I'm hoping that this article acts as a catalyst for the Dutch government, and other EU governments, to move everything away from American clouds.

Is the idea that they're more ready to listen and take action because of recent executive changes in the US, even though the cost of doing so has gone up by 100-1000x and the possibility of a joint retaliation from US tech giants and the government working in concert is now much higher?

I hope you're right, but one of the rough dislocations of the present moment is the disconnect between how europeans conceive of their sovereignty and the reality of their economic, military, and cultural fragility in their relationship with the US and US companies.

No amount of grandstanding rhetoric and appeals to "courage" changes that if there are any serious economic consequences (caused by US/corporate coercion or otherwise), the government would likely fall and be replaced by someone more amenable to the status quo. What feels like a small price to pay for someone focused on security long-term may be an unacceptable price for someone focused on short-term outcomes in their political fortunes.

I believe so, yes. I don't think Americans realize how profoundly the last few weeks have affected European political thought. It'll take a while before you see concrete changes. Europe is like a mammoth tanker, slow to change direction, but practically unstoppable. I believe that it's more likely now than ever before for European governments and businesses to sever their dependency on American technology. Lots of comments in this thread explain how hard this is, how big the feature gap between, say, AWS and OVH is, but as a European entrepreneur I gotta say, this looks a lot more like an opportunity than a problem to me.

- Compute (vm, k8s, containers, faas)

- Storage (disks, file shares, S3)

- DBs (relational, document)

- User management and access control

- SDN

- Configuration management

- Secrets management

- Key management

- CDN

- DNS

- Domain and cert registration

- Email / SMS

- Messaging broker

- Streaming broker

Preferably all in the same place and at least somewhat integrated with each other. I'm not spelling out logging, auditing, IaC and other supplementary features but rather core functionality.

That seems to me like a minimal set of services a cloud provider must offer so that clients would work on "service assembly" instead of "building from scratch" or "integrating integration-hostile products".

If those very basic precautions had been taken, migrating to a Euro cloud, or a private environment (open cloud stack) would be trivial.

If not, a lot of people should be fired...but granted, there are a lot of stupid people out there...

All that said, I'd say the concerns around this are vastly overblown.

There’s a million little proprietary APIs and the temptation to glue one to another, especially circumstances like AWS where they use lambdas for basic functionality that should have been just provided by the cloud provider itself.

Though I've cursed it for years, I'm increasingly glad our org's cloud migration has been so slow that we've only now rolled out the first apps. Pretty much everything we've build can be run anywhere we want, so if it's time to drop the ball and go back to onprem, we've not wasted anything but time on setting up the base

Coming from IT land, the answer is simple: you don't use them in the first place, and you grit-and-bear the replacement cost if and when the time comes. This is a negative on my research notes, slide decks, and papers when it comes to evaluating various cloud platforms for our workloads, and yet it's also the number one reason we're forced into a specific provider (some leader loves their proprietary tooling, and forces us to use it).

Look, I'm not saying these proprietary tools are bad, per se, just that they have a steeper cost than initially presented to the consumer in terms of architecture complexity and inevitable migration. The very first question you should be asking before consuming niche or proprietary products from vendors is, "Can I do this in a standard way that's more portable?" For stuff like Azure Functions, the answer is emphatically yes - but it comes at the cost of managing additional infrastructure, which is often the main reason companies want to use those tools in the first place (a misguided notion about throwing out infrastructure to save money).

As for the solved problem of compute (VMs and Containers), well, literally any cloud provider should have that ready to go. The question is whether or not your org is willing to retain the talent needed to build and support your clouds internally, or if they'd rather pay higher outsourcing costs with vendor lock-in instead.

The networking stack in Azure or AWS are so different that they require a different mindset to work, especially securely. If your networking needs are simple you are very lucky.

Often there are proprietary solution to proprietary problems you would otherwise not have in the first place.

I used AWS for a long time but I am back to hosting myself. What arcane network requirement would that entail? I don't think there are benefits even for government scale problems.

The private links in Azure are particularly specific.

After you translate the vocabulary, the process is pretty similar until you get to security items, like ACLs or packet-inspection firewalls. You're still setting up VLANs in the form of subnets, routers in the form of transit gateways, sites in the form of VPCs, inter-site connectivity through peering connections, you get the idea.

If there's one thing I've learned in my IT career, it's that most "new" ideas are just rebrands of existing concepts, and that the real expertise comes from being able to translate marketing-speak into concrete, interchangeable fundamentals. Public Cloud is, largely but not entirely, no different in this regard.

For hosting their government's own specific computing needs, and assuming a respectable GDP, they can build their own datacenters (pretty trivial) and hire contractors to build cloud computing environments (more challenging).

Open source cloud isn't too hard. There's OSS for about 80% of software needed for a cloud computing service provider, and you fill in the rest with proprietary and custom stuff. There's already several providers (one in the US, several in the EU/other countries) that offer "public cloud" using OpenStack. They literally give you, the customer, your own OpenStack cluster, and bill you for what you use. It's insanely easy and powerful. Yet everybody still uses the more popular providers (DO, Hetzner, Scaleway, etc), despite the fact that they all have proprietary interfaces, without anything close to feature parity with OpenStack. I guess people really like vendor lock-in and lack of features.

The hardware is more challenging to source; the chips all come from Taiwan or China, and the US and China make most of the good hardware.

For private business in their country, they might offer grants and tax incentives to EU companies to build out more local cloud hosting services. But since it's the EU I'm sure it's massively more complicated than that.

- Outside of the Telco sector, OpenStack is basically dead.

- Even within Telco, everyone sees the writing on the wall of OS being dead and is looking to make the jump.

- OpenStack is a cluster of poorly-interoperating, poorly-documented products -- The customer experience is fucking terrible.

- DO, Hetzner, etc all offer a superior product.

- None of those products even come close to touching the features of the big three clouds or even Oracle.

If your needs could be well-served by DO, Hetzner, etc., then your needs could be well served by racks in a colo.

Past that scale, American cloud providers are really your only option if you want that level of automation.

(Or Chinese cloud providers, but largely assuming that's a non-option)

I know OpenStack is a tire fire to maintain, I've worked with it for large-scale on-prem data solutions. But if a company wants to kill themselves to maintain it for me, I'm happy to pay for the privilege.

But that's also the point of my other comment in the thread -- a French company builds basically all of the physical infrastructure that datacenters run on. This attitude can be applied both ways.

I assume you were unfortunately a victim of Mirantis/Fuel/Puppet/Mcollective... or one of the 'converged' solutions.

While I wouldn't call OpenStack "fun" Especially in the Essex to Icehouse era, where vendors seriously impacted the code stability...It is just a well documented collection of separate components that interact using REST api's and RPC like calls over a message bus.

Nvidia, Cern, JPL, and lots of smaller companies that need private clouds and have the expertise are still running OpenStack.

For me the main value is the ability to have portability between public and private.

If you just use the ansible playbooks included in every OS repo, it is pretty easy to roll your own deployments that are quite easy to maintain if and only if your company is mature enough to follow that model and isn't subject to the soicotechnical issues that plague containers too.

While the workflow changes, the hard parts of OS and k8s, including networking, monitoring, etc,.. are exactly the same.

As a random example of what always screws this up let me point at kubespray, which is not unique at all.

Note the: > Remove docker requirements https://github.com/kubernetes-sigs/kubespray/issues/6400

That is because, like many projects, they didn't respect the natural boundaries of the node components, and they are now paying the price for that debt.

k8s and OS from an infrastructure point of view are equal in complexity. It isn't instantiating a container with CRI foo, or libvirt command bar that is the hard part.

It is the distributed computing, virtual networking , resource allocation, federation, API's etc... that is hard.

Note, if you think that the "OS is dead" for all needs, especially in the telco space, you may want to dig into what containers actually are. They are just namespaces running on an OS, and it will still be horses for corses as to what is appropriate.

Especially if you are using the easy ways of instantiating hardware for k8s, almost all of them are highly insecure by default and you are going to have to dig into the same style of systems with similar components or you will have a leak of data at some point.

I wish there was something better than OS, but if you use a dev mindset and not a glass house IT mindset it is a very useful tool that may be the least worst option for you for some needs.

It's about the endless bugs and regressions and laundry list of stupid problems caused by inadequate processes by OpenStack developers.

For example, let's say you're running Cinder v3. Cinder 3.59. You want to get the volumes that you have attached to an instance, so you curl the API:

/cinder/v3//attachments. You get a 404.

You get a 404 because you didn't pass this header: "OpenStack-API-Version: volume 3.27". Because Cinder defaults to Cinder 3.01 behavior even when you're running 3.59. Attachments were only added in 3.27. So even though you're trying to curl a route that wouldn't even exist in 3.01 and you're running a version clearly later than 3.27, the API responds as if it's Cinder 3.01 unless you specifically tell it to do otherwise.

And this is just one of the laundry list of stupid situations that I can remember off the top of my head.

When the thing isn't otherwise failing all the time.

It is common for message based systems for the target system to own the contract, and they have both the / and /v3/ endpoints that you can grab the version information from.

This is documented BTW:

https://docs.openstack.org/api-ref/block-storage/v3/index.ht...

While I personally prefer the URL method, when versioning through custom headers, if you bump the API without that custom header, you will break way more than returning correct behavior for the minimum supported version, enforcing backward compatibility for API's is generally considered a best practice.

Note:

> If the OpenStack-API-Version header is not provided, act as if the minimum supported version was specified.

https://specs.openstack.org/openstack/api-wg/guidelines/micr...

Once again, fully documented, expected behavior.

- The one I have experience using is Genesis Hosting out of Chicago. Their website looks like it's from 1997, because it is from 1997... But they provide a nice OpenStack solution that works well.

- I haven't used Vexxhost, they seem to provide something OpenStack-related, but their website is all marketing bullshit, so I have no idea what you actually get.

- RamNode seems to provide access to the OpenStack API.

In Europe:

- OVH Public Cloud is still short on details, but based on some verbiage buried in the marketing BS, it looks like you do get an OpenStack interface.

- Open Telekom Cloud by T-Mobile seems to give you an OpenStack interface.

- Acville Cloud is based in Romania.

- Cyso Cloud (formerly Fuga Cloud) is based in the Netherlands.

- IntoVPS seems to provide its services on OpenStack, but no idea if the API is open. They build a custom OpenStack console called Fleio.

There's a lot more listed here: https://www.openstack.org/marketplace/public-clouds/

Admittedly they have a new CTO who according to our support agent is very focused on improving that, so here's hoping, because otherwise their tech offering is very convenient.

I’m not sure what this looks like outside of the US, but colocation providers offer racks of machines, or to host your machines, while providing access to cheap bandwidth and peering capabilities. It’s absolutely possible to move away from the major cloud providers. However, it will require a degree of investment within your organization to support these deployments no matter which you choose, which could be a new investment compared to using AWS, GCP or Azure.

It's not just kubernetes and openFaaS, what about that thing that's a virtual appliance and requires a VM, now you need KVM. Network and firewalls? Storage as in fully replicated cannot ever lose a byte or have it unavailable storage? Object as well as block. Databases, point in time restores/backups/automated maintenance for postgres and then you've probably got a mssql server for that one app, and mysql for that other app.

It becomes just a fairly massive task back in the real world.

I'm not too familiar with the whole range of AWS offerings, but I really think aside for DBaaS and FaaS OpenStack can cover pretty much everything someone would need, especially combined with Ceph for storage.

All opensource.

It actually takes work to setup and run we are not just installing some packages and then pretending you can scrap aws.

S3 has 99.999999999% durability as standard.

I see your point that it's not technically 100% but, as close as can be reasonably achieved.

I guess you can say the code is still backdoored / untestable but it seems that could be audited.

> People also fool themselves that special keys and “servers in the EU” will get you “a safe space” within the American cloud. It won’t.

The problem isn't sneaky backdoors, the problem is that the King of America can order Google to shut that thing down and Google will have no choice but to comply.

I guess the King of America could still shut down the ability to provide support updates.

I also don’t think anyone can count on extra-judicial demands from the current executive branch.

Am I wrong or misunderstanding something?

So that seems to be the value add. Of course the software will eventually need updates...

They are about to go live in a few months.

This is a good option IMHO, and we're about to migrate some of our workload (currently 100% on AWS) on it.

We use EKS, RDS on standard PG, SSM and S3. S3 is a standard now, SSM can be replaced by something else fairly easily, EKS and RDS are just managed open-source software. So it's mostly an added burden on the devops side.

Don't build them. Vendor lock-in is a real problem: even if there are no political issues, it's a business risk because they can charge you whatever they want.

Also, the cost of migrating off these things is usually overestimated. It's an HTTP request, for crying out loud.

But my concern is for those that have built something as Azure/AWS only, who are now stuck with the bed they've made. Sure, there are lessons to be learned here, but if the volume of these is too high, then there will be pushback on any meaningful change since it will be too expensive

Replace (most, not all) crusty apps with a web version - sounds good to me. Put it in the cloud - that's optional.

Each time the discussion on moving to a US based provider was a big consideration, particularly the use of managed services that involve data was a hot topic. Part of the risk assessment was considering what the consequences might be if the US government became a bad actor. It was seen as high impact but extremely low probability. Starting to look like we got that part of the assessment wrong.

I think it will take time for the impetus to move to US clouds providers to slow and reverse but I'm not sure I'd be surprised if it does happen now.

by the course of looking for programming job, i have scanned hundreds of job-ads, incl. governmental. everybody-and-his-dog requires AWS/Azure/GCP knowledge as if it matters thaaaat much. These cloud-y things have become a mandatory buzzword, and i am not talking about sysadmin/devops.

In my last gig the system was kept cloud-agnostic, so moving between providers or on-prem be possible at any time. And i as CTO kept that good thing, although had to resist some pushes. But seems such cases are few - most places now dream of hyper mega-giga-scale and Lambdas and Big-queries.. while doodling few thousands of requests.

Lets see if there's any wind change.. vendor-lock is a real thing, with much deeper (architectural or life-cycle) consequences than usually perceived.

Someone knowledgeable should have seen this before, this is a core issue when setting up a strategy for digital systems. And this isn't an issue between "purists" and the rest, that is a false dichotomy. The decision was simply to outsource infrastructure to systems you have significantly less control over.

Might work for 15+ years or it might not. I doubt anything will be done now, investments are probably too high. But it is an issue with lacking foresight.

Between countries and the main task for intelligence agencies is industrial espionage. The Dutch government, like many others, decided that exposing themselves is no issue.

I disagree that it has become a problem only now, this is due to his narrow view on politics and a bit naive in my opinion.

I'd rather have my data end up with Google/Amazon/CIA than it ending up everywhere on the internet due to poorly configured DIY servers (and at twice the cost probably).

It is Russian gas all over again.

But EU citizens genuinely care about privacy, in part because of decades of totalitarian and near-totalitarian regimes.

There is another risk underpinning this, I'm not familiar with this so it's mostly hearsay on my part, but foreign firms in the US routinely get completely screwed in US courts, and fear the seizing of their data in discovery processes or other ways. The data sharing agreement was made to provide some degree of clarity or assurances in this regard.

I've met managers who are convinced that if they're not careful, their IP and business data will get stolen by their US competitors through various legal or less-legal means. EU executives have been detained for days at the border on suspicions of terrorism to coerce them into selling US assets. I can't judge if this is paranoia, and maybe those companies could make use of better protection against Chinese hackers but there's certainly some truth to that.

You're going to need a citation on that sort of thing, because I'd expect it to be a much bigger deal.

The EU's biggest exports to the US are cars & pharma. I guess the VW diesel situation could be seen through that lens, or the GLP1 compounding rules.

> To all the people saying that this is nothing new

An EU state wants to boycott or regulate American business? I don’t know how that’s new.

The US is far ahead of most countries when it comes to government use of the cloud. Other developed countries often learn how to do it from the US but are less comfortable with the technical requirements, which slows down adoption.

It’s the best of both worlds, they get the decades of research Google has put into systems engineering and fault tolerance while retaining the security of having their own servers.

Not that they're the only ones. Israel has been busy stuffing investment cash into the pockets of Unit 8200 members so they can found security software and service startups coughSnykcough

The government doesn't have leverage. The government is Amazon and Microsoft's leverage against others.

I make the parallel with "gold." Whoever has your gold, got you by the hanging spheres.

Given the importance of data today, I am baffled common citizens are not familiar with the "Data at rest" principle.

If a country's citizens want to give away their data, it's well within their right to do so. At most, the U.S. Government should educate about it, much like tobacco dangers.

Having that said, U.S. citizens with clearance and/or government employees should be subject to data loss prevention measures, like they already do[0].

I'd be forward for a ban if it was an issue of public mental health, but the U.S. Government cannot take that angle because they'd have to kill Meta Platforms as well. They know they can't, Meta lobbyists will not allow that.

But restricting TikTok based on data control and free speech liberties, that's overreaching. I've already seen TikTok videos of people saying they'd stamp their U.S. passport on the forehead and give it to Chinese ByteDance rather than use Instagram. It is well within their rights to do so if they so desire.

--

[0]: https://www.pbs.org/newshour/politics/why-tiktok-is-being-ba...

Ban TikTok? Do whatever, I don't use my account. I deleted the app long ago.

Why do you do it? Fight that tooth and nail. Do it for the right reason and be consistent.

To be clear, this was 10 years ago so things may have changed. Also, my task was memory bandwidth limited, where even changing the memory access patterns slowed things down by 10% or more.

I think it's obvious that some secrets should be kept. It makes little sense to expose our nuclear secrets, counter espionage, or ongoing investigation efforts. But how far does or should that extend? Should everything the NSA/CIA/FBI/IRS does be secret? Should they stay secret for years or decades or forever?

IMO, the US goes too far in it's secrets. Stuff gets classified that just makes the government look bad and that's dangerous.

And that's where I'm somewhat less concerned about putting US secrets into the cloud. Sure there's highly sensitive stuff that shouldn't go there, but there's also a lot of stuff that shouldn't have been a secret in the first place.

GovCloud claims that it's used to "manage sensitive data and controlled unclassified information (CUI)."

I don't think the US government is dumping classified info onto corporate cloud environments judging by this description from GovCloud. But there's plenty of info that's sensitive but unclassified and the government does need to function in a lot of ways that doesn't involve state secrets.

https://aws.amazon.com/govcloud-us/ for more of a description of what GovCloud actually is.

This fact conveys information. Namely, how tightly bound these supposedly independent services like AW GovCloud are with the government itself.

Which also tells us how much direct access the government has to all the AWS (and all other providers) infrastructure.

For the former, confidential compute is far enough along that this data can in fact be secret from the hardware owner. This is vital even for on-prem hardware -- IT folks and techs with physical access shouldn't have access simply due to proximity.

For the latter, sure, but this is very expensive. It goes well beyond owning the hardware.

At the moment, the US government seems to be mainly focused on causing headlines to make their base happy who want quick victories and have not shown resilience to simplistic takes, and - of course - to make the opposition party and their supporters panic.

It seems the Pentagon audit process only started in 2018, and Congress gave a deadline of 2028 to pass a fully clean audit, which they have made progress on:

> Of the 28 military agencies, DoD leaders think 11 are expected to receive clean audit opinions, one more than the previous fiscal year.

[1] https://thenationaldesk.com/news/fact-check-team/pentagon-fa...

Governance, Risk, and Compliance has been missing. Too many decades of nepotism, insider trading, corruption ( starting with lobbying ), have led to the lack of transparency. The movie “The Big Short” has explained some of these issues.

* More creative threat-modeling.

* More effective prevention measures.

* More vigorous mitigation & stonewalling attempts.

* More rapid remediation & rejection of the intrusion.

Especially for a threat vector that was telegraphed so openly so far in advance. The circumstances might be unprecedented, but they're not at all surprising.

There are plenty of mitigation and stonewalling going on, but mostly through the courts.

Executives must have some power, or else the process itself becomes the executive and there's no ability to respond to anything.

If there's anybody to blame, we must place the blame on the executive wielding the power, and those who have enabled this to happen by putting that particular executive in power by subverting the traditional vetting process. If a political party no longer performs basic vetting of that level then the entire party should probably be eliminated.

> In the CNN poll, Musk having a prominent role in the administration is viewed as a “bad thing” (54-28) by a nearly 2-to-1 ratio. The Post-Ipsos poll showed Americans disapprove by a similarly wide margin (52-26) of Musk “shutting down federal government programs that he decides are unnecessary.”

> And Americans said 63 to 34 that they are concerned about Musk’s team getting access to their data, which is the subject of high-profile legal fights.

> Even 37 percent of Republican-leaning voters said they are at least “somewhat” concerned about Musk getting their data.

https://www.washingtonpost.com/politics/2025/02/20/trump-pol...

He said it was what he was going to do, he was up on the stage, I heard many many people salivating for DOGE cuts like this before the election, and even today.

I agree, and frankly anyone feeling "surprised" right now probably still thinks strongly worded emails and letters are enough to solve the problems they're just now seeing. Those things rely on a stable democracy where constituents and what happens to them matter at all.

No, it’s completely different than that. Some of them I’ve talked to, they’re confused about this Musk Internet guy. And they’re confused why their news isn’t giving them the predictive edge those aware of Project 2025 seem to have in conversation. “I guess we’ll see…” “I guess we’ll have to have hope…” The same people willing to accept fabulist conspiracy theories for non-white-male candidates now openly rely on faith-based appeals about the character of the richest man in the world.

He may not have won the popular vote by much, but he certainly has a dedicated base of staunch supporters.

By their unceasing jeering, bright hats, and constant online presence I'd be surprised if there's anyone hasn't noticed them by this point.

Somehow it's worse than in 2016

People like him don't spend without an expectation of something in return.

The more surprising thing is the amount of people who think successful capitalist = successful political leader, when the incentives and constituencies are drastically different.

If your unencrypted data flows through any AWS memory or compute, or if your encryption key flows through any AWS memory or compute, then AWS *can* access that data.

If your data is well encrypted they practically don't have any access to any of the information except how much of it there is

Bookmark this comment, because my read is that in five years' time the question won't be whether or not public cloud providers can be trusted, but how to engineer infrastructure on cloud providers you cannot trust. How do you encrypt storage on a cloud platform when you can't trust the vendor's tooling to secure your keys? How do you orchestrate K8s clusters in a provider who knowingly gives a hostile foreign government access to your etcd or network layer? How do you handle data boundaries within your own org when multiple countries with competing standards demand residency of data and infrastructure? I worry it'll be the "Chinese Firewall" problem but on a global scale, as different regions carve out their own digital kingdoms and demand fealty or expulsion.

Although with Microsoft's recent breakthrough in their quantum processor, I'm not sure whether quantum will be a help or a hindrance.

same companies that also happen to have advertising and data mining as primary functions. is there any surprise they made this call?

Risk is not about "something happened, so it may happen again", but if something bad can happen, if it is possible, and maybe weight it as probable or not. Black swans exists, and if you bet everything on that they not, you may lose everything.

And the process of moving government and societies to some controlled by a foreign power cloud takes time to get in, and to get out. And you can't tell that something bad was being done while showing a smiling face.

It is not something coming out of the blue. There was strong signals of intervention back to the start of internet, and a more or less official confirmation of what was happening in the shadow with Snowden's revelations. But somewhat is now when that is perceived as a risk.

Secrets in US cloud were probably never fully safe.. but at least the US wasn't previously on a path to inflict pain on the rest of the world.

In practice this means the US Government remains in control of the network backing their cloud. ITAR regulations make it treasonous to have foreign eyes on these clouds. Foreign governments are not afforded any of those protections when sitting on US clouds.

Even among FVEY, there are designations for data relative to member states and information is not as free flowing on JWICS as one might assume. It is more like a controlled stream than a raging river

The only effect the distrust of the current US government will have is a few articles. It expensive and difficult for this to be sufficient incentive to change anything.

We should probably grateful they have not put it all on Chinese clouds.

The current threats that the US is making to Europe about it's data protection, privacy, consumer protection, etc... laws is very much of concern and is already beginning to be a factor in our ongoing RFPs and procurement process. We're not just following the law, we also don't trust some companies with our reputation.

Non-EU can trust EU waaay more then anyone except Russia can trust to America. American leadership made it clear that norms, laws or morality are only for suckers.

The levels of behaviors between the sides here are not symmetrical

The general idea, sure. They offered that in return for security guarantees or as collateral for continued military aid.

That is not what is being offered them by this administration. Instead the administration has chosen the mafia shakedown route. American military aid to Ukraine to date amounts to around $100 billion dollars (and we're not talking stacks of cash here but rather the "value" of military hardware, much of which already had an expiration date and was literally designed and built for the Russia-invades-Europe scenario). But Trump is demanding $500 million from Ukraine, and offering zero in return. As of today many concessions have been demanded from Ukraine, but zero concessions have been asked of Russia - much the opposite actually.

> and we're not talking stacks of cash here but rather the "value" of military hardware, much of which already had an expiration date and was literally designed and built for the Russia-invades-Europe scenario

That's not true at all, US has sent billions of financial aid[0]. Compare that to Europe's aid which was majority in the form of loans, which Europe gets to collect interest on based off of frozen Russian assets.

0. https://www.ukraineoversight.gov/Funding/

It is zero in return and that's why Ukraine have not agreed to either of the two versions of the deal.

The vast majority of the aid is not financial aid, it's physical hardware.

Every war that the NATO countries somehow miraculously got involved in is an economic war for natural resources and control, and the big EU countries always take their share of the pie.

Ukraine’s resources, one way or another, will be split up between Russia, EU, and the US (or more precisely it will end up in the hands of the oligarchs and “black rocks” of these countries).

Sorry I mean American's wars, not the EU's wars. The EU hasn't really done resource wars since the colonial times.

What other incentives than control, resources or economics do wars in general have? Why do you hold the countries you mentioned to higher standards?

At the start of the war EVERYONE said Russia would take Ukraine in days, and asked Zelenskyy when he wanted to evacuate. Not sure why anything they said back then is worth while to base opinions on today.

There is still a lot of that hope but it's also a different time. The bravery of of Ukrainians in the initial wave and the counter-offensive as unmatched. The West helped but it didn't help enough. It was always piece-mailing military equipment. With a lot of wait times and a lot of hand wringing. We gave them tanks, but no F16s at the time. We could given them AA weapons earlier and more of it. They also made mistakes, there is a decent amount of corruption, and fumbled on recruiting after those who wanted to fight joined they started sending vans with military dressed people to effectively kidnap men off the streets or their places of employment. That looks bad and make their own people fearful of the military and those men won't be fighting the same way as those who sign up voluntarily.

> OK. But Ukraine choses to keep figting. Let them decide their fate

Their fate was never really just their own after the initial resistance. Without the Western help they couldn't have lasted this long. The West both helped a lot, and not enough at the same time. It's like a friend needing life saving surgery and it costs $10k. We send him $8k. He should be very grateful for such a generous gift, but everyone knows that also won't be enough and he will likely die.

Maybe Linux will end up making big inroads in Europe, replacing Windows and MicroSoft Office and Office 365 along with Google Docs.

It’s no mistake China banned foreign companies with infinite money from setting up shop there. It is dangerous and expensive in the long run.

As someone with an infra background a lifetime ago, I am confident I could spin up Kubernetes and Deepseek R1 in OVH or Hetzer within a few days. The primitives exist, the EU simply needs to lean into cultivating and supporting them (orgs, platforms, etc) to push EU entities consuming these services away from US Tech. Perhaps the tech stack is a national security interest, just as a manufacturing base and supply chain is. Better to be prepared than to be entrenched in the US Tech ecosystem and then suddenly be held hostage for reasons.

I'd certainly enjoy the case studies of European enterprises jumping from full-scale Azure and AWS deployments to OVHcloud or Hetzner, though. That'd make for some interesting reading.

If my (Canadian) government decides to ban Azure in a year, my critical infrastructure company ignores it for 11 months because they figure it won't actually happen, and then goes to the government to tell them that if the ban actually goes through, our infrastructure stops working because we'd actually need a multi-year timeframe to migrate off of Azure.

Blaming Trump for their own well-known problems is silly. They were dependent on the US before him and they will continue to be dependent on the US after him until they look in the mirror and decide to fix what is broken.

In practice, this means no US cloud providers provide foreign data sovereignty (though many claim to).

As long as whatever sham of a data protection agency was nominally functional in the US european elites could convince themselves that it was legal to transfer personal data to some US corporations, but now that agency is defunct.

But yeah, it's a bad idea to do business with empires. Sooner or later they turn to bullying and extortion.

Don't know what it is. Am I not fake enough? Not forcing fake smiles and excluding obnoxious positivity constantly? Not ego stroking the interviewer? Am I doomed to, in comparison to US, poverty wages?

Absolutely infuriating.

My last company paid 2-2.5x a UK salary for a US engineer. Perhaps the ratio for a company like Meta is closer, but I doubt it's equal. For startups you may find random roles that have equal pay globally, but they're relatively uncommon.

But the argument of the parent might be that a very active open source community based in Europe points towards a big potential of experienced developers working at their mid sized companies in the shadow of American big tech. Once big tech is gone...

Unlikely.

I've worked at an american cloud provider and (in another job) i've worked with an european cloud provider (in this context, when I say "worked with" I mean i was in contact with the people actually managing the hardware as well as the software that serves the "cloud").

It's just a completely different mindset, and I don't see that changing any time soon.

The main issue i see is that european cloud providers mostly have technically-ignorant upper management for which providing a cloud offering essentially boils down to "buy this software component from company xyz (likely an american company) and install this open source product abc, then slap a cloud marketing name and unleash the salespeople". They can't even contemplate the idea hiring somebody with FAANG-level skills, paying it FAANG-level money and let it do FAANG-level work. They hire a few underpaid 20-somethings and have them manage, at best, an OpenStack installation.

I kid you not: in late 2021 i was in a meeting with (among the others) the head of cloud engineering of one such companies and asked when are they planning on offering ipv6 connectivity. The guy had a loud laugh and said they had no plans to even consider ipv6 connectivity. And that was at a company that does both "cloud" computing infrastructure and connectivity (!!!). That's the mindset.

I don't see europe building a realistic alternative to american cloud providers, and the core issue is not technical.

Thank you! As a german that saw how the sauce is made in public sector tenders it's exactly this!

This is not restricted to hosting / cloud sector. It's a good summary for most german IT companies.

Arrogance and incompetence are rampant. Programmers and their managers need to go en masse to have some substantial change.

Everyone is so full of themselves and disconnected from reality it's scary.

The brain drain ultimately takes it toll. The most capable people from europe ( and every where else), move to US , be they engineers, management, entrepreneurs etc.

And they are going to stay there once the megalomaniac in chief and his South African oligarch have gone with their wrecking ball through the very fabric of the US society and economy?

the real point is not ipv6 (or this or that specific service). the point is the attitude.

anybody in this subthread bikeshedding what aws service supports what version of the ip protocol has missed the point and would probably fail a text comprehension test.

Depending on the context, and granted, lacking some of the subtle details missing in the interaction described, might actually show real experience in the field.

"Why No IPv6?": https://news.ycombinator.com/item?id=40039154

This was possible because motivated individuals held technical positions in the ISP while the management has been totally incompetent and was later jugged outright corrupt.

Because of corrupt management and public scandals, my ISP has been sold to Orange. I am afraid this will end the 25 years of technical excellence as well.

Hetzner has existed for a really long time, I'm not even sure what "cloud" means in your context.

Object storage and VMs is what made AWS "cloud" 15 years ago, so by that definition Hetzner only just became a cloud provider.

But the more important point was that they started branding themselves as a cloud vendor 4 years ago, and investing in new offerings around that pitch, but it’s taking them far too long to release basic parts of the offering, and they’re falling behind.

Microsoft will be tough to replace. There are good alternatives, but retraining personnel, etc. will take years. Google, I am not sure. Their cloud services are replaceable. Search may be tougher, but the quality of Google Search has become so bad that it's often easier to ask an LLM.

Being US startup with English only you have access to 300m people right away.

There were country specific social networks but then all cool kids were on FB so everyone moved there.

The same with LinkedIn, our country specific business social network closed down finally last year. First 3-5 years it was growing then everyone moved to LinkedIn so that network was ghost town for 15 years someone kept it alive just in case but seems like they stopped wasting money.

I do see opportunities with LLMs as making all kind of platforms language agnostic - you should be able to write your own language and read your own language even if other person is from different country using different language.

(as of this comment, Bluesky has ~32M users and counting)

The UK's largest "social" sites are pretty much forums (e.g. Mumsnet, The Student Room, DigitalSpy, MoneySavingExpert) and while they're good for their respective topics, they don't cover the Reddit/Facebook/Instagram use cases (they could be arguably considered on a par with individual sub-reddits).

If you make each individual bulletin board receive broadcasts from a central server, then you get the network effects of Facebook and Reddit. Individual boards can just sub to the central server keeping them connected to the hivemind or not. Your community can remain isolated or throttled (only 30% of global updates get through). We do this manually here, where not all global posts get through (you'd be hard pressed to push a Reddit post to the top here). It's the simplest way to federate using existing technology.

This model is already at play. X, Bluesky, Reddit, Truth Social, and Rumble are basically heavily funded private message boards with a large mindshare subscriber base.

Taking our message boards back is proving to be difficult, especially because trying to move the userbase off of it is the same as trying to move people off drugs.

Your're doing this with phpBB? Doesn't happen to be open-source somewhere?

Would be interesting to have a look, I think I a bit like this opt-in partial federation / hivemind. Would be even more interesting if it was possible to sync comments between such forums.

**

Developing forum software myself, Talkyard. Based in Europe (Sweden).

Started thinking even more about using some European cloud, as an option. There's a Swedish hosting provider that looks interesting (I think)

I guess you could do syncing kind of like how CCing email is done. CC my home server and global server. This gives you agency to remain detached from the hivemind, and vice versa. This is not some idea out of left field, it's roughly my workflow between Reddit or HN or other sites. I manually do the filtering in my mind when I move through different channels.

Phpbb is open source, but I mostly brought it up to show that Facebook is just that, and nothing more. Forking Reddit will also give you a Facebook clone (and a Reddit clone).

Websearched for "phpBB federation" and "phpbb subscribe rss broadcasts", found this:

"Feed post bot: This extension enables you to read any RSS, ATOM or RDF feed. It looks for new items every half hour and post them to a specified forum." https://www.phpbb.com/community/viewtopic.php?f=456&t=241159...

Intering way to use RSS

I have seen, at least here in the UK, some people speaking about moving entirely back to hardware that is controlled by the organisation. The case is there on a cost basis already but people are reluctant to admit this. If another magical guarantee expires such as a security one, then the reason can be shifted to that and the cost justification is collateral.

Getting out of PaaS systems is going to be horrible and expensive though. We never should have gone further than IaaS.

I suspect the idea of the cloud as it stands today may die fairly quickly.

Have you tried using OVH? It's... not ready for prime time. Don't get me wrong, I love it for cheap EU servers, but man is it a pain in the ass to deal with.

I think the harder services to replace are things like Github and O365/Google Workplace.

I think it'd be faster and cheaper to replicate GitHub or even Office, which are complex but fairly feature-stable, than to offer a real cloud competitor with a fraction of the services that Amazon, Microsoft or Google offer in their cloud portfolios.

I heard an interesting thought on the Lex Friedman podcast though. If software engineering really becomes cheaper and more readily available thanks to AI, maybe more companies will start building more of their own services. Then, maybe then, will the European enterprise be able to wean itself off from the big cloud vendors.

All of these nice F35s made in USA, will soon have no buyers except the USA itself.

It is this generation's F-16, many thousands will be built and sold.

I think European alternatives for F35 are obviously needed.

The main point of conflict is that the US holds the source code for the advanced software systems very closely, no partner country has access. A lot of the differentiated and exotic capabilities of the F-35 that make it attractive to other countries are in the software, everyone recognizes this. There are many algorithms and techniques that rely on classified computer science to deliver qualitative advantages. Even if other countries could replicate the hardware, without replicating the software anything they built would be a pale shadow of the F-35 in terms of capability, which makes alternative hardware much less compelling.

The US knows all the leverage is in the software, so that is the part they strictly control. It is yet another case of the software eating the world, military systems edition.

Maybe the source code also contains a secret kill switch? I'd definitely put one in if I was selling fighter planes to 3rd parties. Alliances can switch overnight, as we're seeing right now.

IIRC the French refused to give the UK the means to disable Argentina's Exocets during the Falklands War.

I suspect that by the time anyone was able to successfully reverse engineer it, it would be semi-obsolete, which limits the value in doing so. Playing catch-up requires taking a lot of aggressive R&D risks that European governments have traditionally been very uncomfortable with or which take far too long to execute.

That is without me manufacturing any of the components. If one had a nation state backing I am confident it can be done for a fraction of it.

They are unstoppable because if you have a tank and there is a swarm of 500 of them what do you aim? One of them will find the opening to drop the grenade on your tanks weak spot. These are all single use kamikaze drones.

Same for battery range. Europe is preparing for a defensive war on their land. Even 10 miles of ranges should suffice. You can always deploy them from a mothership.

And you’re entirely ignoring the very real problem of the mothership which has to survive to get within ten miles of the battlefield, unless you’re planning on releasing them from box trucks which means their range will either be useless or they’ll get taken out by bigger, more expensive loitering drones the second they’re spotted. War is antagonistic co-evolution in its purest form, these naive solutions dont last very long which is why our weapons cost so much (for everyone, not just the west).

I totally agree with you that drone swarms is not a silver bullet, and likely some effective adversarial strategy will be developed(jamming, attacking motherships etc), but the point is that airplanes are not as important as they were in the past. Ukraine is still standing with no real air presence.

Given that for today's election here in Germany actual problems barely played a role. Not just that, over the last two decades very little was done. For example, we have skyrocketing rents due to a general lack of housing, which leads to all kinds of problems apart from affordability. For example worker mobility. Who dares to move to another job and city when it's so hard to find a flat?

That's par for the course for almost all big problems.

I think the probability is high that the new German government is going to try to sit this one out. After all, they survived Trump the last time, and it's only four years, right? Worse, they would have to do many things that will be very unpopular with one or the other interest group.

Unless somebody puts a gun to the heads of all those in government they will procrastinate rather than make any big changes.

I see little chance that they will cancel the order for US military hardware. They might actually buy a lot more, to appease Trump. After all, not getting the F-35 would have repercussions for the nuclear sharing agreement with the US. They need the F-35 to have a certified platform for nuclear bombs they are supposed to get from the US, stored in Germany for that purpose.

That would mean they would need a European approach to nuclear weapon sharing and weapons. The German government regularly has trouble even just to work together with only France, due to wildly different philosophies and interests.

Europe is far too divided, and the German government sees its role in doing as little as possible when it comes to radical change.

I think part of it is that the leadership of all our big parties mostly consists of politicians whose whole life is just that. They don't have anything else. Even if they get a job at a company it's for their political connections. They won't risk this, and they barely have any strong opinions! They look at polls and change what they stand for accordingly and easily. I'm not saying this to sound mean, I think that this is a mostly accurate description.

Opposing the US would take spine! It's a lot of trouble and uncertainty. They will try to avoid that if at all possible.

----------

By the way, it's not just F-35. Germany also ordered the Israeli-American Arrow 3 long-range missile defense system, sixty CH-47 Chinook, and 380 other contracts worth 23 billion just from the "Sondervermögen" (special fund) of 100 billion. Surely that will just become more, given that Germany continues to need to purchase things like Patriot missiles.

The strategy was - to the chagrin of the French if I understood the news articles written at the time right - to rather buy something proven and quickly available from the Americans rather than start a lengthy inter-European development process.

However there can be weirdness sometimes. I vaguely remember a case where Microsoft had to hand over EU data to a US law enforcement agency due to a court order, but giving that data would violate Irish law. I know there's a new variant of the EU-US Privacy Shield, but with the current US administration that could get ignored very easily.

Which raises the question: can for example Microsoft-the-US-entity in de jure sense cleave off Microsoft-the-EU-entity whilst still maintaining de facto connection between the two? If not, there are definitely big opportunities abound.

What Microsoft might end up doing is following the China model, essentially giving control over their EU servers (probably only those in a special region) to an EU company, while still supplying the software and taking a (very large) cut of the profits.

1. US companies hosting EU data on EU servers are more vulnerable to US Govt demand, not less.

2. US-EU Privacy Shield does not exist anymore.

Like, the conversation will go, "Get us this data"; "EU law says we're not allowed to"; "We don't care, do it or we shut you down."

Some open source projects are rebranded as Russian with minimal changes, that happens, yes, but that's the result of gaming the system that incentivizes development of Russian software, not the result of sanctions.

Russian replacements of Office 365 and Google Docs seem to be doing well.

As for hardware, the EU is not yet under American sanctions.

Half a century of communist rule showed us not to trust our governments.

Every now and then, the Brussels bureaucrats show us how much do they value our privacy and electronic safety.

Luckily there's always been scepticism and challenges with tightening data security regulations, so maybe people will mostly be relieved if we need to turn around on this.

Anyway, it will surely be an interesting discussion on Monday...

I get moving off of AWS and GCP. But to Azure? That move doesn't make sense to me at any time that Azure has been a thing. Why have you ever wanted to move things to Azure?

So yeah, not my favorite of the whole "not my favorite" cloud migration plan, but the only realistic path forward at the time

Based on my experience on a couple of govt organizations, the IT departments are very small, compared to the total workforce, and has to deal with decades of legacy. In this environment, any change in direction is considered (way too) carefully - a big ship turns slowly and all that.

Since the team was experienced in dealing with Windows VMs, practically everything else was MS-based and MS offers lucrative bundling, Azure was thought to be the natural continuation on the infra side. One major outsourced software project nailed that trajectory, and due to the small headcount, multicloud was not desireable.

And this is where I jumped in. I'd like to think I was promoting improving our on-prem capabilities until a question of "could we have a reverse proxy so we could access some internal databases from the Internet instead of relying on overnight database copies" hit a steel wall. Having heard murmurings of achieving the same via Azure APIM and ExpressRoute, I clung on, since as an architect I needed that capability for multiple projects.

And after that, it was only natural to take more steps in. Slippery slide and all :p

But as I mentioned, luckily all this has been so slow that reversing is not the end of the world. Unlike some of our sibling organizations who have little to no on-prem capabilities left

So far it's been great, I highly recommend it.

[1] https://www.hetzner.com/storage/storage-share/

In the wake of 2014 and souring relations with the West, Russia also started looking more seriously at digital sovereignty. This was castigated as "isolationism" and an attack on the "open Internet".

Now it's nearing a household term among EU tech groups. Because this was never about democratic ideals, it is about power and control, especially in a volatile multipolar world.

China and Russia blocking YouTube is different from making sure the entire EU government and economy can't be collapsed by US turning the screws on Amazon.

It's like going back in time 15 years.

OVH co-mingling postgres customers on the same underlying server with no noisy-neighbour protections! AWS RDS is obsolete tech these days and they can't even match that!

The only good providers I'd use again are London based.

Trump will be gone in a few years, one way or the other. However, the foundations that are being poured for legitimizing a strongman, authoritarian role for the executive and almost eliminating the role of the other two branches is deeply dangerous.

If you believe the goals are worthy enough that the ends justify the means, think of the worst president ever(in your opinion) and consider whether you'd want them to have the same power? Because politicians never let power go willingly. They will certainly point to Trump's precedent as a means of legitimizing their actions.

My fervent hope is that our institutions are strong enough to weather this assault and that enough people make it clear to the administration that there are lines they are not willing to cross. Whether that happens remains to be seen.

Some of the long-term consequences are permanent: everyone in Europe unambiguously knows that the post-war dynamic is gone, and if they invest in their own alternatives they won’t want to throw away that investment. As an example, allies who bought F-35s are wondering if they should’ve followed the French path now that they’re faced with the prospect of being on the other side from America. If they decide to move to European control of key infrastructure, they’re not moving back for at least a generation.

Sure, it isn't safe for EU governments to store data on US clouds.

It also isn't safe for US governments to rely on chips made in Taiwan that China could invade. Or for TikTok to be a primary media source in the US.

The fact is, we're an economically interconnected world at this point, in terms of software, in terms of hardware, and in terms of hardware supply chains.

And it's hard to see it going backwards. Economic efficiency is a powerful force. It often seems like the solution has to be to try to implement as many safeguards as possible, rather than cut off sources of technology. But I don't know... it's an incredibly difficult question.

Giving all your data to foreign states though may be a bridge too far. That’s not the same as buying cars or Swedish Fish.

Does it really matter?

If large Western countries want to spy on each other, there are so many ways via so many devices.

That's why I'm talking about safeguards -- why not just focus on ensuring everything is encrypted in rest and in transit, so you can use anybody's cloud anywhere?

Fortunately, going multi-cloud is a thing. Storing data with multiple providers in multiple countries. Lots of companies which specialize in multi-cloud solutions.

Again, like I said -- safeguards.

Maybe someone will revive firefox os or build a better successor to it.

Ideally, there’d be a law saying that any government service (direct, or contracted out, so including infrastructure like parking and EV charging) must be offered via a PWA that works in EurOS, iOS and Android.

One thing that strikes me is the relationship with architecture. A monolithic, vertically scaled app can run ANYWHERE where I can rent a VM, whether in Norway with Upcloud or on a VPS in Kenya. It's only when you start stitching together managed DBs with autoscaled instance pools etc that vendor lock in begins.

All of these nice toys make our service highly available. But while the overall risk is lower, it is far more correlated between customers. If our service would go down because of a political event, it would go down for all our customers at once.

What about a control plane that manages a fleet of per-customer VMs across an array of cloud providers? Has anyone ever tried this?

So I assume most of the mentioned issues will be irrelevant soon™. Because a) the convenience, b) lack of actual competitors.

[0] https://cybershow.uk/episodes.php?id=31

Unlike most other developed countries, the US has no real site blocking, mostly because it doesn't need it. They have enough control over the financial system and enough friends in foreign governments that they can essentially nuke websites that don't follow American law off the face of the earth, or at least force them not to serve American users of their own "free will". See e.g. crypto exchanges that don't follow KYC/AML, crypto-native prediction markets that nevertheless require a VPN for Americans to access, despite not even interacting with the non-crypto financial system, piracy sites which are often shut down at the behest of the US government, foreign banks that ask you whether you're a US citizen etc.

Once the answer to "we are the SEC, you can't let Americans visit your site or we'll get you extradited" changes from "yessir" to "fuck off, we're Europeans who have never stepped foot in the US, American law doesn't apply to us, and our government is gonna back us up on that", things will get really interesting.

As a European who is very much against EU tech regulations and the EU way of doing tech generally, this is definitely one change I'll welcome with open arms.

As an aside, I'm surprised "freely offering drugs / pirated content / havala-style unregulated P2P crypto exchanges to Americans on the open internet" isn't a model that a US-unfriendly nation has tried so far.

Note that this is largely the case for any bank where you're not a native to their country - because of the Common Reporting Standard. However the US asymmetrically applies FATCA instead of the CRS.

https://en.wikipedia.org/wiki/Common_Reporting_Standard#Mult...

"The U.S. receives information relating to US citizens' accounts from many countries due to the compliance requirements of the FATCA. The United States, in many cases, will reciprocate by sharing banking data with countries for accounts which their citizens hold in the U.S., but not automatically, as is required by the U.S. in FATCA."

This makes serving US citizens in an "average" financial institution an added burden that might not be considered worth the cost.

At the very minimum you should be encrypting all data before you transmit it to machines you don't physically control, but even that's not necessarily good enough because it still gives them the ability to withhold that data from you. And that's to speak nothing of some hypothetical future technology that may be able to defeat your encryption entirely.

It's a book he wrote about how to maintain power in a feudal society, with references to many historical events to back up his arguments. Usually it comes down to being wary of accepting help from somebody else unless you understand their motivations, what they stand to gain, and what you stand to lose in the long run. It's sort of like "Art of War" in that it's written for a specific time and place but the principles behind it are so universal they can be applied to many different situations, even business management and interpersonal relationships.

So anyways, my point in the OP above was that this is the sort of situation that he wrote extensively about; obviously there weren't any computers or cloud storage in 15th-century Italy, but he definitely makes several points on the dangers of relying too heavily on third parties for resources, because it gives them leverage with which to manipulate them.

Disclaimer: most people do not think "Machiavellian" is a flattering descriptor

I find Europeans to be particularly annoying because they've willingly turned themselves into de-facto vassal-states without even realizing it, and despite constantly panicking over the outcomes of internal American politics they never learn their lesson or take any real steps to become less dependent on the United States.

I'm pretty sure I remember the exact same conversations about whether it's safe to host data in America eight years ago, because they haven't changed at all. I happen to think they're over-reacting and that Trump isn't going to do anything with their precious data, but they're well within their rights to have negative opinions about internal american politics. However it's also incumbent upon them to understand that they have no standing in who the American people elect, and that if they don't feel safe not being America's #1 priority they need to become more self-reliant. Europe is not the center of the world to us, they're just another one of the six continents that aren't North America.

You need to build services that allow you to continue to function as democracies and that ensure you can tackle the challenges ahead.

EU companies many not be storing the data but they're certainly in the "making shovels" business. And that's kind of the deal. France quietly takes a huge percentage of revenue without most companies being the wiser.

If EU companies start moving their infrastructure elsewhere, I'm sure that American datacenter/cloud companies will reconsider who they buy their racks, PDUs, etc, from.

Europe has no choice but to create its own subsidised cloud and mandate its use.

The market is captured by us companies. I doubt that this will change.

The reason is simply that the the number of clients that care for the problems described is small compared to the total market. If you run a company that caters to these clients, you will cater to a small market with special requirements.

Companies like that tend to be pricy and hence won’t take market share from Americans.

I’ve only ever done bare metal and have been lucky all of my employers hated the idea of AWS/Azure/GCP. So I feel like I’m quite well positioned to start helping companies move to bare metal alternatives.

Do I start freelancing, or do I try for an AWS alternative?

It baffles me how people look at other administrations through rose colored glasses and pretend that the problem started since Trump took over and Musk is working on this DOGE stunt. The swamp has always been there.

It was never safe, and never will be, no matter who is the president and how outrageous some of their actions are.

This article didn’t need the picture of “Trump is signing things”. This article cannot be taken seriously because of that, and it’s so frustrating because otherwise it made good points.

So I’d think of it similar to how climate change has affected property risk assessment: even if your home was never absolutely safe from flooding or wildfire, your practical assessment of how much effort you should spend protecting against those risks was quite reasonably lower in the era before once in a century or once in a thousand years events became once in a decade.

Microsoft is one of the hardest to get rid off, as it traverse the business from teams to SharePoint to azure dev ops and GitHub.

But when it comes to running systems themselves, there's valid European alternatives.

Wishful thinking? may be, because the world isn't and doesn't have to be fair.

It is a very complex matter. Roughly speaking, if you rely a lot on information systems, in the end you are own by the real operators of those information systems.

The UX is extremely overloaded with features with little organization or structure, making it hard to find the few features you actually need, and every simple thing requires 3x as many clicks as with other products.

I tried making slides with LibreOffice, and even though I don't need any of the collaboration features and would prefer to work locally, I ended up deleting my entire presentation and just starting over from scratch with Google Slides, because that was easier than trying to do anything in LibreOffice.

The reason we look past it is, well, we're used to it. Software is 95% inertia, 5% quality.

Inertia is a big thing, but with many open source products and UX, I'd say that quality is often a similarly big if not bigger factor.

This is pretty consistent across all Microsoft products. Over time they sort of deteriorate and rot. We're up to, like, a dozen different settings windows in Windows now. Half of them don't have an "apply" button. The other half don't even report when configuration fails. And, cherry on top, Microsoft has taken a "pretend it didn't happen" approach to modern error reporting. So, you don't even have a number to take to customer service.

It's difficult to take Microsoft software seriously when Excel can't open two workbooks with the same name (for three decades, btw) and Windows says "oops! Windows made a fucky wucky :(" when anything bad happens. And, heaven forbid you have to configure IIS on Windows Server. Jesus Christ, I would rather blow my head off, blend the flesh chunks into a smoothie, and then drink the aforementioned smoothie by pouring it into my now exposed neck hole.

But, bright side, at least NTFS is only 1000x slower than competing filesystems (ext4, btrfs, zfs). So, you can grab a cup of coffee while trying to open the logs on your failing Windows Server.

In 2016 he was the 'King of Debt' , a title he ascribed while talking about the debts he inherited from the previous administration, no one thought to start worrying about the start of a new monarchy then -- why now? because he's faster and looser with exec orders? hopefully everyone remembers 'king Bush Jr.' then.

Personally I think it's kind of hilarious to watch; on one hand you have mega-corps moving away from places TO America so that they can facilitate E2E, while simultaneously the persona-in-charge at the moment is driving people to any of the countries that have a long history of demanding keys and throwing a fit when denied.

Unless of course this article is about moving our data and software development to the Slovenia .. but it's not.

I think it's great to work towards not being beholden by other countries actions, but it should've had effort towards it before a bad-actor nudged everyone awake; not during the crisis. It shouldn't have taken Trump to remind everyone that nationalization of important goods is sound strategy.

There are cloud infras (“clouds”) that are wholly independent of the large, entrenched, politically connected providers like Amazon and Microsoft.

We think of this as a monoculture wherein every single thing is somehow built on top of AWS. That’s not true.

Maybe an influx of business will make us grow the European clouds, but that's ok, we're up to it.

We build Wide Angle Analytics ground up outside of US systems.

Now please don't use that as an excuse to get on alibaba's rack.

My take is that capital in Europe is (a) way too risk-averse and (b) fragmented across many European countries... As much as I've always sympathized with the EU, "Europe" as a single entity is a fucking lie, an illusion in our collective minds.

Try building a business in Spain, and then expanding to France. Yes, you have free movement of capital and labor to help you - which is a massive foundation - but after that all you'll find is red tape and difficulties emanating from the differences in culture and language.

Similarly, it seems impossible to privately amass the amount of capital needed for an investment such as what is needed to "make the first 10% of what AWS offers".

The only alternative is through continent-wide industrial policy, Draghi style[1]. More power to the bureaucrats in Brussels, and more taxes than we're already paying - and we're fucking suffocating already down here. No thanks!

This is why the future looks dire. My only hope is that maybe with AI software development becomes cheaper and we can all build more services in-house. But please someone give us at least the first 10-20% most useful cloud abstractions. I wouldn't want to waste even the compute-time of my AI engineers in building a resilient managed Postgres.

[1] https://en.wikipedia.org/wiki/Draghi_report

Election interference does occur, and to protect democracy, courts must act where there is clear evidence.

Or are you referring to Hungary in your second paragraph?

There's countless examples of countries trying to influence the elections of others. I'm from the UK and a notable example that comes up here was when the US president threatened Brits that the UK would be put on the bottom of the list of trade talks if they voted Brexit.

And just recently nearly 100 staff from the UK government were supporting Harris in the US presidential election.

I'd also argue that propagating this idea that people are too stupid to see through the lies and interference in an election undermines the point of democracy. If we cannot trust people to make sound democratic decisions, then why do we even support democracy as a political system? In a democracy sometimes people will be misled. You need to trust that people will ultimately make the right decisions.

Sure, I agree with the article. Sure, the EU is way behind here in implementation, and the privacy stuff takes (IMHO) a bit of an absolutist position. But then we ask ourselves, how many people do actually turn down cookie banners (well I do, but still)

As a start, not even the US gov trusts their vendors, that's why there's FedRamp and such. It's a detailed procedural and deep certification.

Is it safe to have your stuff in a US cloud vendor? Well, which stuff? Is it safe to have it in a server under your desk? Probably less safe in the end

Which countries have actual specialists in securing data? (hey didn't the USDS just get shut down?) Which countries actually implement those security guidelines? (Or just general best practices?)

tl;dr: SNAFU

does anyone know why EU hasn't regulated (read: forced) use of DNT headers or a similar mechanism instead of non-standard cookie banners that are obviously being abused in a malicious compliance way?

Seems to me it could've been just "If I send you `DNT: 1`, that means refuse all non-functional cookies".

But sure, they could have specified something to the effect of "if a browser specifies (though current technical means) that the user is DNT they should follow that" but there was lobbying from the advertisers and other parties as well

There is no free speech protection in any EU country.

DCMA is overlooked but it's hugely beneficial for US companies and means they're not liable for what their users publish/write on their site. In Europe you have to staff moderation teams to remove defamatory content etc or become liable to be sued yourself.

Plus, current goverment don't care about laws and people on top of it have history of retaliating against speech.

Also, a vote for the right is a vote to increase the gap between the poor and the wealthy, things will only get worse.

I don't vote "right" because the Democrats and the Republicans are both working against my interests.

And that distrust starts with this dishonest framing like ‘ukrain are stealing our dollars’. No they’re not, it’s your politicians that decided it was in the interest of the US to have wars: fight hitler (thank you!), fight communism in Vietnam, fund and later fight saddam, fund and later fight taliban.

But now you have a government that no longer thinks fighting Putin is useful, because they think the Russian style of government is the way to go, and not a threat to the US way of life. I doubt they’re right, the average Russian in the country leads a very poor life, and freedom is not a priority in Russia, if you disagree with government you will get thrown out of a window.

But your government is now following the government style of Russia, not following the rules of law, not following democratic, constitutional rules. Do you really want to be next Russia?

Polling disagrees with you here. Funding and helping Ukraine was massively popular in the US and transcended party lines until it became a wedge issue after the Republican primaries (what changed?).

I like free speech, but I would rather not die because an army of Russian trolls managed to replace Western democratic governments with Russian puppets.

Anyway, I tend to agree that "too much" freedom of speech is not the real issue here. Across Western world, neoliberal economic policy has failed to bring prosperity among large segments of population. Politicians have also ignored very real issues, such as failed humanitarian migration policies, DEI-policies which discriminate against particular "privileged" groups and so on. Trolls would have much lower success rate, and far right parties would be much smaller if these concerns had been taken seriously before by mainstream parties. People who are happy and optimistic about their lives and future rarely become extremists.

It's a closed system so I can only buy hardware through them, what if at some later date the US demand hardware backdoors, what if due to tariff (or other drama) we can no longer buy them? How do we get spares?, what do we do if a server breaks?, what if they go out of business? What if we need some other kind of servers or offering they can't provide?

It wouldn’t surprise me if NATO is replaced with something that excludes the US and includes Ukraine, Greenland, Canada and Mexico.

I'm willing to bet against both the military support for Russia & the NATO dissolution at 4:1 odds before end of this year and 2:1 before end of next year.

I don't think anyone serious actually thinks either of those things are going to happen so I doubt anyone would take me up on that offer.

If you think I’m making the latter part up, look at the budget package the senate voted for yesterday.

I don't like Trump, I really don't, but I hope he continues with this. Sadly he probably won't do the same with Israel though.

USA is not stepping back, they are acting like an aggressor both against Ukraine and Canada. And against EU those somewhat less so.

All this is not so hilarious for me, living next to Russia and wondering if they will invade us within next 5-10 years, and whether we will receive any help from abroad when Europe seems to become increasingly pro-Russian. What is happening now is potentially a matter of life and death to us.

I guess this reality has never reached the leaders of the EU apparently. Trump was in power before and also threatened to leave NATO yet the EU countries did not prepare for this at all. They had 4 years of Biden to do so but alas they simply waited and wasted time.

> The disturbing thing is how the current administration blamed Ukraine for the war, sees Putin's Russia as an ally, and actively wants to destabilize EU by supporting pro-Russian forces inside it.

You find it disturbing because you are missing the forest for the trees.

China is now very tightly coupled with Russia and Iran. The biggest threat to US hegemony is not Russia, not by a mile. China has the means, the power and the will to start asserting itself on the global stage. On the other hand Russia struggles to hold on to a 5th of Ukraine.

Trump wants to split Russia away from China and is willing to give up on Ukraine in order to make this happen. It's that simple. Russia has huge swaths of raw minerals, fossil fuels, lumber and so on that China needs in order to expand it's economy therefore it makes complete sense to try to slide a wedge between them in order to isolate China.

In this game of Geo-politics, Ukraine and the EU are just pawns that can be traded/pushed around because they have barely any weight in the global order.

You can be mad about this but if you do you should be mad towards the EU leaders from the last 30 years who instead of building a robust industrial base, sent all their jobs abroad, who instead of building a army that could resist an invasion, relied on the US protection without even reaching the minimum NATO investment threshold year after year.

The EU countries made their bed and now they are struggling because most of them are broke, their economies are in the gutter and are slowly crumbling.

> All this is not so hilarious for me, living next to Russia and wondering if they will invade us within next 5-10 years, and whether we will receive any help from abroad when Europe seems to become increasingly pro-Russian. What is happening now is potentially a matter of life and death to us.

This is a weird take. On one hand Russia, is not even able to conquer the whole of Ukraine but somehow it has the capability to steamroll over all the Baltic states? So which one is it, is Russia a paper tiger or an unstoppable force?

Both can't be true at the same time.

As far as US-Russia-China relations go, you can't trust any promises Russia makes to the US. They will betray Americans as soon as China offers them a better deal, which I believe they can. They can just wait until China invades Taiwan, and then attack Eastern Europe & make deal with China while America is too busy fighting them.

  China is now very tightly coupled with Russia and Iran. The biggest threat to US hegemony is not Russia, not by a mile. China has the means, the power and the will to start asserting itself on the global stage.

  Trump wants to split Russia away from China and is willing to give up on Ukraine in order to make this happen. It's that simple. 

How do you envision this playing out in your corner of the third world?

But you have to have reasonably sane trading partners for that to work and that has gone out the window.

And yeah, it's going to hurt a lot of people.

It's funny that people only raise this issue because of Donald Trump, whom the article refers to as "King," no less. The previous administration's green-lighting of the largest-ever industrial sabotage against Europe did not raise an eyebrow, but NBC News, a political opponent of Trump, claiming that Trump is "branding himself as a monarch" does the trick.

Oh well, whatever it takes.

It was always dead, or rather, it's in a shrodinger's state where the EU comission puts bullshit in a box, and companies pretend it's fine until the CJEU opens the box and acknowledge that it is, in fact, bullshit. It's happened multiple times already.

Aside from that small quip, the article is, obviously, right. Any sane European would count their fingers after a handshake with this administration. Expecting this particular agreement to hold is madness.

4D chess

Its just another case of rocket + orange man bad

The J&J vaccine was not "taken off the market." It was temporarily paused to investigate rare blood clot cases. Out of 8.7 million doses administered, 28 cases of blood clots were identified, with three reported deaths. COVID-19 killed a million Americans, and would have killed more without the J&J vaccine which probably prevented 5.7 million infections and—with an R0 somewhere between 1.4 and 3.28—many millions more. This information was not suppressed, it's public knowledge discussed openly in scientific and medical communities.

There is an undeniable authoritarian element to the US federal government, but when has the US ever backed a "leftist" coup in a foreign country? There's no coherent "left" movement in the US. No socialist party.

Really, your victim mentality—fed by baseless conspiracy theories—is absurd, and your promotion of this harmful rhetoric endangers innocent lives. The US is a a police state, but not a meaningfully "left" one. It's a republican oligarchy.

Calling a elected president of country a dictator and spread false claims of 4% approval.

Bringing in a UN resolution that lacks the part where Russia is the aggressor in the war with Russia.

Blackmailing a country that fights for survival to get rare earths.

And for free speech, the US don’t have free speech. People are silenced by fear by „free-speech“ abolitionists so they don’t dare to speak freely in fear of repressive measures.

That’s law of the jungle not free speech.

And the AfD is full of enemies of the constitution and that’s illegal as a party in Germany.

Nobody prohibits to be such an enemy of the state but you can’t expect to get paid by germany tax payers for trying to destroy that state. That his neither authoritarian nor anti-free-speech.

The US is basically the only country with good free speech laws. I am not saying they’re perfect, but I’m not sure what your argument on that point is. Can you share something more specific and explain how it invalidates the American constitutional protections on free speech?

> And the AfD is full of enemies of the constitution and that’s illegal as a party in Germany.

You either have a democracy where people can choose their leaders or you don’t. It appears Germany doesn’t. Preventing a party that is popular, from existing or participating in elections, is literally authoritarian and anti free speech by definition.

> Bringing in a UN resolution that lacks the part where Russia is the aggressor in the war with Russia.

What do you call the illegal coup in 2014? It removed the representation of everyone in Crimea and Donbas right? What about NATO expansionism? The aggressor isn’t very clear. I would argue that the 2014 coup and efforts to suppress Russian ethnic people in Ukraine was an act of aggression that eventually led to this conflict.

> Blackmailing a country that fights for survival to get rare earths.

This framing just shows how thankless it can be for America to help Europe. Asking for something fair in return for hundreds of billions in defense and security funding (not just in this conflict but for a much longer time), especially since it helps remove China’s rare earth control, is reasonable. It’s not blackmail to propose a fair deal. Ukraine and Europe are also certainly free to refuse the deal and not expect American taxpayers (whose pocket this comes out of) to help them further, considering they’ve already done so much.

If you dont know what youre talking about please dont bring up ridiculous bits of propaganda.

The only illegal coups in Ukraine were in Crimea where unmarked Russian soldiers surronded the regional parliament made them appoint a random criminal from a minor party as the leader and hold an undemocratic "referendum" to join russia. No free speech was allowed by many ukranians (of russian, ukranian, tatar, and other ethncities) who opposed the russian coup.

Russian backed criminals and neonazis and scam artists backed by russian soldiers also commited coups in parts of Donbas. Sadly they were unable to vote in elections or speak freely and were basically under control of corrupt warlords in the following years. The rest of Ukraine including most of the Donbas held several fair free elections. In the last presidential election which was fair and free Zelenskyy crushed the incumbent including getting a super majority in the part of Donbas which was still able to particapate in free elections.

Russia could care less about the rights of "ethnic russians". Its killed thousands of them in their assualt on Ukraine (probably a dispraportionate share of civilans they have killed considering where most of the fighting has occured). There was no effort to "supress" ethnically russian Ukranians. They are a well integrated part of Ukranian society, the commander in chief of the army is an ethnic russian born in Russia who onpy moved to Ukraine in his teens. Also I'm guessing youre under the mistaken impression that most of the Donbas area was ethnically russian when it was actually only about 1/3.

As for NATO expansionism thats another bit of propaganda. There was never an agreement to not include parts of eastern europe in nato(former soviet leader Gorbachov hinself admitted this in interviews with russian media), countries like Poland begged to be let in and wore down existing nato members. Most imporantly Ukraine was not seeking to join nato in 2013/2014 before russia invaded and everyone knew there was no chance of them getting in in 2014 when russia started the war or 2022 when they expanded it(too many members of nato were opposed). Now after the expansion of the war it seems inevitable.

America has done a lot but Ukranian victory and a russian loss is clearly in Americas best intrest.

I run proxmox and try to host some things locally but the server offerings aren't quite there yet. What would be amazing would be for me to be able to truly host my own cloud so that I could share a doc with someone and the editor was hosted by my servers and safely sandboxed. It would be extraordinary if I could get my phone to offload storage to my personal cloud in place of iCloud and this was as easy as pointing to my personal cloud instead if being, at best, still a patchwork.

Things like portainer, podman, proxmox, etc are putting different pieces together but they are missing the crucial ingredients of exposing themselves to the internet safely and easily and being the foundation that my personal OS can actually easily run on. This split between device OS and cloud OS is something that hasn't yet really happened and it is holding us back from creating a viable alternative ecosystem to commercial offerings. I think the things missing from current offerings like proxmox are:

1) The cloud OS of the future needs to expose VPNs and control domains as first class citizens so that my devices can join it securely and natively. These resources are the hard-drives and network cards of a cloud OS but they are treated like apps in current offerings. 2) It needs to integrate with auth in ways that allow me to 'share' a doc from my personal cloud just as easily as google does and allow others to connect in secure, controlled ways. There isn't a point to opening up to the internet if you can't allow others to connect safely. 3) It needs to integrate with other clouds and provide native ways to migrate data and services between your personal cloud and other clouds. 4) It needs to seamlessly expand from user level cloud to enterprise and beyond. This is the 'Developers developers developers' moment. If I can develop in my local cloud things that I can deploy to a real enterprise could then I will build a lot of things even if they don't go to the enterprise.

I think building the route to 'how' is the important question here. You can't just legislate 'use the alternative' if the alternative doesn't exist. So what is the route here? How do we get to a point where it is actually possible to choose a different cloud? I think there are a couple ways here but a core component is likely a split in linux to start a cloud native install path. Basically, when you install on a machine it always installs as a container running on a hypervisor/cloud OS so the machine joins/starts a cloud OS install first and then the user OS installs are virtualized on top from the start. Basically, bare-metal should belong exclusively to the cloud OS. I think this likely would create the initial split needed to focus efforts on developing the cloud OS separate from the user OS and possibly start us down a path where the ecosystem exists to enable people to hop off of US cloud providers. As a side benefit though it would make migrating to new hardware way easier since I could likely just migrate my virtualized environment after joining it to the cloud OS the old machine is hosted on.

First, Trump's rise in the US is not an isolated phenomenon. Almost every country in Europe has its own right-wing, anti-globalization, pro-nativist parties, and in almost all countries their power has grown. Globalization decreased economic friction, but not evenly--there were winners and losers. The winners were the professional class who could sell their services to a global market. The losers were the labor class who saw their jobs outsourced and who had to pay more to the professionals they needed (doctors, teachers, etc.). The result was Trump.

US policies will moderate as Trump's failures pile up, but we're never going back to the globalist, "citizens of the world" consensus of the 2000s.

Second, (and ironically), globalization has given leverage to high-agency individuals to amass more power than previously possible. Billionaires are exerting influence (Musk, obviously, but also Gates, Bezos, Marc Benioff, Bloomberg, Koch brothers, etc.) not just because they have money, but because money can influence more people through globalized businesses. Social media is the obvious vector, but even a business like Starbucks has influence by how they set labor trends.

Moreover, authoritarians like Putin are only constrained by hard power, not by international institutions. And ironically, the whole point of international institutions is to decrease investment in hard power! The result is that people like Putin can do whatever they want.

It is obvious that globalization, as currently structured, has failed. But no one (to my mind) has yet proposed a better model. The left wants to keep globalization and tinker around the edges; the right wants to tear it all down and retreat to autarchy.

Eventually, the world will enter a more stable equilibrium. Whoever can see that new equilibrium can prepare for it or even influence how it comes about. Anyone got any ideas?

the EU has settled for using US tech but just taxing the success with fines

They don't care at all about the provider being a local or European company. They just want the cheapest option.

Which usually means using the same server to host dev/UAT/prod, and also using the extra storage available to store company data unrelated to the workloads hosted on the server.

Whereas the companies that are using big clouds are more focused on doing things with more care, and trying to avoid as much disaster as possible.

But I guess having PII data exposed on the web from an Hetzner server is better than having everything encrypted on AWS...

At work we rely on "big" clouds offered by major telecom companies. AWS is seen as ridiculously expensive "religious requirement" to gain trust, if we'd ever decide to market our product to US customers, but little else.

Big benefit of smaller countries and local apps. We can more easily fit apps on one to a few computers and don't need your hyperscaling clouds to serve the entire world, because our world is 10 mil. people.

But at the end of the day, there was never any real incentive to make an EU-native alternative. Now, there is. The US is in an uncertain state. Will American be great again? A fascist dictatorship? Argentina? Who the heck knows. Right now, we have a lot of speculation about what's going on and precious little information.

Unreliable partners give a very, very strong incentive to have critical infrastructure local.

Beyond that, what's the downside? Before, it risked triggering a trade war. Seems we're there already, and going local just gives a stronger hand.

Fascism is a right-wing ideology was widespread throughout all of Europe before WWII, and especially took hold in Germany, Austria, and Italy. It was at the opposite end of the political spectrum from e.g. Stalinist Russia.

It is not a synonym for "bad government," "dictatorship," "violent government," or similar.

I did not give a definition for fascism. You can look ones up yourself. However, critically:

1. China is not right-wing. That's prerequisite.

2. China has very little fascist-style state / political violence, and virtually no paramilitary elements. You're at no risk of being beaten up or having your windows broken for having the wrong political views. Police officers didn't even have guns until recently. There aren't Brown Shirts and Black Shirts, are groups like the fascist right-wing militias in the US. Rather, the state violence you see there is institutionalized violence, through proper administrative and bureaucratic channels.

3. China has nationalism, but is very much not ultra-nationalist.

4. China does not try to eliminate minorities if they play ball. Indeed, China is very supportive of non-Han groups (who were, e.g. exempt from One Child). Rather, what you see is forceful "modernization" and cultural assimilation, leading up to violence if there isn't compliance. If the Muslim minorities in China decided to give up their religion, culture, and desire for freedom, and started to act like Han Chinese, they'd almost certainly be left alone. You saw the same directed at Han during the Great Leap Forward. For Jews in 1930 Germany, assimilating was very much not enough to be left alone.

5. Control of the economy is limited and directed. A lot of the Chinese economy is also like the Wild West.

.... and so on.

Note that I'm not passing a value judgment on which system of government is better or worse. However, "fascist" is not the same as "totalitarian."

One of the key things in China is that if you (personally and collectively) go along with the government, for the most part, you're very safe, and life is quite peaceful. Another is that most control is "soft." The wrong post online will simply be hard to find, load slowly, or not show up for other users. Or you'll have a harder time moving up in life.

It's very little like Germany, Italy or Spain the in the 1930s, where you had armed groups walking the streets, breaking windows.

Define right wing in this context. Its historically communist, but it not really so any more, as you your self admit "Control of the economy is limited and directed"

> China has nationalism, but is very much not ultra-nationalist.

It is very nationalist and believes its culture to be superior to minority culture which is why they are assimilating it.

> For Jews in 1930 Germany, assimilating was very much not enough to be left alone.

True, but I said "fascism" not "nazism" which are not the same thing.

> Rather, the state violence you see there is institutionalized violence, through proper administrative and bureaucratic channels.

is that a necessary trait? The Brownshirts were got rid of once the Nazis were in power. Once you control the state you no longer need the paramilitary.

> However, "fascist" is not the same as "totalitarian."

I agree, but I think China has a lot of traits in common with fascist states. it might not tick all the boxes in a definition, but it ticks far more than the typical dictatorship.

It's very hard for me to see how. Even taking everything you said about China at face value (some of which I might take issue with):

- Almost every dictator tries (with mixed success) to create a personality cult.

- Almost every totalitarian state tries to build nationalist fervor to keep people in-line

- Almost every totalitarian state uses state violence to maintain control

- Almost every culture believes itself to be superior, and most successful politician try to exploit that (with the exception of a few on the far left)

... and so on.

I think a necessary and requisite element for fascism is an army of thugs and a pervasive level of fear. That's different from, for example, an army of educated bureaucrats deciding to stick problem individuals in a gulag. The brownshirts were never gotten rid of, but rather were institutionalized into the SA and to some extent, the SS. They were still thugs and relatively indiscriminate violence.

China lacks thugs. If you don't stick your head up, I don't see many people fear the government. People generally keep their heads down, fall in line, and lead normal lives.

I don't know if it's core to fascism, but expansionism and imperialism is also rather lacking in China. There are some disputes, mind, you, about places which China thinks should belong, namely Tibet, Taiwan, Mongolia, a little bit of Russia (formerly Manchuria), a few mountains near India, and a few islands, but critically, those ambitions have not changed in nearly a century.

Now someone has thrown a monkey wrench at the invisible hand, and they have to duplicate a lot of effort. They lose, we lose. But at least they've stopped tying their future to an unreliable business partner. Divorce sucks for everyone.

So every innovation and success ends up being sucked into the gravity well of Silicon Valley. Every talent ends up having to move to the US to be credible. Soon everything is "American". The great innovation center of the universe, fueled by foreigners and acquired foreign businesses.

Will this continue? That is hugely to be seen.

There are plenty of other alternatives, e.g. Softmaker Office and Papyrus are German word processor and office applications.

For example, Hetzner doesn’t even offer database services. Some would consider those to be table stakes to run their application. Does it add complexity? Potentially. But we accept some additional complexity if it yields incremental value.

If you don’t value the additional functionality cloud providers offer, that’s fine. But lots of people do.

Certainly, unnecessary complexity should be avoided. But it’s a bit naive to associate comprehensiveness with complexity. They’re not entirely identical.

I am totally OK setting up my own database software on Hetzner. I understand that some people are used to "cloud" spoon-feeding them what they need and even what they really don't, but I perceive this as a nuisance.

I just checked a handful but didn't see any.

I'd love to have a good Google Docs alternative. No one has made one. Nextcloud is the closest we've got, and I use it sometimes, but it's pretty bad.

It's a lot less hard to build in 2025, and hopefully, someone will now.

You will surprised, but American businesses benefit from selling their services.

(and without the notorious US-made military equipment kill-switches)

And while we're at it, this time will be different: Instead of the membership criteria being anti-communism, it should be effective Liberal Democracy and Freedom from Exceptionalist Exemptions, namely from the International Rule of Law. So, to be part,

1. Compulsory ICC membership - hence no exceptionalistic US, and no exceptionalistic Israel.

2. No "Illiberal Democracies": say, for example, composite of a minimum 0.67 score on the WJP Rule of Law Index and others: therefore no Orbanic Hungary, and no illiberal others like it. Poland, Slovakia, Italy: you better watch your ways if you want in.

3. Democratic backsliding removes you rights in the Alliance, and, can proportionally lead to outright expulsion.

Not one more new military equipment purchase from the US, (and dispreference for other non-qualifying nations procurement). Member nations should use their - substantial - industrial capacity to equip themselves with indigenous military materiel.

Hey, it would be actually great for their economy!

Initially European scope, but bridges to a broader global scope (or even a secondary sister-Alliance) with open-ended partnerships with Canada, Australia, New Zeland, Japan, South Korea, and yes: Taiwan.

US and/or Israel want to join, if a more Democratic future selves? Simple: fully join the ICC, and meet the Alliance's full criteria as every other member.

Same applies for prospective new members.

> without the notorious US-made military equipment kill-switches

Evidence?

Speaking of speech control - how many Russian journalists have mysteriously fallen out of windows recently? …or is evidence only required for Western claims?

Really?

The EU limits explicit calls to violence, genocide denial, and coordinated disinformation campaigns.

Meanwhile, Russia imprisons people for holding blank signs, China censors Winnie the Pooh, and Hungary closed its last independent radio station.

Don’t you think your standards for what free speech is could be slightly different, depending to whom they apply?

Ok, so the alliance is a non starter then.

The invalidation of the result of the referendum in France related to the EU constitution in 2005 by the signing of the Lisbon treaty a year or so later was a clear demonstration that the will of the people was not respected.

The fact that the EU is pushing for the Chat Control law in order to access all your data on your phone, emails, pictures of your loved ones at all times without any reasonable causes/warrants is clearly an attempt to muzzle the population.

Then there is the invalidation of the Romanian election not long ago which was done under the guise of protecting democracy.

Then we can talk about the different parties in power in France /Germany and elsewhere who refuse to work with right wing parties that have been elected fair and square in parliament once again under the guise of protecting democracy and therefore are sending a clear signal that no matter who you vote for, the mainstream parties will refuse to listen/compromise and prefer to brand everyone who do not agree with them as Nazi extremists.

I thought that democracy was that the will of the people was to be respected but it turns out that ignoring 20 to 30% of your population because you don't agree with them is just easier.

To think that the EU has the gall to give lessons of democracy to authoritarian regimes....

1. France used constitutional processes for the Lisbon Treaty - or should we never adapt treaties as circumstances change?

2. Chat Control (wich I don’t personally agree) is being debated, modified, opposed - that's democracy in action. Try publicly opposing surveillance laws in China.

3. Refusing to coalition with anti-democratic parties IS protecting democracy. Just like we don't let parties run on platforms of abolishing elections.

Democracy isn't just counting votes - it's sustaining a system where we can keep voting freely. That's why we have guardrails.

Or would you prefer we just have one final vote to end all voting?

The answer was no, and then it was overridden without consultation. The people had spoken and were ignored.

> Chat Control is being debated, modified, opposed - that's democracy in action. Try publicly opposing surveillance laws in China.

The fact that Chat Control is on the table at all is the problem. You can't claim you want to protect privacy and democracy and demand access without cause to all your citizens data.

The fact that "liberal" countries are willing to debate if we should end all privacy for every citizen is not the greatest definition of democracy. Should we also have a debate about bringing back slavery as well or maybe talk about installing cameras in every home in the EU? Where does this stop?

> Refusing to coalition with anti-democratic parties IS protecting democracy. Just like we don't let parties run on platforms of abolishing elections.

The fact that you refer to right wing parties as anti-democratic parties when people have voted for them fair and square is very telling in terms of your biases. Anything we do not agree with is anti-democratic , anything we support is pro democracy. How convenient!

> Democracy isn't just counting votes - it's sustaining a system where we can keep voting freely. That's why we have guardrails.

Exactly and ignoring the votes of your constituents because you don't like how people vote is exactly what's killing democracy and why a lot of people are turning away from the mainstream parties. Instead of listening and trying to find solutions which means finding compromises, it's much simpler to label everyone you disagree with as anti democratic and label the voters as extremists.

> Or would you prefer we just have one final vote to end all voting?

I am not sure where this suggestion comes from.

On Chat Control - you're using classic slippery slope fallacy. Debating specific measures against CSAM isn't equivalent to "ending all privacy" or "bringing back slavery." This kind of hyperbole reveals bad faith argumentation.

About right-wing coalitions: When parties openly advocate undermining democratic institutions, refusing to empower them IS protecting democracy. Not all electoral success deserves governing power - see 1933 German Elections for why.

Your "ignoring votes" argument confuses:

- Right to be voted for;

- Right to automatic coalition inclusion;

- Right to implement anti-democratic agenda;

No one's votes are "ignored" - but winning some votes doesn't grant right to dismantle democratic safeguards.

You're basically arguing that protecting democracy from its enemies is somehow undemocratic. That's both logically and historically wrong.

The referendum is the government asking for the people's choice which means that if you simply ignore it and wait for a year before bypassing said choice, you clearly never really cared about the outcome of the vote.

> On Chat Control - you're using classic slippery slope fallacy. Debating specific measures against CSAM isn't equivalent to "ending all privacy" or "bringing back slavery." This kind of hyperbole reveals bad faith argumentation.

The slippery slope is you asserting that giving up my right to privacy in order to fight CSAM is not an overreach by any government. The fact that you don't realize what this proposal entails tells me you haven't probably looked at it in details.

Anybody who thinks that this proposal is reasonable or should be debated is not a friend of privacy nor democracy.

> About right-wing coalitions: When parties openly advocate undermining democratic institutions, refusing to empower them IS protecting democracy. Not all electoral success deserves governing power - see 1933 German Elections for why.

Refusing to listen to your people when your people tell you that things are not going well is how you get revolutions and blood baths. Refusing to work with them to find potential solutions to issues because you do not agree with then is what leads to things like the Syrian war.

> Your "ignoring votes" argument confuses: - Right to be voted for - Right to automatic coalition inclusion - Right to implement anti-democratic agenda

Your response to ignoring and refusing to work with parties that are supported by 1/5th to 1/3rd of a given population is simply to hide behind the "protect the democracy" mantra. It does nothing and it solves nothing. But it makes the anger and frustration of these people stew and then at some point it will blow up.

> No one's votes are "ignored" - but winning some votes doesn't grant right to dismantle democratic safeguards.

Again with the "saving the democracy" rhetoric. This is an empty argument devoid of substance. When you refuse to work with parties that represent a good chunk of your constituents just because you do not agree with them, that is not democracy, when you label them as extremists without listening to their concerns, that is not democracy, when you attempt to ban parties because they are starting to gain traction , that is not democracy.

> You're basically arguing that protecting democracy from its enemies is somehow undemocratic. That's both logically and historically wrong.

You are arguing that not listening to people and refusing to find compromises with all the representatives of a country's population is saving democracy.

I am arguing that listening to the people is what democracy is about. if that means that a far right or a far left government is elected, so what? That is the will of the people.

Anyway I can see that you and I don't agree on this topic and that this discussion will lead to nowhere. It's best to leave at that.

The Syrian war comparison is particularly... creative. Though I suppose someone's meeting their "international conflict reference" quota for the day.

Your "let's respectfully disagree" sign-off after casually mentioning "bloodbaths" is an especially artistic touch. Very subtle. Chef's kiss for that one.

But let's address your actual arguments:

- One referendum doesn't permanently bind a nation (or France would still be a monarchy);

- Constitutional processes exist for a reason;

- Coalition participation isn't a right;

- Democratic institutions protect democracy itself;

Here's the thing: real democracy is complex, messy, requires compromise and institutional protection. It's not just "whoever gets 51% can burn it all down."

But I suspect you know this already. The coordinated voting patterns on these threads are... interesting.

Tell me, how's the weather in [redacted]? ;)

Start with French and U.K. nuclear deterrence as foundation. Layer in proven European systems (Rafale, Gripen, Leopard) while rapidly developing next-gen capabilities through joint programs. Think European DARPA meets industrial policy.

Key force multipliers: integrated air defense spanning the continent, standardized logistics, shared intelligence platforms, and fully interoperable command systems. Defense partnerships with Canada/Australia/New Zeland/Japan/South Korea/Taiwan provide complementary capabilities and strategic depth.

No US kill-switches means full sovereign control of systems. Distributed manufacturing ensures supply resilience. Distributed architecture rather than centralized hub-and-spoke.

This model isn't about matching US or legacy NATO capabilities 1:1, but creating a robust, autonomous system that potential adversaries can't easily disrupt or defeat. European industrial and technological capacity makes this feasible - we just need the political will to execute.

We would use something similar to the EU's Recovery and Resilience Facility (RRF) to fund this initiative - like a EU Marshall Plan, and, cooperate across partners’ ample industrial capacity:

If we can make cars, airliners and cruise ships, we can make military equipment.

Swedish gear is actually a good template: license manufacturing of what’s needed criss-crossing the Alliance, and joint develop new generation equipment and technologies as necessary.

After all, it’s being done since Concorde and goes on today - we just need to increase the scale.

Access to joint funding, industrial cooperation, and defense capabilities is tied directly to maintaining democratic standards. Very simple - fail the democratic checks (Rule of Law index, ICC membership, etc.), and your access to the system's resources and voting rights gets restricted - like originally mentioned.

Continue backsliding on democracy? The restrictions escalate proportionally. This creates both carrots (access to shared capabilities) and sticks (potential exclusion) that make democratic standards self-enforcing through practical incentives rather than just moral arguments.

The Orbán playbook stops working when undermining democratic institutions has immediate defense and industrial consequences. It's a more robust enforcement mechanism than the EU's current Article 7 process.

An overwhelming majority of democratic countries in the world recognize the ICC. Why accept exceptionalist members any longer?

In short,

- NATO: Accept compromised / exceptionalist members for strategic advantage.

- This proposed new Alliance: Democratic standards ARE the strategic advantage.

I have my doubts, without the US NATO is largely toothless IMO.

France and the UK already maintain a credible nuclear deterrent. European industrial capacity dwarfs Russia's. The EU's combined GDP exceeds China's. Scale isn't our problem - political will is.

Sweden indeed shows how principled positions can be maintained while building serious defense capabilities. Now multiply that model by Europe's combined industrial and technological base.

The ICC point is crucial - when most nations accept international law, continuing to accommodate "exceptionalism" becomes a weakness, not a strength. An alliance of genuine democracies, bound by shared values and mutual accountability, may prove more reliable than one held together by mere convenience.

Rather than asking if Europe can afford to build this capability, perhaps we should ask if we can afford not to.

Why the downvotes?

In 2025, Trump dumped Ukraine, sided with Putin and made a number of bully threats (including invasion) to its formal National Security partners. Security which - at least still today - is bound by literal treaty.

Should Europe just roll over and wag its tail?

And how about making every citizen constantly carry an always-on device from the USA full of sensors and permanent internet access?

And how about basing all infrastructure on these devices, so that nothing works without them?

And how about not letting a software ecosystem flurish, so that when robots (cars, humanoid robots, weapons ...) take over, all of them will be controlled by US software?

Russians (and everyone closely watching) started that transition almost painlessly in 2014.

Have your own search engine. Have your own payment system. Base your infrastructure on open-source.

You know, be sovereign, not dependent.

The users switching from iOS to Android is just the last mile.

Why the hell not?

From a technology perspective (i.e., data/information theory/performance/what HN should be about), MSSQL is really, really hard to beat in a big enterprise ecosystem. This isn't because of decades of prerequisite evil dealings that make it a morally incompatible offering, but because it's been so thoroughly exposed to every possible use case that yours would certainly flow nicely.

I've been watching a lot of otherwise really compelling ideas and high energy teams get turned into complete shit due to these ideologies. I can understand a EU tech startup being hesitant toward US-based technology, but in 99% of the cases I hear about, it's a purely American tech company with zero international presence that is making a bunch of noise about how much they hate whatever domestic/paid/"closed" offerings.

That pesky Fourth Amendment to the Bill of Rights keeps getting in their way, so they've created ways around it, such as allowing allied nations to do the surveillance for them.

Every government in the world has mandates that require a surveillance capability. This has been the reason that satellite constellations cannot route traffic directly from user-to-user, but instead must route through "hubs", at a cost of doubling the required, but precious bandwidth.

Maybe we should discuss one topic at a time so we can make progress somewhere without the implication that progress that isn’t everywhere is progress nowhere?

I hope it gives at least some boost to GNU/Linux phones. Librem 5 is my daily driver, and it feels amazing despite its drawbacks.

Related:

'The tyranny of apps': those without smartphones are unfairly penalised (theguardian.com)

676 points by zeristor 1 day ago | 784 comments

https://news.ycombinator.com/item?id=43137488

Screw that, every EU politician have an iPhone or Android phone, loaded with apps from Meta, X, Tiktok and what have you. Step one should be for our politicians to put some sort of emphasis on their own privacy in relationship to the US, Russia and China.

The way out of this is not expecting consumers to install fdroid. It’s putting in place proper regulations to preserve privacy and security for EI societies.

That ship sailed so long ago. Not only because national security demanded warrantless backdoors, but because our companies now control regulation. If Tim Cook or Elon Musk take issue with some pesky demands for open architecture or security audits, they complain to Trump and resolve it via EO. Any protest is already quashed. Phone owners who don't actively resist hold no leverage against their OEM.

Stuff like F-Droid and PostmarketOS is the solution to this particular problem - people just don't want to admit it. It's easier to give up essential liberty, purchase temporary safety, and demand that you deserve security along with it too. Too few people realize that personal freedom is a necessary precondition to personal safety.

"Don't be snarky."

"Eschew flamebait. Avoid generic tangents."

"Please don't sneer, including at the rest of the community."

"When disagreeing, please reply to the argument instead of calling names."

https://news.ycombinator.com/newsguidelines.html

> One downside of uncommunicated permanent bans is that it precludes the leverage you ordinarily use to encourage reform

I'm afraid I don't understand what you're saying here. It seems simple to me though: if you'd stop breaking the site guidelines so repeatedly and badly then we'd be happy not to ban you again, and if you won't stop doing that, we have little choice.

Nobody gets arrested for insulting someone online. Threatening, yes. Discriminating, maybe. Insulting, never heard of such a thing.

You can watch the interview yourself here: https://www.youtube.com/watch?v=-bMzFDpfDwc

It's worth pointing out the usage of "insult" in the interview.

> "Is it a crime to insult somebody in public?"

> "Yes."

The US threat model has changed given the current regime. So it's appropriate to update your security practices

Given you think America behavior is reasonable now, I have doubts about you ever having nature you claim.

It's a marathon, not a sprint. I live with a high living standard with access to good health care. Hey, I also live in a democracy, and you're right that I think we need to defend that well. Let's hope & see if we have what it takes..

And most of the world doesn't run on fancy new gizmos (that don't make money for the shareholders anyway). Europe is still rich because it produces high value items like steel from iron ore, and machines and cars from steel.

MRNA - Pfizer, Moderna, and DARPA (who was involved in funding research) are all American. Just not BioNTech

Stable diffusion - the original diffusion paper was at Stanford in the US, not Europe

EUV - a DARPA project whose tech was licensed to ASML

That said, American tech depends on getting great talent from all over.

When attempting to formulate a persuasive argument, this isn't a great place to start in my opinion. It's perfectly acceptable to dislike Trump and his policies. If you do, then go ahead and state your reasons. He was elected by the people of his country and he'll be done in four years' time. That's not how kings generally function. Perhaps I'm throwing the baby out with the bathwater, but I don't find myself too interested in reading the article after the inflammatory introductory TLDR.