Comment by hn_throwaway_99

6 years ago

Just ... wow. This is an egregious abuse of monopoly power and is exactly the kind of thing that antitrust laws are supposed to address.

I was certainly naive when I heard about other big retailers who would refuse to allow any subcontractors to use AWS. "Surely Amazon has a Chinese wall" to prevent that kind of data sharing, I thought. Never underestimate the lack of morals in business is the right answer I guess.

10 comments

hn_throwaway_99

Reply
TimSchumann  6 years ago

> "Surely Amazon has a Chinese wall" to prevent that kind of data sharing, I thought. Never underestimate the lack of morals in business is the right answer I guess.

It’s remarkable to me how many competent programmers with years or decades experience in this industry don’t understand —- If you’re using AWS, Amazon has access to ALL of the data you put on AWS.

Not that they 'can' or 'want to', given the current state of technology they absolutely have to have access to all your data for AWS to function.

There isn’t currently a feasible technical way to work around this. And to head off all the ‘but FHE’ comments, see the ‘currently feasible’ above.

  • hn_throwaway_99  6 years ago

    I'm not talking about not having any access in the technical sense. I'm talking about a "Chinese wall" whereby people who work for AWS supporting customers should absolutely not be able to inform any of the teams that build new Amazon services. These types of Chinese walls exist in many different industries, perhaps most famously finance, and when these walls have been "breached" in the past it has resulted in huge scandals.

    • Aperocky  6 years ago

      I think your understanding is true, unless the claimant elaborate what those data is and how his team got it, I do not understand how it would have worked.

      Access records for public services have a very detailed iam audit trail that logs people who accessed what at what time, and service teams don't get to just jump around that. Maybe they can see some metadata but certainly not actual data in an S3 bucket somewhere.

  • anonymousDan  6 years ago

    I think enclaves are a more practical near-term solution for data privacy, but they don't prevent Amazon from identifying successful businesses based on e.g. resource usage growth.

    • TimSchumann  6 years ago

      I don’t think the ‘enclaves’ concept addresses the root of the issue I was getting at, which is for there to be useful computation done on the data it must be unencrypted.

      Even with ‘enclaves’, from what admittedly little I know about them, you still have to have the key to decrypt things on the machine somewhere, which means whoever is running that machine for you has access to your unencrypted data, and we’re back where we started.

jariel  6 years ago

Amazon does not access private S3/Ec3 data for retail competitive purposes.

The comments above indicating 'well someone has access' - yea, obviously, it's data hosting. Someone has access.

But the amount of conspiracy here is frustrating.

Amazon will play very aggressively within the bounds of the law, meaning, if they can glean public info about something, or look at their own sales data for a product, they will do that.

But to look at s3 data would risk the entire empire.

It's rational for people to be a bit skeptical, and so Walmart can say 'no data on AWS' but it's also an easy thing to do.

Now - is it possible that new retail PM, who used to be an AWS PM, and who for some reason still had access to things he shouldn't - went ahead and did that? That could happen. And maybe his boss finds out and looks the other way but calls IT and tries to have the loophole closed quietly. Etc.

As a policy are they trying to copy your product and even ask you for information and aggressively pursue customer data? Yes.

As a policy are they looking at your S3/ec2 data - no.

  • pal_9000  6 years ago

    I dont think its just about playing by the book of law. I'm sure they also consider optics and trust in the brand.

    • jariel  6 years ago

      As a company they do, and that's how policy is set.

      But individual actors are individual actors, in a company of 100 000 people, some will go astray.

      They are pushing their 'white label' stuff agressively, I have no doubt the PM's have zero qualms about using Amazon.com sales data to their advantage.

      But I also submit that retail PM's actually getting access to private S3/EC2 is totally rubbish, at least by any policy or scale.

      They could be sued for billions in each case of that breach, and the resulting PR fallout would be impossible.

      Imagine you are the VP of AWS - you make all the profit for Amazon.

      Are you going to somehow allow some dirty Retail PM access to your customers data?

      When your customer finds out, and tells the world, and it gets in the press, what happens?

      If your ABC startup had evidence that Amazon was creeping on your data as policy, you'd have to dump them instantly.

      They could say goodbye to every government contract.

      If you are Bezos - would you risk the entire Brand and the cash-cow to move some low-margin pair of shoes and USB hub?

      So no, I think the firewall between AWS and Retail is systematically legit.