this post was submitted on 06 Dec 2023
16 points (94.4% liked)

Australia

3624 readers
463 users here now

A place to discuss Australia and important Australian issues.

Before you post:

If you're posting anything related to:

If you're posting Australian News (not opinion or discussion pieces) post it to Australian News

Rules

This community is run under the rules of aussie.zone. In addition to those rules:

Banner Photo

Congratulations to @[email protected] who had the most upvoted submission to our banner photo competition

Recommended and Related Communities

Be sure to check out and subscribe to our related communities on aussie.zone:

Plus other communities for sport and major cities.

https://aussie.zone/communities

Moderation

Since Kbin doesn't show Lemmy Moderators, I'll list them here. Also note that Kbin does not distinguish moderator comments.

Additionally, we have our instance admins: @[email protected] and @[email protected]

founded 1 year ago
MODERATORS
 

I assume this is the genesis of a Five Eyes cloud platform.

Questions for me are which commercial partners are in the mix, and how will they ensure TS-level security?

I guess we'll never truly know, but it's hard not to worry about the implications of this.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 1 year ago (2 children)

Not so "Top Secret" any more, now that it's been in the news...

[–] [email protected] 2 points 11 months ago

Although I might be telling you something you already know (and at risk of sounding really boring); it sounds like what they're really doing here is standing up a system that is certified to handle data up to "top secret" classification. The fact that such a system exists, in and of itself, is clearly not a secret.

There are a huge number of requirements for systems handling data like that, everything from specific requirements for how physical cables are labelled, to which cryptographic algorithms are used for encryption, all the way through to corporate governance and management plans within the organisations that are involved. It is essentially a giant exercise in bureaucratic box ticking (although I can understand why governments want to be thorough about this stuff).

After completing that entire process, what you're left with is usually a fairly standard computer system, plus a whole bunch of assurances that this specific system is okay to use for "top secret" information. The actual capabilities of the system (and certainly the data within it) may well be top secret, but the existence of the system isn't.

It's broadly similar to the GovTeams PROTECTED system. The existence of the system itself is public information, complete with a relatively slick website, but the actual access to the system is controlled. A quick glance at that website makes it clear that GovTeams is essentially just MS Teams / MS365 but certified for "PROTECTED" information. In the same way, I would bet money on it that this "top secret " cloud system ends up just being a fairly standard commercial offering from a major cloud provider (Azure, AWS, etc.) which is approved for storing top secret information after the parties involved complete the required box ticking.

[–] [email protected] 1 points 11 months ago

No need to be top secret when no one can stop you and you’ve made it almost impossible to live outside the system.