Seconding this, it's what I immediately thought of. It's a really beautifully made movie. And yes cats are front and center, but it's also using them as a window on humanity, the city of Instanbul and its living history from a very different perspective. It's a very sober film as well, celebrating life but also not shying away from death and the passing of time. The "cat's eye view" is a more 3D sort of feel from a lot of the typical explorations of a city, going at ground level, up and down buildings in 3D etc.
It's become a family favorite film we tend to watch each winter now. All ages can take something from it.
>I can't really judge whether 1000 charges is a reasonable target for a car
I mean, if "charges" is "full charge" and the battery pack does even 200 miles of range then that'd be 200,000 miles right? And more like 250-300+ miles seems like a spreading target as energy density ticks upwards.
Honestly that's more than I've ever put on any single individual car or truck I've owned, and well into the point where I'd be expecting to put real money into engine and other work for an ICE. Sure more is better but if a battery pack can go 200k-300k miles keeping 90% range that doesn't feel unreasonable at all for non-commercial usage. Taxis and so on with much higher utilization may find value in alternative options of course.
>courts can absolutely force you to enter a password even if it's not written down by holding you in contempt indefinitely.
This is not true outside of a narrow exception. Indeed this is the core point of the 5th Amendment, to protect you from having to be witness against yourself. It's just as binding on the judicial branch as it is on the executive. Ordinarily, a court may not compel a defendant to testify or say something that could incriminate them.
The narrow exception is the "foregone conclusion doctrine", which allows compelling testimony about specific evidence the government legally knows exists, knows the defendant controls access to, and knows is authentic. All of which has a bunch of caselaw around it. The textbook example is somebody has a device open, and an officer directly witnesses illegal material on it, but before they can seize it the person manages to turn it off and now it cannot be accessed without a password. So the government can say "we witnessed this specific illegal material, and this device is owned by the defendant and we can prove from video that they have accessed the device, and we want access to that specific material". But if you're just crossing the border with a locked device, they cannot compel the password just to search through it, or even if they're suspicious of something specific. They need actual knowledge, either through their own evidence or because the person foolishly talks and confesses something.
Otherwise they can definitely physically seize the device for a time (which could be very inconvenient/expensive depending) but that's it.
>There are lot cases where it is proven that you don't have any legal protection on border crossings.
Assuming "you" here refers to US citizens, there are actually no such cases, because it is not true that we don't have any legal protection at the border. Quite the contrary! There are certainly cases covering how certain protections are reduced, but that's a long way from nothing. Most importantly and foundational, all US citizens have an absolute right to return at a land border crossing, even without any form of ID or the like. You cannot be kept out. Without appropriate ID it may take longer to verify you and they can check. If there's probable cause for a crime, or an active warrant, then of course they can arrest you, but that process then plays out domestically same as if you'd been arrested at home. They can examine and seize physical goods with cause, but you can then challenge that and ultimately get it back. But they can't keep you out, whether you voluntarily cooperate or not, and they can't arrest you without all the same domestic legal justification and process.
I don't want to understate that the amount of trouble and financial challenge that in principle border patrol can impose/get away with can be substantial for a lot of people. Someone might be in a rush to catch some connecting leg of their journey, or have responsibilities at home/work that are time sensitive. Not everyone by a long shot can afford to be without their phone/notebook/equipment for days/weeks/months. Not everyone can afford serious legal representation and the resulting time sink. Etc etc. But even so ultimately we do have legal protections that we can all make use of and can stand upon.
>Most hackers actually keep their promises if paid the ransom, nowadays.
I don't think that's actually true, or at least is certainly cannot be taken for granted. Instead, it appears ransom has followed more of the path of Silicon Valley VCs:
.It sounds perverse but the incentives require it: if payment didn't bring resolution, no one would pay. As a result, all of the big gangs avoid scamming.
What you're describing is the expected Game Theory outcome over long periods in an iterated game. This works as long as the payment amount is towards the <salary> side of the potential payment spectrum, where each payment may well be decent money for the work the ransomers put in but not so much that they don't need new ransoms. The problem comes if/when the absolute amount of payment moves from "salary" to the "Exit"/"Retirement" side of the spectrum, ie, heads into what VC would call "Unicorn" status. At some level of money it reaches the point where the ransomers need never work again in their lives, it's enough money to get out of the risky business and live off of it indefinitely. It's now no longer an iterated game but a single game, and in single games defection can be rewarded. It no longer matters if reputation is burned, on the contrary it might be the moment to cash all accumulated rep in.
I think in general, both on the bright and dark sides, this sort of "phase change" in a given market space is worth trying to keep an eye out for because it can result in significantly changed behavior "out of nowhere" that can head in ugly directions very fast.
>Q: Stealing is illegal, so why would anyone use a CRQC to steal Bitcoin?
I've had this thought for awhile actually: how would reproducing some random number be legally "stealing" under any legal system in the world? Putting aside that cryptocurrencies have always been about "code decides" etc, that they're outside of the legal system entirely, but I'm struggling to see where there's any actual property interest here. Randomly generated numbers are not protected by IP in any way. There's no computer fraud act angle or the like here, nobody would be having so much as the slightest interaction with anyone else's private system. They'd merely be taking publicly available unprotected numbers and doing some math on them with their own quantum computer. Somebody else who has something related to those numbers is never deprived of them or interacted with in the slightest. There is nothing resembling "hacking", no flaws in the software exploited, all just math there from the start.
I can understand how suddenly a lot of proponents might wish to cling to and push the idea that it's "illegal" or "stealing", but doesn't appear to be any meat on dem bones. Maybe they hope to generate support to get laws passed banning it, though hard to see that working out either. As a practical matter seems like they're just going to have to agree on a transition to new version using PQE algorithms and try to convert over before it's too late?
Isn't your bank balance in a bank database also "just a number"? That number still exists if it goes up or down.
I understand that the bank's ownership of its computer means that hacking into it could be seen as (for example) a trespass. However, what if you somehow persuaded a bank employee to change someone's balance? The bank employee has some kind of authority to do this and the result is once again "just a number".
OK, what if you display some fraudulent information somewhere that leads a bank employee to decide to update a balance?
I don't want to entirely dismiss your intuition because after all there is lots of interest in not relying on legal systems to adjudicate issues related to cryptocurrency transactions. However, changing numbers and causing people or devices to change numbers is not inherently categorically exempt from being considered fraudulent. For that matter, computer fraud laws are often explicitly written to apply to unauthorized alteration of data, not just to unauthorized access to a specific device.
You might try to defend this by saying
* the ownership of cryptocurrency assets is defined as the ability to transfer them, and should not be further or separately interpreted apart from that ability, or
* deceiving a protocol is less obviously wrongful (or at least harder to define) than deceiving a person, or
* computer crime should require undermining someone's intent about the use of devices or data and that intent should be clearly manifested and meaningful, which it arguably isn't in a cryptocurrency system, or
* offline institutions create some kind of intelligible notion of ownership that's related to the non-digital world and this kind of ownership is what laws about theft or fraud aim to protect rather than any other kind of ownership without that non-digital nexus. (although this doesn't seem to be empirically true as ownership of, for example, domain names has been recognized as a form of property by courts since at least Kremen v. Cohen in 2003, even though it is just a matter of a database entry and has no offline existence)
These are interesting conceptual possibilities, but not necessarily persuasive for courts, law enforcement, or cryptocurrency end users.
>Isn't your bank balance in a bank database also "just a number"?
Absolutely not, but also "yes, which means no". In the first case, a bank balance isn't "just" a number, it's a massively regulated and legally backed number with many layers of interlocking entities, both private and multiple layers of government, in charge of maintenance, auditing, insuring, and enforcing. There is no equivalency to cryptocurrency there, as has been regularly touted.
To the second, it could certainly be argued that a bank balance is indeed "just a number" and that's the point, what gives the number its value is all the infrastructure around it not anything intrinsic to the number itself. If someone finds out my bank balance in Account ABC is $42076 that might have privacy implications sure, but knowing that number gives you access to absolutely nothing of meaning. That's a completely different situation to one where independently finding a given number, which note you need not even have any idea who it belongs to, suddenly equates to ability to make use of that number in real world relevant ways by social consensus.
We're talking more the equivalent of Adam guessing a winning lottery ticket, and then hanging onto it hoping the value will go up and he can trade on the ticket or do other things with it while not actually cashing it in because it's so unlikely somebody else will guess the ticket. Maybe because the lotto ticket winners are published on a public ledger, and Adam doesn't want the notoriety, or at least not just yet. Then Bob does independently guess it, immediately turns it in, and now Adam's lotto ticket is worthless. Bob didn't steal anything from Adam. Whether what Bob did is ok or not depends on the rules of the game.
>I understand that the bank's ownership of its computer means that hacking into it could be seen as (for example) a trespass
Holy shit are you for real? COULD be seen? Yes hacking into a bank would absolutely mean felony prosecution on multiple counts if you were caught.
>However, what if you somehow persuaded a bank employee to change someone's balance?
They would be committing multiple felonies and you would be committing criminal conspiracy, inducement and so on depending on jurisdiction, and probably wire fraud and a bunch of other stuff if you do it remotely that are sorta gimmes for prosecutors.
>The bank employee has some kind of authority to do this and the result is once again "just a number".
The bank employee does not have legal authority to do this. Any technical authority they have is only within the auspices of the law, internal compliance controls and practices and on and on.
Anyway without going through your whole post you're doing a whole lot of false equivalency. Breaking into and modifying somebody else's systems is no small point, it's explicitly illegal under the CFA in the US and similar in the rest of the developed world. There's no such thing as legally "copying" money from an end owner perspective, even if internally to the global financial systems when it comes to fiat currencies from the Treasury & Fed or other national equivalents to banks and other governments and so on it gets more complicated. It's all meant to effectively be a digital version of actual old fashioned hard currency. Hence the entire core concept of theft: it applies to zero sum games, where one person getting more cash means another person now has less.
I'd welcome any actual specific laws on the books about cryptocurrency that contemplates what would happen if someone simply guesses a private key with no interaction with anyone else and then uses it on the network. But without that it's hard to see any existing precedent. On the contrary, cryptocurrency people have repeatedly pushed, and built into the core foundations, the notion of code being law, that possession of a private key is all that's needed and the rest is up to the network and you're supposed to be in charge of that (or someone else is on your behalf and that relationship can be subject to contracts).
> Holy shit are you for real? COULD be seen? Yes hacking into a bank would absolutely mean felony prosecution on multiple counts if you were caught.
I meant to refer specifically to the trespass theory (advocated about 25-30 years ago by some companies as a way to enforce terms of service) as a reason one might attempt to distinguish "changing a number on company X's computer" from "changing a number in a distributed database". That is, there might be legal theories that are more protective of individual companies' computers just because the physical computers belong to the companies as opposed to information-in-general.
However, other forms of computer crime law can protect information-in-general, regardless of where it's stored or by whom.
My point was that existing laws have been happy to punish changing numbers on computers based on the meanings that those numbers have to people, what people act as though those numbers represent. I believe some of these laws are drafted broadly enough that they already treat stealing cryptocurrency as illegal. Even if legislators didn't consciously regulate it this way, courts may conclude that concepts of fraud, property, conversion, etc., already apply to cryptocurrency systems, even if there isn't an obvious technical difference between a transfer intentionally authorized by a human owner and a transfer authorized as a result of fraud, hacking, bugs, etc.
I understand that in, say, Bitcoin, "ownership" of assets stored in a UTXO is implemented only as the ability to cause a transaction that consumes that UTXO, and that this ability doesn't refer to a person's name or identity, or to good or evil, or to the reason that someone caused such a transaction, or to how someone came to possess the necessary information to create it. The blockchain consensus is updated based on whether the transaction followed certain deterministic rules, and concepts like "the owner" do not in fact appear directly anywhere in those rules. However, this doesn't stop a court from saying that some such transactions represent fraud or conversion or something while others don't, even though the transactions in question were equally valid according to the blockchain consensus.
I understand that there's uncertainty and debate in the cryptocurrency world about how we should want legal systems to regulate or not regulate cryptocurrency, remedy or not remedy otherwise-wrongful actions committed via cryptocurrency systems, and enforce or not enforce agreements implemented in or through cryptocurrencies. I also think you're right to point out that there's an issue about whether the content or behavior of the code is, or is meant to be, the "entire agreement" among parties using it, or whether it just somehow reflects other kinds of relationships that are also partly enforced by legal systems.
I currently work on smart contracts for a living. I find the question of how legal systems should view them fascinating, and I don't have a clearly articulated position on it.
Edit: I'd again like to point to Kremen v. Cohen as an analogy. In that case there was a privately (sort of) created database of domain name registrations. There weren't specific laws or regulations created to describe how the courts should view domain name ownership. The defendant in that case fraudulently caused a domain name to be transferred from the plaintiff to the defendant. The courts agreed that the domain name was "property" and that the defendant could be sued for this, again even though there was no specific legislation regulating the domain name industry. Now, many people are unhappy about various ways that the legal systems of various countries try to control and regulate domain name ownership and transfer. I know people who've worked on naming systems that are explicitly meant to be harder for governments to regulate.
Still, when courts looked at the original DNS decades ago, none of these forms of queasiness about the government's role stopped the courts from concluding that domain names were property based on their characteristics and use, and that people could be sued for fraudulently taking domain names away from other people.
It seems like you might be perceiving a kind of hypocrisy in the notion of people wanting to deliberately create things that are harder to regulate, and then still sometimes involving the courts in disputes over them.
Cryptocurrency gains are taxable in many (most?) countries. Clearly the governments see cryptocurrency as something more than just random numbers without meaning.
Likewise, when government agencies shut down dark net markets (DNMs), they will seize the cryptocurrency funds that the DNM had (from market fees etc., or even funds that belonged to customers and were in escrow etc. by the DNM) if they can (i.e. if they get access to the private keys of DNM owned wallets either by technical means or by convincing the operators of the DNM to hand over the keys). Again because the governments view cryptocurrencies as something more than just random numbers without meaning.
Speaking of seized funds. Let’s say that a government agency had seized a significant amount of bitcoin from a DNM and was transferring those funds to wallets under government agency control. Along comes some guy with a quantum computer and takes those funds for himself. Is the government agency just going to throw its hands in the air and say “oh well, he guessed the random number, nothing more we can do!” No, I think not.
>Cryptocurrency gains are taxable in many (most?) countries.
So?
>Clearly the governments see cryptocurrency as something more than just random numbers without meaning.
Not really? It's the realized gains that get taxed. That's a completely generic feature of the tax system, the government doesn't give a shit (and shouldn't) what people decide has value in any given transaction. The only thing they care about is whether or not there was actual cash equivalent value exchange happening. Barter is always a potentially taxable event. The government makes no judgement on whether you do it with pretty river rocks or random numbers, they can assess the value of the exchange as if it was done with cash and tax that result.
Re: Seizure of everything related to an illegal operation: sure, they will take everything they can find regardless. They'd take a computer with a ~/.ssh full of random keys too. The data they seize might also have pirated movies/games/music. Some of the things might have "value" but that doesn't make them currency.
None of this implies the result you clearly wish it did.
>Is the government agency just going to throw its hands in the air and say “oh well, he guessed the random number, nothing more we can do!” No, I think not.
You "think not"? Why not? What laws do you think are being violated? There are lots of cases where the government will seize something that might at the time of the seizure be worth $X, and then legitimate activity happens elsewhere such that now it's worth $0.5X or whatever, and that's perfectly fine. The question hinges on whether the activities of other independent people/entities unrelated to the criminal entity that got seized are legitimate or not. It's not a matter of vibes. Like, imagine the government seizes a winning lotto ticket. And then before they can do anything with it somebody unconnected else goes into a convenience store and legitimately buys a ticket, guessing the number too. The value of what the government seized has just dropped. Would I expect the government to throw its hands in the air and say “oh well, he guessed the random number, nothing more we can do!”
Well, yes? That is indeed my expectation, within the rules of the game in question. If the lotto says "if you fail to claim your winning ticket within 1 week before someone else guesses it as well then too bad" or "well then you both split it 50/50" or whatever, yeah I'd expect the government to be held to the exact same standard as anyone else.
> You "think not"? Why not? What laws do you think are being violated?
Actually we have real world examples of this very sort of thing: someone stealing cryptocurrency from a government agency seizure using the publicly knowable private keys for a wallet. No quantum computer was even involved, just plain old human error.
In South Korea this year, a government agency released pictures of a physical seizure that included written down mnemonic seed phrase.
The funds were then stolen, using that seed phrase.
And then:
> A Korean National Police Agency official said at a press briefing on the 3rd that "the first thief submitted a confession to the Cybercrime Reporting System on the 28th of last month, so on the 1st we arrested the person based on that and are tracking the secondary thief."
So there you have it. The government in South Korea considered this a theft. An arrest was made. Investigations were made.
It is so very obvious that this is what would happen when you steal cryptocurrency from the government. Even when the government agency itself was the one to accidentally publish the private keys so that they became public knowledge.
> It's the realized gains that get taxed. That's a completely generic feature of the tax system, the government doesn't give a shit (and shouldn't) what people decide has value in any given transaction
If I buy a vintage computer second hand for $1500 and then manage to sell it to someone else for $2000, I don’t owe taxes on that.
But if I buy $1500 worth of bitcoin and then sell those bitcoins for $2000, I owe taxes on that.
So yes, the government does “give a shit” what people decide has value in any given transaction.
>If I buy a vintage computer second hand for $1500 and then manage to sell it to someone else for $2000, I don’t owe taxes on that.
Uh, in the United States? Yeah, you absolutely do [0, 1]:
>"If you make a profit through these activities, it’s considered taxable income. You can use the Form 1099-K, along with other records, to determine how much tax you owe."
>"Remember that all income, no matter the amount, is taxable unless the law says otherwise – even if you don’t get a Form 1099-K."
>"If you made a profit or gain on the sale of a personal item, your profit is taxable. The profit is the difference between the amount you received for selling the item and the amount you originally paid for the item."
You may wish to review your understanding and confidence in your understanding of tax law.
>I don’t live in the US, and am not a citizen of the US.
Well good then, I guess you don't have to worry about any of this so long as no American ever gets a quantum computer! Not like any research on it happens here or anything so you shouldn't need to be concerned.
The US happily arrests and charges people for cryptocurrency theft too.
> An unsealed indictment on Thursday identified Malone Lam, 20, a citizen of Singapore who lives in Miami and Los Angeles, and Jeandiel Serrano, 21, of Los Angeles, showing both had been arrested Wednesday night and charged with conspiring to steal and launder the cryptocurrency. They were set to appear in separate federal courts in California and Florida on Thursday, according to the Justice Department.
>The US happily arrests and charges people for cryptocurrency theft too.
But the whole discussion here is whether or not it'd be theft at all. There is no breaking into computers or laundering involved here. And you're also now admitting that we're discussing US law as I was from the beginning, after trying to deflect to whatever rando country you're from as if it matters.
The best bet would be to factor satoshi's keys, and then publish them on something like OEIS for some novel-math reason, and let someone else steal them for you.
I can't imagine that getting laws passed is going to help. The government can't just order a bank to restore funds, the way they can with regular currency. They could try forcing the culprit to return them, but it seems unlikely for the culprit to be in your jurisdiction.
I suppose we could pass laws to prevent them from ever spending the money in a country that they can control. Even then, they'd have to find ways around the funds being "laundered" through mixers.
> how would reproducing some random number be legally "stealing" under any legal system in the world?
The usual way, via the criminal code. My old business treasury was scammed into transferring funds on-chain to an impersonator. We were able to recover losses through an insurance claim which required us to report the theft to the police.
Yeah, sounds like it's time to take this very seriously. Sobering article to read, practical and to the point on risk posture. One brief paragraph though that I think deserves extra emphasis and I don't see in the comments here yet:
>In symmetric encryption, we don’t need to do anything, thankfully
This is valuable because it does offer a non-scalable but very important extra layer that a lot of us will be able to implement in a few important places today, or could have for awhile even. A lot of people and organizations here may have some critical systems where they can make a meat-space-man-power vs security trade by virtue of pre-shared keys and symmetric encryption instead of the more convenient and scalable normal pki. For me personally the big one is WireGuard, where as of a few years ago I've been able to switch the vast majority of key site-to-site VPNs to using PSKs. This of course requires out of band, ie, huffing it on over to every single site, and manually sharing every single profile via direct link in person vs conveniently deployable profiles. But for certain administrative capability where the magic circle in our case isn't very large this has been doable, and it gives some leeway there as any traffic being collected now or in the future will be worthless without actual direct hardware compromise.
That doesn't diminish the importance of PQE and industry action in the slightest and it can't scale to everything, but you may have software you're using capable of adding a symmetric layer today without any other updates. Might be worth considering as part of low hanging immediate fruit for critical stuff. And maybe in general depending on organization and threat posture might be worth imagining a worst-case scenario world where symmetric and OTP is all we have that's reliable over long time periods and how we'd deal with that. In principle sneakernetting around gigabytes or even terabytes of entropy securely and a hardware and software stack that automatically takes care of the rough edges should be doable but I don't know of any projects that have even started around that idea.
PQE is obviously the best outcome, we ""just"" switch albeit with a lot of increase compute and changed assumptions in protocols pain, but we're necessarily going to be leaning on a lot of new math and systems that won't have had the tires kicked nearly as long as all conventional ones have. I guess it's all feeling real now.
This may have been long discussed, but I feel like this war is the first time I've really thought hard about how big a target data centers would be in any sort of modern peer war and how that's an entirely new thing since the last time it was really on the radar (end of CW) right? We've built trillions and trillions of dollars in infrastructure in the peace time since, and it seems fairly concentrated. AWS is amongst the biggest there is, and according to mappers like [0] there are only around 240 operational total worldwide with another 130ish under construction. Like, in one respect that seems like a bunch, but vs the kind of attacks we see done in a matter of days in modern wars it's a pretty small number for the whole planet isn't it? In the first 24 hours of the war the US and Israel launched on Iran, they hit something like 1500-2000 targets. How hardened are the data centers? Are they in structures that handle some level of explosives? Do they have counter measures like internal blast walls dividing things into cells so a few hundred pounds of high explosive in one area doesn't damage outside the cell? I mean, of course like all data centers they'll have considered extensive countermeasures to fire, environmental threats, grid issues and so on. But has "nation-state level attack via mass drones or bombardment" been part of the threat model over the last few decades? Hardening of telecoms was certainly considered for old Ma Bell and such back in the CW days but that was a very different environment.
I guess it makes me think about what a soft underbelly this could be for a lot of modern society. There's always been consideration of threats to refineries and power stations and industrial production and all those big metal deals. But like, forget any sort of nuclear exchange, any sort of crazy super Starfish style big EMP, just purely a few thousand drones nailing data centers. Nobody even directly dies, just a lot of wrecked computers. What would be the cost of losing all the clouds and colo stuff? How long to replace, at what cost? How much depends on it?
Instead of targeting data center itself, it's far easier to target the electrical substation that powers the datacenter. It's relatively simple to do. Transformers require oil to cool themselves, and if the coolant reservoir is damaged, then they overheat and shut off. This exact infrastructure attack occurred in North Carolina in 2022 [0], where someone fired bullets into the coolant reservoirs and caused a several day power outage. The perpetrator was never caught. It's speculated a foreign actor did this to gauge the response in a future wartime scenario.
Most data centers have a dedicated electrical substation that powers it, so it's possible to target the data center without affecting anywhere else.
>Instead of targeting data centers, it's far easier to target the electrical substation that powers the datacenter
That has a lot of collateral damage that may or may not be desirable though. Simultaneously it might have quite a different long term effect right? If all the actual computers are unharmed they can be powered in other ways in an emergency, even if at much higher cost. Or powered back up later, the time lost might be militarily very significant but they're not gone.
But how many people and companies actually have full functional decentralized clones of all programs and data? How many people and companies have devices that are locked to remote hosts they expect to check in on at least once in awhile even if they're not "cloud dependent"? What if all that was literally gone, a few thousand missiles or drones and data centers are all just completely erased including tape backups, everything, suddenly we're in a world where all that compute and data is poof. And without hurting anything else, no traditional war crimes either, no power or direct food or transport disruptions. Everyone is fine and healthy, except with this huge societal exocortex gone.
Any cloud engineer worth their salt is going to have their programs be stateless and their data replicated across multiple data centers. Many cloud engineers are not worth their salt, but working in Big Tech, this has been table stakes for 20+ years. There are regular disaster drills, both scheduled and unscheduled, that test what happens when a datacenter disappears. Ideally everything transparently fails over, and most of the time, this is what happens.
The bigger problem is that a war is likely to hit multiple levels of infrastructure at the same time. So the datacenters will come under attack, but so will the fiber cables, and the switching apparatuses, and the power plants, and likely also the humans who maintain it all. High-availability software is usually designed for 1-2 components to fail at once and then to transparently route around them. If large chunks of the infrastructure all disappear at once, you can end up in some very weird cascading failure situations.
> Any cloud engineer worth their salt is going to have their programs be stateless and their data replicated across multiple data centers.
That doesn't help much in a shooting war, unfortunately.
Redundancy is great for uncorrelated outages - if a freak weather event or power problem knocks out data centres in London, and your backups in Paris and Frankfurt are unaffected.
But if there's a war and London is getting bombed? Good chance Paris and Frankfurt are also getting bombed.
It's not, unless you think part of the definition of "worth their salt" is never working for a company with bad resource allocation. And I don't see why it would be.
Not necessarily. Many backup generators can only run for whatever the insurance estimators have calculated is the time required to restore the grid connection and that's it. For example one common means of generating backup power is marine diesels, which are readily available. These use the ocean for cooling. If you're using them to power a data center you need to provide cooling water to run them, and when you've run through that they shut down. That's just one example, but in general you can't run backup generators indefinitely.
This is the same sinking realization people had after 9/11 when thinking about infrastructure. Just damaging one or two substations serving the downtown core of a major city could cause massive economic damage.
>1:45 a.m. – The first bank of transformers, riddled with bullet holes and having leaked 52,000 US gallons (200,000 L; 43,000 imp gal) of oil, overheated...
No, taking out the transformers, which can have lead times of three to five years, will result in the most long-term damage. You can't just pull one out of storage and drop it into place.
Ukraine has proven otherwise. A lot of European countries pulled them out of storage and gave to Ukraine. Of course there will be a limit to this if you destroy enough of them.
It’s far more difficult to replace a data center than to replace transformers. Ukraine’s electricity grid has been under attack for years and manages to replace and rebuild transformers and restore power within hours.
That wasn't thought to be due to a foreign actor though, more likely it was domestic terrorism. Why would the effect on a rural local power station ever be a good measure of a wartime scenario at all?
Right. The diesel generator radiators are also susceptible to the same attack. A few bullets to each radiator would cause a coolant leak, and eventually they'd run out of coolant, overheat, and shut off.
The gear to replace the power infra is more readily available than the thousands and thousands of miles of wire and fiber in a datacenter, plus all the equipment, batteries, inverter/chargers, maybe some diesel generators, etc.
If you want to do economic damage, you hit the datacenter.
If you want to turn the people of the country against you and mobilize them, then you hit the power infra.
In any significant war the Internet is going to go down. That's what has happened empirically in countries undergoing significant wars or social unrest, like Russia, Iran, Yemen, Ethiopia, Syria, Myanmar, and Afghanistan. While IP packet routing itself may have been designed to survive a nuclear war, there have been many centralized systems built on top of it (DNS? Edge caching? Cloudflare? Big Tech) that are essential to the functioning of what we know of as the Internet.
If your threat model includes war and you want to have some of the conveniences of the Internet, you should make plans for how to host local copies of data and develop local-scale communications for the people you regularly talk with. The Internet is too big of a security and propaganda risk for governments to allow it to continue to exist when they are engaged in a real existential war.
In the "end times" where computers stop working and we don't even have electricity, your dollars in your digital bank account will be equally useless, and dollar banknotes will be used as fire starter.
Bitcoin was never designed as a post-collapse currency.
Building blast resistant is a common practices for Refinery control rooms. The same methodologies can be employed for data centers as well.
1 blast can be expensively guarded againt. However designing anything above ground for sustained barges is practically/commercially prohibitive. Underground is only option.
PS: Civil Engineer. Designed few of those Gas explosion resistant control rooms.
> the first time I've really thought hard about how big a target data centers would be in any sort of modern peer war
Given the rapid and increasing rise of AI use in actually fighting wars, I suspect data centers won't just be a big target, they will eventually be the #1 priority target. Taking them offline won't just be of interest in terms of economic damage, it will be a direct strategic goal toward militarily winning the conflict.
Until it is clear that the use of AI in "actually fighting wars" doesn't put senior military people at risk of never being able to leave their own country again for fear of prosecution for war crimes, I'm not so sure that the "rapid and increasing rise" is going to actually be a thing.
> Until it is clear that the use of AI in "actually fighting wars" doesn't put senior military people at risk of never being able to leave their own country again for fear of prosecution for war crimes
I don't believe that's a real concern that the senior military people have anymore. War crimes are legal in 2026. That ship has sailed (and was double tap struck by the US Navy). Nobody is doing anything about it.
War crimes are unlikely to be prosecuted within the USA. On this we agree.
Which is why I specifically mentioned the risk of not being able to leave the country, because I'd be willing to wager a bit more than international prosecutions for war crimes are significantly more likely, and would be occuring in a world that is growing noticeably more "America needs to be taught a lesson" in spirit.
Primarily, countries should prosecute their own criminals. That's the whole sovereignty thing. If you don't, and these are international criminals, your country as a whole is what we call a state supporter of terrorism, or some such, if those international crimes have political goals and are directed against other countries and their people as a whole (and don't fit the high bar of self-defense). If the crimes are done by those in power, it's just state terrorism.
I'll rephrase my previous post for you, to make it clearer:
Lack of prosecution of high-level war criminals makes your country a state supporter of terrorism. (the claim in the post)
Because that's what US war criminal leaders do. They terrorize entire nation by threatening population's survival via destruction of all their power plants, which I assume includes nuclear fallout from their nuclear power plant.
War crimes have never been anything more than a way the west can punish its enemies. It’s hilarious people think this norm continuing is some refutation of the system as designed.
> War crimes have never been anything more than a way the west can punish its enemies.
They're the way winners can punish their enemies.
If Germany and Japan had won WWII, US/British/Russian military and political leaders absolutely would've been on trial.
At the same time, agreements between peer countries to follow basic rules have generally held. Note that neither side in the current conflict is using dirty bombs, or dropping nerve gas or bioweapons on civilians, etc.
> War crimes have never been anything more than a way the west can punish its enemies
That's a fair point, the major change isn't that we suddenly started committing war crimes, it is that we've dropped all pretenses of trying to justify why what we did isn't one.
Isn't that an improvement? It seems better to have people who are honest about what they're doing, even when committing war crimes. At least then people can have an honest conversation about whether the policy is working.
One of the most frustrating things about wars is people adopt policies that don't advance their objectives and then lie about what they're doing, what happened and why. This sets up an environment where militarys do things that aren't even in their own interests, let alone anyone else's, and the public discourse is busy arguing about some wild imaginary scenario that isn't related. Better to have people focused on the real world and accurately understanding both (1) what the policy was and (2) what the outcome of the policy was.
If I admit to killing someone in court, because I regret it, I acknowledge I have a debt to society I need to pay, and honesty is the first step on my route towards eventual reform - that's an improvement.
If I admit to killing someone because I want everyone to know I'm a tough, viscous killer and they'd better not piss me off or they'll be next - that's not an improvement.
You'd rather a vicious killer who pretended to be harmless and actively tried to fool you?
As to the behavior itself, I imagine the merits are heavily dependent on context. International politics depends to some extent on demonstrating a willingness and ability to engage in violence. That's not the whole story but it's definitely part of it.
Not really, IMO. Their goal isn't honesty and transparency, they just DGAF to hide it because they correctly realize there won't be any personal consequences for their actions.
They are still lying about most everything else - why the war was started, suppressing the amount of causalities, etc.
That would require a future president to choose to use the authorization.
President Davis The First isn't going to lift a finger to stop the ICC prosecuting former Secretary of Defense Hegseth, and, I suspect, neither would quite a few other potential future presidents.
Most of the world that did convert to Islam, did it out of pragmatism. That goes for Catholicism as well. Though a special part of my heart goes out to the pragmatic Quakers of the early US, who largely seem to have done it just to have a chance to thumb their nose at the government.
Ironically,the classical target, Washington DC, is less than 25 miles down a very simple highway to Northern Virginia's massive datacenter alley. Our national defense is ultimately predicated on heavy ordnance not being able to show up undetected in this part of the world. Hence the path preferred by attackers of burrowing into Azure signing keys or ransomware attacks on the grid. Much less hardware to transport.
While we're completely at the mercy of datacenters that we can colo out racks / power / upstreams from, it's a worthy discussion for any technology company that wants some amount of digital sovereignty over their presence online and ability to provide their service independent of a hypervisor / cloud provider (or even just a centralized location).
The best option is simply to anycast from any many distinct countries that are either neutral, or unlikely to be involved with any global or regional conflicts at any given time. You don't want them getting bombed at the same time!
Oracle are actually subletting part of Bynet's new-ish Har Hotzvim facility which has 2,400 racks but is probably power-constrained - I believe it had 16 MW when it went live, with passive provision for doubling that. Even if it's since been upgraded, that's still only 13 kW per rack which is pretty stingy these days.
As a very rough rule of thumb building down is about 4x more expensive than building up. So probably worth doing if you're Shin Bet (who I believe also have space in the same dc), but for the likes of Oracle it's only going to be used to serve clients with specific security requirements. Think of it as a halo project - more of a marketing exercise than something that's actually going to be used by the average customer.
The same goes for datacentres hosted in cold war bunkers etc - they always end up being too constrained in one way or another to be useful. The big facilities end up being built above ground and rely on geographic redundancy rather than trying to make themselves (literally) bomb-proof.
The way everything is so overleveraged on the success of these companies being packed into ETFs, it would probably take down the whole economy. You'd be able to shut down even more manufacturing without even destroying it just from economic forces. That is unless the US responds by nationalizing everything, which they won't. They'd rather it go to smithereens so someone has a chance to be made wildly rich rebuilding.
Communicating with submarines that are deep underwater is pretty hard. There are techniques like ELF (Extremely Low Frequency) but they require a small power station to transmit a few characters a minute.
Tangentially related but Iran wasn't much of a threat to the USA before Trump decided to attack it. And apart from Israel, nobody is backing this war. The sooner he realizes it makes zero sense, the better for the whole world. It seems that apart from Russia and the USA, other countries are not so eager to start wars. And what is happening now is a bitter lesson also for China: starting a war is easy, winning it is nearly impossible. So I hope we won't really start to build all infra in under-earth bunkers after all.
Then ask yourself why is the US so aggressively trying to switch the world to a martial stance.
It’s a rhetorical question, of course, because we all know it’s because China is winning the traditional economic game on the manufacturing the McKinsey and Bain class sold out for decades and therefore military will have to become the new leadership measuremen, only appreciating as an asset in a less safe dog eat dog world.
The Thiels and friends who came up with this shit of course have their own infrastructure in their end time bunkers, but however stupid this gambit sounds, it’s what’s being played right now.
Agreed that Govt/Military runs on AWS/Azure/whatever. They care about "security" in a "virtual" sense, but I presume soon we'll see requirements like: "Must Have: Missile Defence Perimeter" next to the "Must be FIPS compliant".
Sovereignty and self-sufficiency are big topics. The US centric cloud at least is killing itself through geopolitical risks for gov customers outside the US. Literally number one operational risk now.
But aren't they pretty hard to hide? I mean, they cover a lot of grounds, they have lots of infrastructure leading right to them...even if someone makes a few wrong guesses, it's going to be easy to find where the data centers are.
>Disclaimer: Please be aware that Amazon Web Services does not list its data center locations publicly. Hence all AWS listings in our database are based on publicly available information from third parties, open databases, property registries, construction applications, permits, tenders, news coverage and our custom research. There may be incorrect or outdated locations, as well as locations missing.
>We've built trillions and trillions of dollars in infrastructure in the peace time since, and it seems fairly concentrated.
and thus is easily defended. It would be a pocket change - tens of millions - for AMZN to put say a Rheinmetall Skyshield https://en.wikipedia.org/wiki/Skyshield at the data center.
Considering how hard US military bases and radar systems have been hit (and those are not city-sized target) I am unconvinced that even AMZN's pocket change could realiably protect against the kind of attacks we see in this war
How they were hit? Multiple drones overwhelming relatively small number of air defense systems. Systems like Patriot are great against several very capable targets like ballistic missiles. Such (expensive centralized) systems do much worse against multiple widespread targets like an armada of low flying low speed drones (add to that low speed cut-off filter to avoid hitting general aviation and the likes).
Heck, even just soldiers with MANPADs would have easily shot down those drones (you just have to distribute those soldiers to all those strategic objects which hasn't been done)
We have classic situation here - everybody have been watching Ukraine war for 4 years, yet nobody has prepared for such style of war.
>I am unconvinced that even AMZN's pocket change could realiably protect against the kind of attacks we see in this war
No even low flying slow drone - pretty typical situation of top Russian cruise missile shot down by Gepard
Also AMZN has its own drones dept - in "hot" zones in "hot" times they can put several people with drones (in the high speed configuration) to be used for interception. This is basically how Ukranians have been doing, and that is an experience they are now exporting to the Gulf states.
>if you dont colo your own servers you don't own anything.
I'm confused, what does ownership have to do with this particular failure mode? The issue here is a (for many) unforeseen new tradeoff involved in centralization. Colocating at a central place has the exact same tradeoff in this case: bandwidth is vastly more available and cheaper towards the core, and there are significant amortization gains to be had with a lot of basic shared infra. But it's also one big structure holding a lot of computers and infra everyone is depending on, that's the whole point of it! We're all sharing network backbone and power filtering/redundancy and so on and so forth, vs paying for that separately. That means a missile or drone or bomb hit to the building still hits all of us whether we own the servers there or we're running workloads on someone else's servers.
The only responses are either central counter measures or decentralization. Both have significant costs and complexity, that's why it wasn't just done proactively right?
I don't think it is. There are many many cases where you do want to own them.
The people you rent yours from are making a shit load of money so it doesn't sound that bad of an idea
I buy lots of things from people who make a pile of money from low margin goods/services sheerly on scale. There are many things i could not reproduce more cheaply from constituent parts, even if i value my time at $0.
This has been submitted already over the past few days, but it didn't get traction and I think it's important enough to be worth another spin. Apple has relented and made 18.7.7, the latest security patch series for iOS 18, available to all iOS 18 capable models, not merely the limited number that were dropped for iOS 26 support. So if you (like me) had just grimly determined to skip 26 and hope to be ok until 27 being hopefully better, there is now a better option. If you did one of the 26 nag avoidance tricks and joined the iOS 18 beta channel you will need to turn that off for the 18.7.7 update to show up, and you'll have to scroll past the big prominent iOS 26 update notice to find it below as a smaller Also Available.
One thing of somewhat interesting note: as far as I can find they didn't release any standalone signed IPSW file for most devices like they universally have in general, only for a few old ones. Perhaps because if there is an actively signed IPSW they don't have infra in place to prevent people from downgrading back to iOS 18 from 26? So update has to be done from on the device not via Finder or iMazing or the like.
Do you have any opinions on how this works vs doing iSCSI to some other storage system using ZFS? That's how I've been handling Proxmox on the backend, and have mixed feelings. The GUI leaves a very great deal to be desired in honestly curious ways, have to touch the CLI a lot even for super basic networking or auth stuff, and of course neither side has the same insight to the data structures in question. Either you've got to do ZVOL instances and thus manual effort or scripting, or you give Proxmox a single big blob then let it manage that with LVM but that means the storage side can't give any granular help on snapshots and the like. It still can deal with data integrity and backups and storage redundancy and all that but no further, and some increased overhead. But on the other hand, I do feel like a really firm separation of concerns isn't without value. Having native support though is an interesting alternative I hadn't really considered.
Too late to edit, but just as a note for anyone else who gets confused by my post: I was not paying careful enough attention and missed/misread the "backups" bit in the parent post, completely my fault. As far as I can tell from reading through the (quite pleasant!) documentation [0], Sylve does not (at least for now) support any sort of network storage for direct use as the VM backing store, though as it is FreeBSD underneath it's presumably doable to get something going from the command line. I'd thought they'd somehow managed to set something up so you could directly use another ZFS system via SSH as the primary backing store with management which would be pretty awesome. It still looks like a beautiful design, but since I'm pretty invested right now in separating out storage into its own hardware vs where compute happens it'd be hard to setup nodes as AIO for the near future at least here.
Still an awesome project to learn about and I hope it's successful.
It's funny, I love how FreeBSD manages iSCSI even though I have only used it a few times, I put it in my to-do list but never really got around to writing a UI for it. Come next release (v0.3.0) I will definitely integrate it because as your put it's quite necessary to have that as a way to isolate storage from the main system.
Not sure you'll see this so late but just wanted to say I really appreciate the reply and learning about this project. I've been working to switch myself and various places away from perpetual ESXi licenses as it finally starts really getting old, and while I'm thankful Proxmox exists I've always loved FreeBSD (was kinda bummed when TrueNAS moved from it) and Proxmox can be irksome. Even at such an early stage Sylve already looks like it's clicking nicely. Excited to see next release and what comes in the future.
It's become a family favorite film we tend to watch each winter now. All ages can take something from it.
reply