Tag Archive for Microsoft

| February 6, 2016
Comments Off on Is Your Data Center Underwater?

Is Your Data Center Underwater?

Is Your Data Underwater?Every time you like something on Facebook, it causes a computer in a cloud data center somewhere in the world to do something. That computer uses electricity to let the world know you like the sleepy puppy video or what you dinner looked like.

computers produce heatAs you may have noticed if you left your laptop on your lap for too long computers also produce heat. Facebook (FB), Twitter (TWTR), Instagram, and all the other time-wasters have millions of computers generating excess heat that needs to go somewhere. It is estimated that Facebook alone has hundreds of thousands of servers.

Keep servers cool

One of the ways to keep servers cool is to keep them wet. As count-intuitive as that seems, there are companies that use liquid immersion to cool their servers according to the Register. This approach uses data centers featuring large ‘baths’ filled with a dielectric liquid into which racks of equipment are submerged.

Green Revolution Cooling CarnotJetMineral oil has been used in immersion cooling before Perhaps the best-known proponent of liquid immersion cooling is Green Revolution Cooling. Its CarnotJet system allows rack-mounted servers from any OEM to be dunked in special racked baths filled with a dielectric mineral oil blend called ElectroSafe (PDF), an electrical insulator it claims to have 1,200 times more heat capacity by volume than air.

Green Revolution Cooling claims cooling energy reductions of up to 95 percent, server power savings of 10-25%, data center build-out cost reductions of up to 60% through simplified architecture, and improved server performance and reliability as a result of less exposure to dust (and moisture).
Microsoft has taken this technology to the next level. Now, Microsoft is experimenting with locating entire data centers underwater.

Microsoft underwater data center

Microsoft logoComputerWorld is reporting that Microsoft has designed, built, and deployed its own sub-sea data center in the ocean, in the period of about a year. The Redmond, WA firm started working on the project in late 2014. Microsoft employee, Sean James, who served on a U.S. Navy submarine, submitted a paper on the concept.

The eight-foot diameter steel prototype vessel, named after the Halo character Leona Philpot, operated 30 feet underwater on the Pacific Ocean seafloor, about 1 kilometer off the California coast near San Luis Obispo for 105 days from August to November 2015, according to Microsoft. Microsoft engineers remotely controlled the data center and even ran commercial data-processing projects from Microsoft’s Azure cloud computing service in the submerged data center.

Project NatickThe sub-sea data center experiment, called Project Natick after a town in MA, is in the research stage and Microsoft warns it is “still early days” to evaluate whether the concept could be adopted by the company and other cloud service providers. Microsoft says,

Project Natick reflects Microsoft’s ongoing quest for cloud data center solutions that offer rapid provisioning, lower costs, high responsiveness, and are more environmentally sustainable.

Microsoft believes that using undersea data centers can serve the 50% of people who live within 200 kilometers of the ocean. They say that deployment in deep-water offers “ready access to cooling, renewable power sources, and a controlled environment.” Moreover, a data center can be deployed from start to finish in 90 days.

Microsoft is weighing coupling the data center with a turbine or a tidal energy system to generate electricity, according to the New York Times.

Environmental impact

A new trial is expected to begin next year, possibly near Florida or in Northern Europe, Microsoft engineers told the NYT.

environmental impactSome users questioned whether an undersea data center could have an environmental impact, including the heating up of the water around the data center. But Microsoft claimed on its website that the project envisages the use of data centers that would be totally recycled and would also have zero emissions when located along with offshore renewable energy sources. MSFT told Computerworld

No waste products, whether due to the power generation, computers, or human maintainers are emitted into the environment … During our deployment of the Leona Philpot vessel, sea life in the local vicinity quickly adapted to the presence of the vessel.

rb-

I have covered some other alternative ways to deal with data centers on Bach Seat, including HP’s plans to use cow manure to generate electricity and Microsoft’s plan to use sewer gas to power a data center in Wyoming.

Underwater data centers are an attractive idea, there are challenges. One is a concern is the saltwater could corrode the structures. This issue can be resolved by locating the data centers in the freshwater Great Lakes. The Great Lakes basin is projected to reach a population of about 65 million by 2025.

The region includes:

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , ,
| December 7, 2015
Comments Off on Let’s Encrypt Lives

Let’s Encrypt Lives

Let's Encrypt LivesLet’s Encrypt, an initiative to set up a free certificate authority (CA) on the Intertubes has entered its public beta phase. All major browser makers including Google Chrome, Mozilla Firefox, and Microsoft Internet Explorer trust Let’s Encrypt certificates. In their announcement Josh Aas, the executive director of California based Internet Security Research Group (ISRG), which runs the Let’s Encrypt service, wrote:

We’re happy to announce that Let’s Encrypt has entered Public Beta. Invitations are no longer needed in order to get free certificates from Let’s Encrypt … We want to see HTTPS become the default. Let’s Encrypt was built to enable that by making it as easy as possible to get and manage certificates.

Encryption to protect communications

Lets Encrypt logoLet’s Encrypt is overseen by folks from Mozilla, Akamai (AKAM), Cisco (CSCO), Stanford Law School, CoreOS, the EFF, and others. Let’s Encrypt was first announced in 2014, (rb- Which I covered here). motivated by a desire to steer organizations towards the use of encryption to protect their communications. A key part of the strategy is offering free digital certificates, which is a radical departure from the very hefty premiums that certificate authorities typically charge.

The Register reports that the free cert is no freebie weakling. Lets Encrypt uses a 2048-bit RSA TLS 1.2 certificate with a SHA-256 signature installed and the server configured to use it. The cert gets an A from Qualys SSL Labs.

Let’s Encrypt to offer free SSL/TLS certs

Secure Socket Layer/Transport Layer Security certificatesLet’s Encrypt plans to distribute free SSL/TLS (Secure Socket Layer/Transport Layer Security) certificates, which encrypt data passed between a website and users. The use of SSL/TLS is signified in most browsers by “HTTPS” and a padlock appearing in the URL bar. Unencrypted web traffic poses a security risk. For example, an attacker could collect the web traffic of someone using a public Wi-Fi hotspot, potentially revealing sensitive data.

Besides securing your information going across the Internet from spies and thieves, FierceSecurityIT says another key aspect of Let’s Encrypt is to make it easy to generate and install new digital certificates. The Let’s Encrypt CA uses an open source “automated issuance and renewal protocol” that allows for certificates to be renewed without manual intervention.

automated issuance and renewalThe automated issuance and renewal protocol prevents oversights resulting in certificates for live websites expiring, a situation that does happen from time to time. FierceSecurityIT says that short-term certificates also offer better security by reducing exposure in the event that the private keys are stolen.

rb-

Major technology companies including Google, Yahoo and Facebook have made a strong push for broader use of encryption in light of government surveillance programs and burgeoning cyber-crime.

The point of Let’s Encrypt is that anyone who owns a domain name can use Let’s Encrypt to get a trusted certificate at no cost. This will help HTTPS become the default. This is a big step forward in terms of security and privacy.

Instructions for getting a certificate with the Let’s Encrypt client can be found here.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , ,
| October 30, 2015
Comments Off on Tech Titans Dodge Taxes

Tech Titans Dodge Taxes

Tech Titans Dodge TaxesA recent report by the Center for Tax Justice (CTJ) on the use of tax havens in 2014, identified the 500 largest American companies hold more than $2.1 trillion in accumulated profits overseas to avoid U.S. taxes. The report found that one-quarter of that amount (549.7 billion) is hoarded abroad by ten tech companies alone, as the chart from Statista illustrates.

Greedy AppleAmong the tech titans hoarding cash, Apple (AAPL) has parked the largest amount of cash outside the United States. The article notes that the iPhone maker has stashed a whopping $181 billion overseas. That is almost twice as much as second-ranked Microsoft (MSFT) ($108.3b) and roughly three times the total of IBM (IBM), which ranks third in the tech-list with foreign cash holdings of $61.4 billion. Cisco (CSCO), ranked fourth, stands out with as many as 59 tax haven subsidiaries.

The top twenty tech firms in the order of the amount of money hoarded overseas in 2014 to cheat the taxman in 2014:

  1. BillionairesApple
  2. Microsoft
  3. IBM
  4. Cisco
  5. Google (GOOG) $47,400 millions
  6. HP (HPQ) $42,900 millions
  7. Oracle (ORCL) $38,000 millions
  8. Qualcomm (QCOM) $25,700 millions
  9. Intel (INTC) $23,300 millions
  10. EMC (EMC) $11,800 millions
  11. Western Digital (WDC) $9,400 millions
  12. Xerox (XRX) $8,500 millions
  13. Ebay  (EBAY) $7,900 millions
  14. Cognizant Technology (CTSH) $6,121 millions
  15. Agilent Technologies (A) $5,700 millions
  16. Micron Technology (MU) $4,910 millions
  17. Broadcom (BRCM) $4,850 millions
  18. Symantec (SYMC) $3,600 millions
  19. Computer Sciences (CSC) $2,552
  20. Amazon (AMZN) $2,500 millions

Statista notes that the study found the number of tax haven subsidiaries is not directly connected to the amount of taxes dodged by a company. On the contrary, some companies now report fewer subsidiaries in tax haven countries than they did in 2008 while reporting significant increases in the amount of cash they hold abroad.Center for Tax Justice graphic

The study offers two possible explanations for this occurrence: First of all, some companies may choose not to report all of their subsidiaries because the SEC’s penalties for failing to do so are pretty lax and secondly companies could simply consolidate more income in fewer offshore subsidiaries, often in structures dubbed “Double Irish”.

Infographic: U.S. Tech Companies Hoard Billions in Offshore Tax Havens | Statista

This chart shows how much money U.S. tech companies hold in offshore subsidiaries to avoid U.S. taxes.

You will find more statistics at Statista

The CTJ claims U.S.-based multinational corporations are allowed to play by a different set of rules than small and domestic businesses or individuals when it comes to the tax code. Rather than paying their fair share, many multinational corporations like Apple, Cisco, Google, and Intel use accounting tricks to pretend for tax purposes that a substantial part of their profits are generated in offshore tax havens, countries with minimal or no taxes where a company’s presence may be as little as a mailbox. Multinational corporations’ use of tax havens allows them to avoid an estimated $90 billion in federal income taxes each year.

Uncle Sam in redtapeCongress, by failing to take action to end to this tax avoidance, forces ordinary Americans to make up the difference. Every dollar in taxes that corporations avoid by using tax havens must be balanced by higher taxes on individuals, cuts to public investments and public services, or increased federal debt.

The CTJ recommends the following steps to stop the abuse of offshore tax havens by the tech titans and restore fairness to the US tax system and reduce pressure on America’s budget deficit and improve the functioning of markets.

End incentives to shift profits and jobs offshore. The most comprehensive solution to ending tax haven abuse would be to stop permitting U.S. multinational corporations to indefinitely defer paying U.S. taxes on profits they attribute to their foreign subsidiaries. Ending “deferral” could raise nearly $900 billion over ten years, according to the report.

Reject the Creation of New Loopholes. Reject a “territorial” tax system. The CTJ estimates that switching to a territorial tax system could add almost $300 billion to the deficit over ten years.

Close the most egregious offshore loopholes. Policymakers can take some basic common-sense steps to curtail some of the most obvious and brazen ways that some companies abuse offshore tax-havens. Close the inversion loophole by treating an entity that results from a U.S.-foreign merger as an American corporation if the majority (as opposed to 80 percent) of voting stock is held by shareholders of the former American corporation. These companies should be treated as U.S. companies if they are managed and controlled in the U.S. and have significant business activities in the U.S.

Patent trollStop companies from shifting intellectual property (e.g. patents, trademarks, licenses) to shell companies in tax haven countries and then paying inflated fees to use them. This common practice allows companies to legally book profits that were earned in the U.S. to the tax haven subsidiary owning the patent. Limited reforms proposed by President Obama could save taxpayers $21.3 billion over ten years.

Stop companies from deducting interest expenses paid to their own offshore affiliates, which put off paying taxes on that income. This reform would save $51.4 billion over ten years, according to the CTJ.

Increase transparency. Require full and honest reporting to expose tax haven abuses. Multinational corporations should report their profits on a country-by-country basis so they can’t mislead each nation about the share of their income that was taxed in the other countries.

Michigan-based companies dodging the taxman in 2014 have hoarded almost $55 Billion according to the CTJ. With just a 1% tax on the withheld income, we could probably get the roads fixed. On the list ranked by millions held off-shore by Michigan based firms according to the CTJ are:

  1. Dow Chemical $18,037 millions
  2. General Motors $7,100 millions
  3. Stryker $5,878 millions
  4. Whirlpool $4,900 millions
  5. Ford $4,300 millions
  6. Autoliv $4,000 millions
  7. TRW Automotive $3,400 millions
  8. BorgWarner $2,700 millions
  9. Kellogg $2,200 millions
  10. Lear $1,200 millions
  11. Penske $711 millions
  12. Visteon $245 millions
  13. Kelley Services $111 millions
  14. Conway $32 millions
  15. Masco $12 millions
Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
| October 27, 2015
Comments Off on Online Security in Era of Connected Cars

Online Security in Era of Connected Cars

Online Security in Era of Connected CarsKarl-Thomas Neumann, CEO of General Motors (GM) European Opel brand announced that GM would launch OnStar telematics service in vehicles sold in Europe in late 2015. The Opel CEO declared the new technology, “transforms the car into a true part of the Internet of things.” The Detroit Bureau says it raises some of the same concerns consumers face on the Internet, including how to protect their privacy in highly connected cars.

App controlled carEven though a growing number of consumers have embraced the idea of having mobile access to smartphone apps, built-in Wi-Fi, and the safety and security promised by systems like OnStar issues loom that consumers, manufacturers, and regulators need to address. At the 2014 Consumer Electronics Show, Jim Farley,  then the top marketing executive at Ford Motor Company (F),  told an audience that the automaker “know(s) everyone who breaks the law, we know when you’re doing it,” thanks to the data collected by its OnBoard Sync technology system.

Despite a quick backtrack by Mr. Farley, the article says he was being truthful. The fact is, the onboard black boxes in most cars are now equipped with two-way capabilities. Privacy has become “a big issue,” according to Jon Allen, a principal with consulting firm Booz Allen Hamilton who focuses on security issues. Precisely what makes such technology so compelling is why it is also so worrisome. Mr. Allen told The Detroit Bureau,

Connected products provide customization and convenience because of the data they track. Part of the great opportunity to improve the customer experience is producing a vehicle that ‘learns’ your habits and preferences. But that information must be protected.

Data privacyThe EU takes privacy seriously and these types of tracking technology have drawn the attention of regulators in Europe and to a lesser extent, in the U.S. The article describes a measure of just how strongly Europeans feel about the issue that came during Opel chief Neumann’s news conference. Unlike the U.S. version of OnStar, the European system will include a “Privacy” button to let a user “choose whether they want to provide location information or not.”

That choice would only be over-ridden after a crash severe enough to trigger OnStar’s emergency call system, CEO Neumann explained. It’s designed to call rescue crews in the event of an accident severe enough passengers might be disabled.

Don't panicThere have been experiments with marketing that could target motorists much as Google today can toss ads at a web viewer based on information revealed by hidden “cookies.” Imagine, they suggest, being able to send a McDonald’s ad and virtual coupon to a car driving near one of its restaurants around lunchtime.

While some drivers might embrace that possibility, others are appalled. The Detroit Bureau reports the potential to reveal more detailed personal information, as well as allowing a vehicle to be tracked, is raising flags on both sides of the Atlantic.

Digtal trackingIn the U.S., an auto industry alliance recently agreed on an approach called “Privacy Principles for Vehicle Technologies and Services.” (rb- Which I covered here) Meanwhile, both the U.S. Federal Trade Commission and the National Highway Traffic Safety Administration are exploring the issues – though in some cases, they are actually encouraging greater access, noted analyst Allen.

The issue is further complicated by the threat of cyber-criminals exploiting vulnerabilities in-vehicle communications systems.

rb-

I first covered this threat in 2011 here and here. And the theoretical became real in 2015 when researchers demonstrated they could use online systems to take over a Jeep Grand Cherokee.

The threat to personal freedom and privacy in your car has accelerated as Apple (AAPL) and Google (GOOG) join Microsoft (MSFT) in the battle to rule the car. Apple’s automotive ambition does not stop at CarPlay, they are also focused on developing an iCar. Google’s Autonomous Cars ambitions are well known, but their efforts to take over the car cockpit are also taking off with Android Auto.

The government is contributing to the connected car conundrum. The Feds are abetting the Autos by trying to prevent security researchers from doing testing and reverse engineering that could improve security and safety for all of us according to Naked Security.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Cars | Tags: , , , , , , , , , , , , , , , , , , ,
| August 27, 2015
Comments Off on Back to School Cybersafety Resources

Back to School Cybersafety Resources

Back to School Cybersafety ResourcesThe new school year is here. If cybersafety is not on your “back to school” checklist, it should be. SecureWorld offered up a list of resources to help parents have a meaningful conversation about “cyber-safety” with their children. Parents need to talk with their kids about what they can do to protect themselves from the threats that are lurking online.

There are a variety of resources available that can help parents teach their children about the importance of Internet safety and privacy. Here are some recommended in the article.

threats lurking onlineIn 2009, President Obama asked the Department of Homeland Security to create the Stop.Think.Connect. Campaign to help Americans understand the dangers that come with being online. The program stresses that cybersecurity is a shared responsibility. Parents can download a Cybersecurity for Kids tip card (PDF) that offers helpful hints and advice designed specifically for children.

ConnectSafely.org is a nonprofit organization dedicated to educating users of connected technology about safety, privacy and security. The website offers a number of Parent Guides, written by parents for parents, including:

Back to school

The National Cybersecurity Alliance is an industry-led group, founded by the likes of Symantec (SYMC), Cisco (CSCO), Microsoft (MSFT), and EMC (EMC), whose mission is to educate and therefore empower a digital society to use (rb- their products) the Internet safely and securely at home, work and school.

Parents and teachers can download tips and resources from their website StaySafeOnline.org. The tip sheets are created specifically for different age groups ranging from kindergarten to college students. This site offers resources like:

Free Security Check-Up and Tools – Which has download locations for tools from A to W – Avast to Webroot. (as always use at your own risk).

Tip Sheets for:

The author states that industry professionals are also placing a high priority on preparing children for life in cyberspace. For instance, the (ISC)2 Foundation’s Safe and Secure Online program was introduced in 2006 in conjunction with Childnet International. They offer resources for parents which include Top 10 Tips for Parents (PDF) and the Parent-Child Commitment to Safety Agreement (PDF).

The Business Insider polled and a bunch of industry cyber security experts about what they teach their kids about the internet. The experts working in the field recommend you:

  • Start discussing online safety at an early age.
  • If you wouldn’t do it face to face – Don’t do it online.
  • Once you’ve written something you can’t delete it.
  • Not just to tell them the rules but also to spend the time/

You can read the rest of the tips at Business Insider here.

rb-

Good luck, you will need it.

Talk to your students about cyber safety – Staysafe.org’s guide on Internet Safety for Teens: https://www.staysafe.org/teens/

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , ,
« Older Entries   Recent Entries »