with low level stuff that I still enjoy.
I have a few other services I want to move out of my VPS and into individual cloud-hosted platforms, but not everything is ready et. However a recent review of my VPC costings, and a forced migration from ByteMark (ioMart) to a new organisation UK Hosting, forced me to reconsider. So I took the inevitable change and migrated the entire VPS to AWS EC2 in Sydney, closer to where I am most of the time.
And so it comes to pass after 20 years, thank you to the team at Bytemark for my UK VPS.
Its late in 2024, and its time to recap the transitions in the technology space for Internet and web security. I’ve been reading the Internet Society’s pulse pages, and it gets me thinking…
HTTPS: generally this is well deployed with 97% of top 1000 web sites. But conversely, some 30 web sites don’t think the integrity (let alone the privacy) of data transfer from/to their web site is worth the effort? Here’s looking at you, Australia BOM, still force redirecting clients to unencrypted HTTP, particularly in light of your security incidents and increased funding for cyber security over the last decade.
TLS 1.3: Introduced in 2018, it only started taking off in 2019, and now sites as being available on 80% of the top 1000 sites. That’s some 200 sites that haven’t had the upgrade from older versions, which is almost exclusively TLS 1.2 (even older versions are gone, luckily).
HTTP/3: Based on a UDP transport instead of TCP, its seen a massive DROP in usage in the top 1000 with sites switching back to HTTP/2.
IPv6: Now sitting around 45%. For me, this is a trivial item to enable on Cloud; but some Internet Access Providers (ISPs, Telcos) are sweating their existing installations instead of moving their engineering forward (hello Optus: is IPv6 still not Yes!).
For me, these four technologies are a baseline implementation that do not add significant additional cost for operations, but provide speed, security, and connectivity enhancements.
I always recommend tools like SSLLabs.com, SecurityHeaders.com, Hardenize.com, and SSL.sh to test your services and help improve your delivery. If your web service misses these items, then you may need to consider upskilling your team or service provider, or switching your telco/carrier.
30 years ago, in 1994, I started studying at The University of Western Australia (UWA). At the start of the semester, an Orientation Day (O-Day) is held, where the various student clubs would try and recruit members.
Starting as a Computer Science student, I gravitated towards the University Computer Club stand, and signed up to become a member for a few dollars. Founded in 1974, it pre-dates and outlasts the famed Homebrew Computer Club (1975 – 1986), and even pre-dates the UWA Department of Computer Science.
This year the club turns 50, and a dinner was held.
Dr Andrew Williams on stage at the UCC 50th, University Club, UWA
Around 90 past and present members met for dinner at The UWA University Club function centre to reminisce, celebrate, and look forward to the future.
One key element to the ongoing success of a student club is having a space to congregate and to store equipment. Without a physical space that can be the club, it becomes very ephemeral, and often organisations disappear. The UWA Student Gild has supported the UCC with space for most of the 50 year history, and since the early 1990s, this has been a large space in the loft of Cameron Hall.
The UCC as seen from above, with Michael Deegan, James Bromberger and Shay Telfer, on the night of the UCC 50th anniversary dinnerThe UCC at UWA, on the night of the 50th anniversary, 21 Sept 2024.
In the above, you can see a green roof space on the left hand side: this is the UCC Machine Room. A few of us built this space around 1996 in order to house some of the servers that we had acquired, and to duct the air-conditioning (hanging from a window) to keep them cool. Nearly 30 years later, this structure is still standing, make from wood purchased from Bunnings, and a pair of frosted glass doors acquired from a recycling center in Bayswater.
On the shelves you can see manuals – lots of them, for things like BeOS, NextStep, various programming languages, Sun hardware, IBM hardware, On the shelfs is various hardware, cables, connectors and adaptors. On the tables are terminals, 3d printers, soldering irons, disk packs, tape reels, half built robot brains — spanning decades of technology changes. Posters from events past and present adorn surfaces, encouraging participation in activities, experimentation in software and hardware, and more.
One thing clear from the pictures shown is the impact technology ha had on our society. In 1994 I had a digital camera, a Kodak DC40. I took, stored and retained many photos, straight to digital, when most people were still using film (and taking that film to their local pharmacist/chemist to process/print???!). Today, everyone uses digital photography, mostly form their phones. Its normalised, ubiquitous, and the incremental cost for an image is practically zero (just the storage costs of the data produced). The quality is good today compared with 30 years ago.
Dr Williams (above) was one of the first in the world to put a CCD camera on the end of a telescope at the WA Observatory to record images, leading to many observations that would have historically been missed (not to mention, the flexibility to be one of the first astronomers to be working from home on cold nights).
Along one wall is a framed colour picture, taken by a West Australian newspaper photographer around 1997 or so. It shows a series of old IBM 360 cabinets – parts of a large mainframe computer, that was being disposed of from the UWA storage facility in the suburb of Shenton Park. Many old computers had names; this one was called Ben. It had been donated to the UCC well before my arrival, but now the time had come that this storage facility was being repurposed, and Ben had to go. Luckily it was being donated to a museum collector, and over the years I believe it made its way to the Living Computer Museum in Seattle.
But sitting on the wall of the UCC for the last 30 years has been my picture. Watching thousands of UCCans arrive fresh faced, and seen them learn, connect and evolve into some of the individuals who have powered organisations like Apple, Google, Amazon, Shell, BHP, Rio Tinto, The Square Kilometer Array, and many more.
I served as UCC President in 1996, and I helped organise the UCC’s 18th anniversary, 21st, and 25th. Now at 50, its clear that having the physical space to meet – and eat pizza, discuss news, share tips and skills – has been a key part of the longevity of the UCC.
In 2013 I was presenting to representatives of the South Australian government on the benefits of AWS Cloud. Security was obviously a prime consideration, and my role as the (only) AWS Security Solution Architect for Australia and New Zealand meant that this was a long discussion.
Clearly the shared responsibility model for cloud was a key driver, and continues to be so.
But the question came up: “We’re government, we need our own Region“. At that time, the US had just made its first US GovCloud in August of 2011. I knew then that the cost for a private region then was around US$600M, before you spun up your first (billed) workload.
The best thing about public cloud is, with the safeguards in place around tenant isolation, there are a whole bunch of costs that get shared amongst all users. The more users, the less cost impact per individual. At scale, many things considered costly for one individual, become almost free.
Private AWS Regions are another story: there is not a huge client base to share these costs across. With a single tenant, that tenant pays 100% of the cost. But then that tenant can demand stricter controls, encryption and security protocols, etc.
This difference will perhaps be reflected in the individual unit costs (eg, per EC2 instance per hour, etc).
Numerous secret regions have been created since 2013, such as the Mercury Veil Project for the CIA’s secret AWS Cloud Region.
Today we have two more interesting private regions currently being commissioned: the previously announced European Sovereign Region, and today, the Australian Secret Region at an initial AUD$2B cost.
After 11 years, the cost of a private (dedicated) Region has seemingly increased 333%.
If you thought cloud skills were getting passe, then there’s a top secret world that’s about to take off.
If there is one thing that Cloud customers look for, it is long term availability and stability of the Cloud.
Not only cannot it not go down, but it needs to be long-term sustainable for the provider to operate. And so it comes as some surprise to me that Alibaba has decided to shutter its Regions in India and Australia, according to an article on The Register.
To me this is a clear signal that Alibaba does not want important, long term engagements with customers, anywhere. If they can close these Regions and tell their customers to get out or lose their data, then they can do this in any other Region.
The cost to play the Cloud Provider game is high, and the optics are critical.
This reminds me of the statements made by Google in 2018 , as CNBC reported:
In early 2018, top executives at Alphabet debated whether the company should leave the public cloud business, but eventually set a goal of becoming a top-two player by 2023, according to a report from The Information on Tuesday.
CNBC
Any kinds of indication that the Cloud Provider is not committed long term (multi decade) to being a cloud provider is going to limit the customers trust. of course, the providers then just address the optics by providing statistics slide and diced in such a way as to how them in a favourable light, or including stuff that’s not really cloud in their revenue reporting lines, like software licences.
It’s best to stick to independent industry analysts views of the leaders in the Cloud market place, and to understand the perspective of global versus within a specific country.
If there are any soon-to-be-former Alibaba clients in India or Australia who are now somewhat alarmed at the rug pull from under them, please reach out and I can put you in touch with teams of experts who can help migrate your workloads. See also, my AWS Cloud Migration Consideration series.
