Everything-Internet mega-company Amazon – is a monstrous beast.
Amazon dominates the Internet. Much of that domination has been achieved – by very anti-free market means. Companies this huge – can do a lot of unfair damage to relatively tiny competitors. Via heinous anti-market anti-competitive practices – and heinous anti-market government crony practices.
But these awfulnesses are not what we will today address. Today we look at how Amazon’s Internet ubiquitousness – could be a titanic national security problem.
Could be – if Amazon lands an up-for-bid $10 billion Defense Department (DoD) cloud computing contract.
Do not misunderstand – Amazon has weaseled its way into a seriously crony built-in advantage on landing the gig.
A former employee – was hired by the Barack Obama Administration as the DoD employee in charge of choosing who gets the contract. Amazon’s former employee worded the DoD contractor description in such a way – that only Amazon’s Amazon Web Services (AWS) matches the specs.
The cronyism was so awful, the Donald Trump Administration appointed an Inspector General (IG) to review the situation. Said IG took less than forty-eight hours to render the verdict that the situation stunk on ice – and pulled back a bit on the Amazon-inevitable process.
We are still in said contract decision making process. Which Amazon unfortunately still seems to lead.
Unfortunately in no small part – because Amazon is nigh everywhere digital.
“Amazon is not just an online store—that’s not even the hardest thing to cut out of my life. Its global empire also includes Amazon Web Services (AWS), the vast server network that provides the backbone for much of the internet, as well as Twitch.tv, the broadcasting behemoth that is the backbone of the online gaming industry, and Whole Foods, the organic backbone of the yuppie diet.
“I…want to stop using any of Amazon’s digital services, from Amazon.com (and its damn app) to any other websites or apps that use AWS to host their content. To do that, I enlist the help of a technologist, Dhruv Mehrotra, who built me a custom (Virtual Private Network) VPN through which to route my internet requests.
“The VPN blocks any traffic to or from an IP address controlled by Amazon. I connect my computers and my phone to the VPN at all times, as well as all the connected devices in my home; it’s supposed to weed out every single digital thing that Amazon touches.
“Ultimately, though, we found Amazon was too huge to conquer.
“AWS is the internet’s largest cloud provider, generating over $17 billion in revenue last year….Launched in 2006, AWS has taken over vast swaths of the internet.
“My VPN winds up blocking over 23 million IP addresses controlled by Amazon, resulting in various unexpected casualties, from Motherboard and Fortune to the U.S. Government Accountability Office’s website.
“(Government agencies love AWS, which is likely why Amazon, soon to be a corporate Cerberus with three ‘headquarters,’ chose Arlington, Virginia, in the D.C. suburbs, as one of them.)
“Many of the smartphone apps I rely on also stop working during the block.…
“That’s how Dhruv and I discover a major flaw in our blocking technique. It turns out many sites, in addition to using a company like AWS to host their digital content, employ a secondary service called a content delivery network, or CDN, to load web pages faster….
“AWS has huge buildings of servers around the world, while CDNs have a larger number of smaller ones. Think of AWS as the central warehouse for a site’s digital packets; the CDNs are the storefronts around the world that help people get the packets faster so that web visitors don’t have to wait for their data to come all the way from the main warehouse.
“Amazon runs its own CDN called Cloudfront…If a website uses AWS in combination with a non-Amazon CDN, my blocker sees the IP address used by the CDN and lets that AWS-hosted content slip through. When I check with Gizmodo Media Group’s tech team, I discover that our own sites are hosted by AWS and use Fastly as a CDN. Just like Airbnb, Gizmodo is sneaking past my blocker….
“Ultimately, I learn that it’s simply not an option to block Amazon permanently. It’s technically impossible given the use of CDNs, and even if we could come up with a perfect block, it would wall me off from too many crucial services and key websites that I can’t function without for both personal and professional reasons.”
As bad as this Amazon ubiquity is – the other side of the coin is much worse.
If there are ALL those ways for Amazon to get out – there are ALL those ways for nefarious actors to get in.
And if the DoD has handed Amazon all its data – that’s a highly problematic national security situation.
Because Amazon – is made up of humans. And humans – can screw things up. And Amazon’s humans – have a history of screwing things up.
And with ALL those different angles for which they are responsible – and from which they can be attacked – it isn’t the least bit surprising.
Forget for the moment the fact that Amazon is insanely crony corrupt – and nefariously gained an unfair monopoly advantage in the DoD cloud backup contracting process.
Amazon is insanely huge and pervasive. Which makes them insanely vulnerable to nefarious assaults form incalculable different directions.
The DoD should hire multiple companies – not just one. That way, one hack doesn’t expose ALL of the DoDs data.
And the DoD should consider companies a little less universally exposed than is Amazon.