Am I the only one that see that as an obvious trap ?
We just realized that any data going through the wire should be considered as directly provided to state agencies, and now we're excited to be able to put our private data on chinese servers ? I genuinely first thought it was a joke.
If you regularly watch your server logs, you know your ssh servers are continuously tried for bruteforce. And if you often run "whois" against attacking IP, you know that since last year, most of those attackers are chinese.
Of course, nothing allows to say those attacks are made by government rather than individuals (China is the biggest country in term of population, after all), but that's enough for me to decide not to elect this country as the place where I put my data (and yes, I try as much as I can to not store anything in US too).
To put it another way: both China and the US might read all my mail and then consider me a dissident against their respective regimes. But, if the US wanted to do something with that information, they could just have me arrested; whereas if China wanted to do something with that information, they'd have to start a war.
An analogy: a teenager who sneaks out of the house at night, worries much more about their own parents finding out, than some other random adult. Other adults might be strictly more powerful than their own parents in any sense you'd like to measure, but the teenager isn't living under their rooves.
I totally agree with you that it should be considered good practice to host one's data outside one own country, so that we're preserved for any deviant paranoia government may happen to have (and other government would probably care less of individual data if you're not from their country).
All countries are not equals, though. China and US are known to have no regard for privacy, and are prone to violent actions - so I'd rather chose an other country. Of course, we can't expect any country to behave good, simply because we have no mean to know it. But we can expect countries with no aggressive reputation and with low budget to be less dangerous.
There are many reasons why you might see a disproportionate number of requests from that part of the world. At the very least China is most populous country in the world, and Asia is absolutely flooded with cheap hardware. SSH worms have been commonplace for almost decades now, suggesting SSH attempts from a Chinese IP address are obviously the work of an evil government is a little bit unfounded crazy talk.
> Of course, nothing allows to say those attacks are made by government rather than individuals
You have to admit this is hardly suggesting it's the case :)
My point was : I can't know if there's problem with China government, but provided their background, I would rather go elsewhere. I don't see how this could not be perfectly reasonable.
We just realized that any data going through the wire should be considered as directly provided to state agencies, and now we're excited to be able to put our private data on chinese servers ? I genuinely first thought it was a joke.
If you regularly watch your server logs, you know your ssh servers are continuously tried for bruteforce. And if you often run "whois" against attacking IP, you know that since last year, most of those attackers are chinese.
Of course, nothing allows to say those attacks are made by government rather than individuals (China is the biggest country in term of population, after all), but that's enough for me to decide not to elect this country as the place where I put my data (and yes, I try as much as I can to not store anything in US too).