April 9, 2025 • 22 mins
Geopolitics and cloud infrastructure collide in this eye-opening episode where we explore how escalating tariff wars are throwing data center construction plans into complete disarray. Tech giants planning massive cloud and AI expansions now face skyrocketing costs and unprecedented uncertainty as raw materials fall under new tariffs – creating a situation reminiscent of the COVID building materials crisis but on a vastly larger scale.
Meanwhile, European cloud providers aren't sitting idle. We dive into the fascinating "Fulcrum Project," a bold initiative creating what they're calling "Trump-proof" cloud services. This ambitious federation of smaller European providers aims to redefine data sovereignty beyond just data location to who actually controls the cloud provider. With initial funding of one million euros, they're targeting SMBs who want local alternatives to hyperscalers that might be subject to foreign regulations.
Security concerns dominate our discussion as we unpack Oracle's problematic handling of a significant cloud breach. Despite clear evidence from both attackers selling the stolen data and customers confirming their data was compromised, Oracle initially denied any breach occurred. This stark contrast between transparent security practices and corporate denial offers valuable lessons for organizations facing similar challenges.
We also highlight a concerning surge in threat actors scanning for vulnerabilities in Juniper, Cisco, and Palo Alto network devices, with one vendor reporting 24,000 unique IP addresses attempting to access their portals within a month. Plus, we try to make sense of AWS's puzzling new Route Server offering, which resembles Azure's Route Server but fits awkwardly within AWS's existing architecture – leaving us scratching our heads about its intended use cases.
Join us for these critical insights and share your thoughts on what cloud networking stories we should cover next time!
Purchase Chris and Tim's new book on AWS Cloud Networking: https://www.amazon.com/Certified-Advanced-Networking-Certification-certification/dp/1835080839/
Check out the Fortnightly Cloud Networking News
https://docs.google.com/document/d/1fkBWCGwXDUX9OfZ9_MvSVup8tJJzJeqrauaE6VPT2b0/
Visit our website and subscribe: https://www.cables2clouds.com/
Follow us on BlueSky: https://bsky.app/profile/cables2clouds.com
Follow us on YouTube: https://www.youtube.com/@cables2clouds/
Follow us on TikTok: https://www.tiktok.com/@cables2clouds
Merch Store: https://store.cables2clouds.com/
Join the Discord Study group: https://artofneteng.com/iaatj
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Tim McConnaughy (00:14):
Hello and welcome back to another episode
of the Cables to CloudsFortnightly News.
I'm your host this week, tim.
I'm actually just now gettingback from London where I
attended CubeCon and because itis at the moment, it's only four
in the afternoon here on theEast Coast, but man, I feel I'm
already starting to drag.
I already had to have a cup ofcoffee and, yeah, last night I
(00:36):
went, we got back last night andI think I went to bed at like 8
pm.
I was trying, I was fighting tostay up but I couldn't do it.
But anyway, with me, as always,is my co-host, chris Miles, at
BGB Main on Blue Sky, and yeah,we'll just launch right into the
news.
We have some interesting stuff,some fun stuff that's happened
within the last couple weeks, soyeah, we'll just roll right
(00:58):
into that.
The first article comes to usfrom Network World and it's
called Tariff War ThrowsBuilding of Data Centers into
Disarray.
And boy, I wish it was just thedata centers that got thrown
into disarray on that one.
So for anyone who's been livingunder a rock, of course, the
president of the US, donaldTrump, has just rolled out a
(01:23):
continually escalating series oftariffs on enemies.
Allies probably would do it onaliens if he could prove they
exist.
But yeah, so this, of course,has thrown everything to
incredible uncertainty,especially for tech companies
that, basically, are planningmajor capital improvements,
right?
(01:43):
So within the last six monthsto a year, we've been reporting
multiple stories about howMicrosoft, google, aws just all
sorts of people are planning tobuild these giant data centers,
either for cloud expansion or,more recently, for AI expansion.
And, surprise, surprise, doingthat costs a lot of money and
(02:04):
requires an insane amount ofplanning and raw materials.
And raw materials is reallywhat's, uh, what's going on here
.
So I mean, the article talksabout this.
There's a lot of uncertainty uh, being put into this.
I mean, this is, you know it?
This actually reminds me alittle bit of a few years ago,
uh, during COVID, when, like,building materials, like wood
and everything was.
(02:25):
You know, if you're buildinghouses and stuff you, you would
find the cost for building ahouse just went up like 20%
overnight and changed, and it'sit's very much, very much the
same here, except on a giantscale, you know, you know, just
following up with that, justjust to go ahead and throw it in
there together and we'll talkabout it a little bit.
There's another article we havefrom Network World saying
(02:48):
European cloud group invests tocreate what it dubs the
Trump-proof cloud servicesinitiative.
This is not at all surprising.
I think some of this wasprobably already in flight even
before Trump announced all thesetariffs, but the idea is that
there are a lot of serviceproviders public cloud or
private cloud or whatnot so justtraditional service providers
(03:11):
in the EU.
Of course, you know differentcountries and everything, and
they're trying to essentiallybuild an initiative.
Is it called the FulcrumProject?
Is that right?
Is that what it's called?
Chris Miles (03:20):
Yeah, that's right.
Tim McConnaughy (03:21):
Yeah, yeah, I don't have the article right up
in front of me, but yeah, theFulcrum project basically aims
to create a almost like afederated services initiative,
kind of like how you canfederate with Active Directory,
kind of like that, but likeamongst all of the different
providers that are out there.
So think about, you know, youhave all these small business,
(03:41):
small, medium business, targetedservice providers in the EU
that maybe only carry a certainnumber of services, like a
couple of things that they dowell, but you want to.
You know, you don't want tohave to go to the CS, the major
cloud providers that are goingto have all the services.
So you have this, this kind ofopportunity to use these, these
small cloud services, but havethe still have some hopefully
(04:02):
amount of ease in federatingthem all together.
So it's a really ambitious idea.
Yeah, I don't know Anything toadd there.
What do you think?
Chris Miles (04:11):
Yeah, I mean, obviously these articles kind of
go hand in hand when we'retalking about tariffs and things
like that.
But I think kind of the majorpiece that you called out in the
first article is, like thesetariffs don't really take into
consideration the entire supplychain for some of these pieces
(04:31):
that go into building digitalinfrastructure.
Right, like there was, I thinkthere was exceptions put in for
things like semiconductors andthings like that, but like,
everything else that goes intobuilding a data center is still
at a very high price point.
When it comes to the tariffs,so like and that's like, this is
a thing that is not, it's notunique to technology in any way.
Right, that is not, it's notunique to technology in any way.
(04:54):
Right, like we're talking aboutum, even the supply chain of
like, um, uh, cars, cars,agriculture, et cetera, like,
like oranges.
I saw somebody kind of divinginto like what it costs to put a
tangerine, like a Florida growntangerine, into um, a uh, into
a supermarket, and like when itcomes to the truck, the
packaging, the labels, thenetting that you buy the, the
(05:17):
oranges, and all of that ismanufactured outside of the
outside of the country, so thatnaturally things are going to uh
rise in price and and datacenters are of no exception.
Um, it's funny because the Ithink the ultimate like message
of that article is basically, ifyou're looking to buy, like
build a huge data center, justwait it out.
Like put a pause on it, justwait it out.
(05:39):
Um, because he's he's obviouslyvery ephemeral with these
things.
Right, the the tariffs seems tochange on a, on a relatively
regular basis.
Yeah, um, someone, I heardsomeone say yesterday, I think
it was like oh.
Say yesterday, I think is likeoh well, when it comes to trump,
like if he says anything, wait72 hours and see if that's right
(06:00):
.
That's still what the what theactual uh um truth is, um, but I
mean, we are like what I thinkthese ones were announced like
last week, right, so we're, yeah, uh, we are past the 72 hour
mark, I think.
So, um, not looking great, notlooking great Um, but yeah, with
this Fulcrum project and kindof these, um, uh, this Trump
(06:21):
proof um cloud services thatthey're building, um, super
interesting Um, you know, theykind of talk about the
investment in this Fulcrumproject, which they're talking
about an investment of like 1million euros, and we know like
seed money that's.
That's peanuts like at the endof the day, right Compared to
what um people are investing inthe in the hyperscalers, but um
(06:42):
very cool idea and, like I said,like you said, very targeted at
SMBs and smaller organizationsthat um want something more
local to them, rather thanfeeding into the, the grand
hyperscalers, where they may besubject to regulations and
things outside of the control.
Tim McConnaughy (07:00):
Yeah, exactly.
Chris Miles (07:02):
But yeah, I think one interesting piece that they
called out in this article aswell was that it's kind of
redefining, for at least EMEA,what data sovereignty means to
them.
It's less about where datalives.
It's almost like taking onestep further Now.
It's about who the cloudprovider is and means to them.
It's less about where datalives.
It's almost like taking onestep further Now.
It's about who the cloudprovider is and who controls
them.
So it's, yeah, superinteresting.
(07:22):
Not sure how it's going toshake down, but it is
eye-opening for sure.
Tim McConnaughy (07:30):
This is interesting because I was just
at, like I said I was just atKubeCon and the amount of
European service providerpractitioners that I was just at
, like I said, I was just atKubeCon and the amount of
European service providerpractitioners that I talked to,
was it just it opened my eyes.
I had no idea how many Europeanservice providers there are out
there.
I mean just all.
I must've talked to 10different people and I think
almost all of them worked for adifferent, you know, public
(07:52):
cloud provider or private cloudprovider in the EU.
So this idea of federating toget around the the major, like
juggernauts, it's, it's almostlike an underdog story.
You kind of you kind of want tosee, see it succeed a little
bit and see how it goes.
It's, it's a really cool idea.
Like I said, like we're sayingit's, I'd like to see some legs
(08:12):
on it, you know, before it getssquashed by somebody with too
much money.
Chris Miles (08:24):
All right.
Next up we have an article fromBleeping Computer.
So if again you've been livingunder a rock, or maybe you just
don't consume Oracle Cloudservices.
Oracle has finally started toadmit that there was a data
breach of their environment.
So specifically, it sounds likethere was a breach of Oracle
Cloud in a quote-unquote legacyenvironment I think they were
calling it Oracle Cloud Classicor something like that through
(08:47):
some kind of older Java exploit,and it's funny because they
spent so much time denying it,like even talking to journalists
and saying yeah, like there wasno breach.
There was.
You know, no Oracle Cloudcustomers were impacted.
But now it sounds like they'vekind of come to the table and
say that you know there were.
I think I'm trying to look howmany thousands of records were
(09:10):
exfiltrated from the environment.
Exfiltrated from theenvironment and it was funny
they were still denying it whilethere were organizations
actually coming to the table andsaying, like actually, all this
Intel that is in this databaseabout us is true, so they know
they had to get it somehow.
So, yeah, not a good look forOracle.
I mean, you know breacheshappen, happens to everybody,
(09:32):
but you know, I think itprobably could have been handled
a little better, for sure.
Tim McConnaughy (09:37):
Yeah, I mean, there's such a trust problem
here Like I don't know what tosay.
Like it's one thing if yousuffer a breach and your
customer's data gets impacted orwhatever, but when you deny it,
even though the people you knowselling the data basically are
proving that, hey, actually thisis real data from your
customers and your customers aresaying, actually, yeah, that's
(10:00):
our data.
Like who?
At that point, who are you eventrying to fool?
Like your own customers justsaid this is our shit.
I don't even know what thepoint is at that point.
Chris Miles (10:10):
It's like it's like a shaggy thing right.
Yeah right, it wasn't me itwasn't me, you know.
Tim McConnaughy (10:19):
Yeah, that's it .
I definitely get the shaggyvibe from that one.
So what is the point?
At that point, your customerscan't even like.
I don't think your customerscan trust you.
So I don't know what to sayabout that other than it would
have been better just to admitthat some part of your
organization was breached andjust be clear about what that
(10:39):
was, and also be clear aboutwhat you've done to resolve it.
Chris Miles (10:43):
Like everybody else , I mean, obviously this is this
is only impacting customersthat have been relatively
longstanding with Oracle Cloudas well, right, so this is like
an environment.
I think that was deployed inlike pre 2017.
As well, right, so this is likean environment.
I think that was deployed inlike pre-2017.
So this is um the the overallimpact of like their well over
like their total range ofcustomers I would think was
(11:03):
pretty low.
Tim McConnaughy (11:04):
Um, it's probably customers that have had
some longevity there yeah, butthe article mentions that the
data that was stolen was recentlike so.
So there's some, either somelateral movement or some some
way that the they were able toleverage this breach to yeah,
six million yeah, get into thereal, like the, the gold mine or
whatever.
Um, yeah, true, that's newer.
(11:26):
So, yeah, the initial vectormay have been that legacy
situation or that legacyenvironment, rather.
But, yeah, according to thisarticle I mean the sub, you know
many of the things that wereshown on that website to be
stolen are are new, like 2025,new data yeah, it said um all of
them allegedly stolen fromoracle cloud's federated sso
(11:47):
login servers yeah, there was,there was still live yeah, true,
so, yeah, um, so oracledefinitely has a bit of egg on
their face from this, but youknow, as always, they should be
able to bounce back.
Chris Miles (12:01):
But yeah, not a good look for the next few
months at least.
Tim McConnaughy (12:06):
Yeah, I think the best look would have been
just to say hey, we got hackedand this is what we're going to
do, like every other normalperson you know does.
And this is what we're going todo, like every other normal
person you know does.
I don't know who decided thatI'm, you know, to play the
shaggy card.
I don't, I don't get it 100%.
Chris Miles (12:23):
All right.
Next up, we have an articlehere from CSO Online talking
about a surge in threat actorsscanning for Juniper, cisco and
Palo Alto network devices.
So it you know kind ofrelatively generic message
across the board for each one ofthese vendors, there's
basically been a surge of actorslooking for either scanning
(12:44):
these services offered by eachvendor or looking for default
credentials across the board.
I think even Palo said thatthey mentioned there was a
significant surge in loginscanning activity targeting
their Global Protect portals,which are obviously publicly
accessible.
(13:04):
They said over the last 30 daysthey saw 24,000 unique IP
addresses attempting to accessthese portals, although they
don't mention any login attempts, just like scanning from each
of these IP addresses, which isa bit strange.
But yeah, I think there's evenmention in here of the issue the
(13:26):
known vulnerability with Ciscosmart licensing as well and then
even mentions what is this.
Yeah, t128 username and password, 128t routes Sounds like a
generic login for maybe somekind of platform that was maybe
acquired by Juniper at somepoint.
So don't know if this is.
(13:46):
You know, it's kind of justgeneric botnets and obviously
this is there's been an uptickin this targeting here.
Don't know if this is somethingrelated to AI.
Maybe some of this is beingautomated and why it's being
done at a broader scale.
But, yeah, just make sure youare, make sure, aware of these,
make sure your platforms arepatched, make sure you're not
(14:07):
using default passwords.
Yeah, I think that's thegeneral sentiment here.
Tim McConnaughy (14:13):
Yeah, I can't even imagine the idea of putting
a network device publiclyaccessible with default
credentials.
Now, I mean, the article doesmention for each of the vendors
Juniper, Cisco and Paolo whattype of vulnerability or
scanning or, you know, loginattempt or whatever it was
that's happening, and it doespoint out that you know for
(14:36):
Cisco, of course, Ciscodisclosed a smart licensing.
Vulnerability was last year,and in that case there was a
default hard-coded credentialthat customers didn't even see,
Like, wasn't even.
You couldn't change it anyway,Like.
So that's a different kind ofexploit, Although, boy, that
one's pretty bad.
(14:57):
But then again, you know, likeI said, that's, everybody has
something going on, Everybodyeats, yeah, everybody rides that
train eventually, yeah, we'renot throwing stones, it's more.
Chris Miles (15:07):
It's about the response that train eventually.
Yeah, we're not throwing stones, it's about the response.
Tim McConnaughy (15:10):
that's important, yeah, and the
responses again, especiallycontrasting this with the
previous article.
They're getting it out there todo this stuff.
So I think, yeah, so the AIthing, I think that I mean,
obviously it's being automated,there's no question about
automation, the scanning that'shappening being automated,
there's no question aboutautomation there's.
You know, the scanning that'shappening is automated, there's
no question about that.
I think that I wonder if we'reseeing more of an uptick in the
(15:33):
or if this is.
This doesn't feel sophisticated, right, it feels like a shotgun
, like all scanning is.
But I wonder if this is.
If you remember, like when Kaliand other automated penetration
tools were kind of made moreavailable, you kind of had the.
(15:53):
Even before that, actually youhad the whole script kitty thing
where everybody could just getscripts and anybody could launch
an attack and be a hacker ifyou will.
I wonder if there's some ofthat going on, because we've
seen time and again and againhow easy it is to prompt, evade,
Like you know, do the thing,you know, poison the prompt
where you can actually get an AIto do some things for you or
(16:14):
give you some information thatyou probably it probably is told
not to give you.
It's criminally easy to do.
So, yeah, I think we're seeingan uptick, but I don't know if
they're, I don't know if it'srelated.
I think we will eventually, ifnot now, see more attacks, just
because it becomes more and moreeasy to launch this.
You know, to find this info andlaunch these kinds of attacks
(16:38):
from anybody.
All right, let's see.
We got one more here and thisone's pretty, I mean.
Yeah, I didn't see it coming,although I just don't think it's
.
It's not the most interestingarticle, but it is.
It is very relevant to cloudnetworking.
So AWS has kind of announcedthe general availability, at
least in some regions, for itsroute server.
Construct base is basically, ifyou know, Azure route server.
(17:01):
It's basically ARS, it's almostentirely the same.
The idea is that you can have athird party virtualized device
that can form a BGP neighborshipwith this route server, and
this route server will handlepropagating all of the routes
that are learned into VPCs,right?
(17:22):
So think TGW without the TGWpart, right?
Yeah?
Chris Miles (17:27):
The simplest way I usually think of these route
server things is kind of like aBGP route reflector, so it's
typically not in the data planeat all.
It's really just doing thefacilitation of propagating BGP
routes.
That's its sole purpose, that'sit.
So yeah, like you said, tim, Idid not see this coming because
(17:47):
you do see adoption of it inAzure.
But Azure also has a verydistinct architecture that they
push people towards, like ifwe're talking about the landing
zones or even the VWANs of whatpeople are using, whereas I
don't see that requirement thatmuch in AWS with kind of the
architectures that you buildwith TGW.
(18:08):
Obviously, there's exceptions tothat rule, but one thing that
drives me crazy, man, iswhenever AWS puts out a new
service, they'll havedocumentation out day one.
They have, you know, kind ofgeneral availability out day one
.
The diagrams are shit Like.
There's not even like, not evenlike.
I know this.
This is a service that theyoffer.
(18:28):
There's going to be like one oftheir little unique icons that
they're gonna make for it but onthese diagrams they just put
you know a, a white square thatsays route server.
It's like come on, guys, this is, this should be the easy part.
Is the the marketing piece?
Tim McConnaughy (18:41):
yeah, I was, I was reaching it, uh, reading the
documentation and it'sbasically like, yeah, I, I'm
still, I'm with you.
I don't a hundred percentunderstand.
It's like the point with ARS.
It makes perfect sense the waythat Azure does its routing.
With AWS, you have TGW and it'snot as abstracted as like VLAN
is.
It's very, very much, very,very uh in the data plane.
(19:03):
It's very simple.
Um, so this kind of out-of-bandroute server thing is almost
like why?
Chris Miles (19:14):
would I use this?
Tim McConnaughy (19:14):
instead of a TGW.
I guess if we're just peering,if you just don't want a TGW,
but we're going to do VPCpeering or something, I'm still
trying to wrap my head aroundwhat the use case is here as
well.
But there's quotas and it costswhat?
$0.75 an hour.
Chris Miles (19:29):
It's not cheap.
I mean, ars isn't cheap either.
Well, no, that's true.
Tim McConnaughy (19:31):
It makes sense, but at least with a yeah.
And this is the part wheremaybe, once I figure out what is
the, what is the point of your,of this new service?
Because I mean they even in thedocumentation say, is that you
know, if you want to propagateroutes into a tgw route table,
use transit gateway connect.
Chris Miles (19:45):
So you can't even use it with TGW right.
Tim McConnaughy (19:48):
Which is what 99% of AWS customers that need
to move traffic are probablyalready using right.
Which either this, or CloudWin,which has managed TGW.
So, yeah, this strikes me as awe don't want to build a small.
This is more like a small.
This seems like a small mediumbusiness play where, like, for
whatever reason, they don't wantto build a small.
(20:09):
This is more like a small.
This seems like a small mediumbusiness play where, for
whatever reason, they're notusing a TGW, they don't have a
big enough environment.
For whatever reason, they'rejust not using a TGW.
Chris Miles (20:15):
Here you go, here's your way to do third party yeah
it's funny they launched a verysimilar service to something
that's in Azure, but it'scompletely different from how
it's used in Azure, Because inAzure it's like you're typically
connecting it to express routesand your landing zone and
things like that, but this oneyou don't do any of that, at
least day one.
So yeah, quite odd, I imagine toyour point.
(20:40):
It's probably there's a certainsubset of customers that have
been asking for this for a while, so that's probably why the
documentation is quite light.
I would think Maybe they'regetting it out there just to
service the people that theyknow that need it and it'll kind
of grow into something beyondhere.
But yeah, it's just.
I mean it's cool, but I'm stillscratching my head Like I don't
foresee any kind of clientsthat I interface with in cloud
(21:03):
using this anytime soon.
Tim McConnaughy (21:04):
Yeah, I'm also struggling with it.
Even in their diagram itdoesn't make sense.
You've got two private subnetsand the same VPC, a device A and
device B, right, and thenyou're peering with these
endpoints and the endpoint peerswith the route server and the
route server is updating the twoprivate subnet route tables.
I'm just thinking like, what isthe situation where I needed to
do?
Chris Miles (21:23):
this, yeah, so we'll include the link in the
show notes.
So if you if you're else, youwant to have a look at the
documentation.
Have a look through it and andlet us know if you're also
scratching your head and if youcan think of an exact use case
where this, this makes sensethat maybe we're not thinking of
.
Let us know.
Tim McConnaughy (21:38):
Love to hear it yeah, absolutely all right, and
with that I think we are readyto close it out this week.
Um, so hope you guys enjoyedthe uh fortnightly news.
If there's anything we missedthat you think was a bigger
story than what we covered, uh,please drop us a line.
You know, post on blue sky, orsend us a message.
Hate mails fine, call us likesthat yeah, call us names.
(22:00):
You probably do that anyway, sowe just want to know what you're
calling us yeah, right, yeah,we just want to know so we can
start using the names ourselves.
That'd be fine.
Yeah, anything you want to doto give us any feedback on how
much you hate this project thatwe're doing, that would be
really appreciated.
All right, we'll see everyonenext time for the Fortnightly
News.
Take care, see you, see youguys, see ya.
Hello and welcome back to another episode
of the Cables to CloudsFortnightly News.
I'm your host this week, tim.
I'm actually just now gettingback from London where I
attended CubeCon and because itis at the moment, it's only four
in the afternoon here on theEast Coast, but man, I feel I'm
already starting to drag.
I already had to have a cup ofcoffee and, yeah, last night I
(00:36):
went, we got back last night andI think I went to bed at like 8
pm.
I was trying, I was fighting tostay up but I couldn't do it.
But anyway, with me, as always,is my co-host, chris Miles, at
BGB Main on Blue Sky, and yeah,we'll just launch right into the
news.
We have some interesting stuff,some fun stuff that's happened
within the last couple weeks, soyeah, we'll just roll right
(00:58):
into that.
The first article comes to usfrom Network World and it's
called Tariff War ThrowsBuilding of Data Centers into
Disarray.
And boy, I wish it was just thedata centers that got thrown
into disarray on that one.
So for anyone who's been livingunder a rock, of course, the
president of the US, donaldTrump, has just rolled out a
(01:23):
continually escalating series oftariffs on enemies.
Allies probably would do it onaliens if he could prove they
exist.
But yeah, so this, of course,has thrown everything to
incredible uncertainty,especially for tech companies
that, basically, are planningmajor capital improvements,
right?
(01:43):
So within the last six monthsto a year, we've been reporting
multiple stories about howMicrosoft, google, aws just all
sorts of people are planning tobuild these giant data centers,
either for cloud expansion or,more recently, for AI expansion.
And, surprise, surprise, doingthat costs a lot of money and
(02:04):
requires an insane amount ofplanning and raw materials.
And raw materials is reallywhat's, uh, what's going on here
.
So I mean, the article talksabout this.
There's a lot of uncertainty uh, being put into this.
I mean, this is, you know it?
This actually reminds me alittle bit of a few years ago,
uh, during COVID, when, like,building materials, like wood
and everything was.
(02:25):
You know, if you're buildinghouses and stuff you, you would
find the cost for building ahouse just went up like 20%
overnight and changed, and it'sit's very much, very much the
same here, except on a giantscale, you know, you know, just
following up with that, justjust to go ahead and throw it in
there together and we'll talkabout it a little bit.
There's another article we havefrom Network World saying
(02:48):
European cloud group invests tocreate what it dubs the
Trump-proof cloud servicesinitiative.
This is not at all surprising.
I think some of this wasprobably already in flight even
before Trump announced all thesetariffs, but the idea is that
there are a lot of serviceproviders public cloud or
private cloud or whatnot so justtraditional service providers
(03:11):
in the EU.
Of course, you know differentcountries and everything, and
they're trying to essentiallybuild an initiative.
Is it called the FulcrumProject?
Is that right?
Is that what it's called?
Chris Miles (03:20):
Yeah, that's right.
Tim McConnaughy (03:21):
Yeah, yeah, I don't have the article right up
in front of me, but yeah, theFulcrum project basically aims
to create a almost like afederated services initiative,
kind of like how you canfederate with Active Directory,
kind of like that, but likeamongst all of the different
providers that are out there.
So think about, you know, youhave all these small business,
(03:41):
small, medium business, targetedservice providers in the EU
that maybe only carry a certainnumber of services, like a
couple of things that they dowell, but you want to.
You know, you don't want tohave to go to the CS, the major
cloud providers that are goingto have all the services.
So you have this, this kind ofopportunity to use these, these
small cloud services, but havethe still have some hopefully
(04:02):
amount of ease in federatingthem all together.
So it's a really ambitious idea.
Yeah, I don't know Anything toadd there.
What do you think?
Chris Miles (04:11):
Yeah, I mean, obviously these articles kind of
go hand in hand when we'retalking about tariffs and things
like that.
But I think kind of the majorpiece that you called out in the
first article is, like thesetariffs don't really take into
consideration the entire supplychain for some of these pieces
(04:31):
that go into building digitalinfrastructure.
Right, like there was, I thinkthere was exceptions put in for
things like semiconductors andthings like that, but like,
everything else that goes intobuilding a data center is still
at a very high price point.
When it comes to the tariffs,so like and that's like, this is
a thing that is not, it's notunique to technology in any way.
Right, that is not, it's notunique to technology in any way.
(04:54):
Right, like we're talking aboutum, even the supply chain of
like, um, uh, cars, cars,agriculture, et cetera, like,
like oranges.
I saw somebody kind of divinginto like what it costs to put a
tangerine, like a Florida growntangerine, into um, a uh, into
a supermarket, and like when itcomes to the truck, the
packaging, the labels, thenetting that you buy the, the
(05:17):
oranges, and all of that ismanufactured outside of the
outside of the country, so thatnaturally things are going to uh
rise in price and and datacenters are of no exception.
Um, it's funny because the Ithink the ultimate like message
of that article is basically, ifyou're looking to buy, like
build a huge data center, justwait it out.
Like put a pause on it, justwait it out.
(05:39):
Um, because he's he's obviouslyvery ephemeral with these
things.
Right, the the tariffs seems tochange on a, on a relatively
regular basis.
Yeah, um, someone, I heardsomeone say yesterday, I think
it was like oh.
Say yesterday, I think is likeoh well, when it comes to trump,
like if he says anything, wait72 hours and see if that's right
(06:00):
.
That's still what the what theactual uh um truth is, um, but I
mean, we are like what I thinkthese ones were announced like
last week, right, so we're, yeah, uh, we are past the 72 hour
mark, I think.
So, um, not looking great, notlooking great Um, but yeah, with
this Fulcrum project and kindof these, um, uh, this Trump
(06:21):
proof um cloud services thatthey're building, um, super
interesting Um, you know, theykind of talk about the
investment in this Fulcrumproject, which they're talking
about an investment of like 1million euros, and we know like
seed money that's.
That's peanuts like at the endof the day, right Compared to
what um people are investing inthe in the hyperscalers, but um
(06:42):
very cool idea and, like I said,like you said, very targeted at
SMBs and smaller organizationsthat um want something more
local to them, rather thanfeeding into the, the grand
hyperscalers, where they may besubject to regulations and
things outside of the control.
Tim McConnaughy (07:00):
Yeah, exactly.
Chris Miles (07:02):
But yeah, I think one interesting piece that they
called out in this article aswell was that it's kind of
redefining, for at least EMEA,what data sovereignty means to
them.
It's less about where datalives.
It's almost like taking onestep further Now.
It's about who the cloudprovider is and means to them.
It's less about where datalives.
It's almost like taking onestep further Now.
It's about who the cloudprovider is and who controls
them.
So it's, yeah, superinteresting.
(07:22):
Not sure how it's going toshake down, but it is
eye-opening for sure.
Tim McConnaughy (07:30):
This is interesting because I was just
at, like I said I was just atKubeCon and the amount of
European service providerpractitioners that I was just at
, like I said, I was just atKubeCon and the amount of
European service providerpractitioners that I talked to,
was it just it opened my eyes.
I had no idea how many Europeanservice providers there are out
there.
I mean just all.
I must've talked to 10different people and I think
almost all of them worked for adifferent, you know, public
(07:52):
cloud provider or private cloudprovider in the EU.
So this idea of federating toget around the the major, like
juggernauts, it's, it's almostlike an underdog story.
You kind of you kind of want tosee, see it succeed a little
bit and see how it goes.
It's, it's a really cool idea.
Like I said, like we're sayingit's, I'd like to see some legs
(08:12):
on it, you know, before it getssquashed by somebody with too
much money.
Chris Miles (08:24):
All right.
Next up we have an article fromBleeping Computer.
So if again you've been livingunder a rock, or maybe you just
don't consume Oracle Cloudservices.
Oracle has finally started toadmit that there was a data
breach of their environment.
So specifically, it sounds likethere was a breach of Oracle
Cloud in a quote-unquote legacyenvironment I think they were
calling it Oracle Cloud Classicor something like that through
(08:47):
some kind of older Java exploit,and it's funny because they
spent so much time denying it,like even talking to journalists
and saying yeah, like there wasno breach.
There was.
You know, no Oracle Cloudcustomers were impacted.
But now it sounds like they'vekind of come to the table and
say that you know there were.
I think I'm trying to look howmany thousands of records were
(09:10):
exfiltrated from the environment.
Exfiltrated from theenvironment and it was funny
they were still denying it whilethere were organizations
actually coming to the table andsaying, like actually, all this
Intel that is in this databaseabout us is true, so they know
they had to get it somehow.
So, yeah, not a good look forOracle.
I mean, you know breacheshappen, happens to everybody,
(09:32):
but you know, I think itprobably could have been handled
a little better, for sure.
Tim McConnaughy (09:37):
Yeah, I mean, there's such a trust problem
here Like I don't know what tosay.
Like it's one thing if yousuffer a breach and your
customer's data gets impacted orwhatever, but when you deny it,
even though the people you knowselling the data basically are
proving that, hey, actually thisis real data from your
customers and your customers aresaying, actually, yeah, that's
(10:00):
our data.
Like who?
At that point, who are you eventrying to fool?
Like your own customers justsaid this is our shit.
I don't even know what thepoint is at that point.
Chris Miles (10:10):
It's like it's like a shaggy thing right.
Yeah right, it wasn't me itwasn't me, you know.
Tim McConnaughy (10:19):
Yeah, that's it .
I definitely get the shaggyvibe from that one.
So what is the point?
At that point, your customerscan't even like.
I don't think your customerscan trust you.
So I don't know what to sayabout that other than it would
have been better just to admitthat some part of your
organization was breached andjust be clear about what that
(10:39):
was, and also be clear aboutwhat you've done to resolve it.
Chris Miles (10:43):
Like everybody else , I mean, obviously this is this
is only impacting customersthat have been relatively
longstanding with Oracle Cloudas well, right, so this is like
an environment.
I think that was deployed inlike pre 2017.
As well, right, so this is likean environment.
I think that was deployed inlike pre-2017.
So this is um the the overallimpact of like their well over
like their total range ofcustomers I would think was
(11:03):
pretty low.
Tim McConnaughy (11:04):
Um, it's probably customers that have had
some longevity there yeah, butthe article mentions that the
data that was stolen was recentlike so.
So there's some, either somelateral movement or some some
way that the they were able toleverage this breach to yeah,
six million yeah, get into thereal, like the, the gold mine or
whatever.
Um, yeah, true, that's newer.
(11:26):
So, yeah, the initial vectormay have been that legacy
situation or that legacyenvironment, rather.
But, yeah, according to thisarticle I mean the sub, you know
many of the things that wereshown on that website to be
stolen are are new, like 2025,new data yeah, it said um all of
them allegedly stolen fromoracle cloud's federated sso
(11:47):
login servers yeah, there was,there was still live yeah, true,
so, yeah, um, so oracledefinitely has a bit of egg on
their face from this, but youknow, as always, they should be
able to bounce back.
Chris Miles (12:01):
But yeah, not a good look for the next few
months at least.
Tim McConnaughy (12:06):
Yeah, I think the best look would have been
just to say hey, we got hackedand this is what we're going to
do, like every other normalperson you know does.
And this is what we're going todo, like every other normal
person you know does.
I don't know who decided thatI'm, you know, to play the
shaggy card.
I don't, I don't get it 100%.
Chris Miles (12:23):
All right.
Next up, we have an articlehere from CSO Online talking
about a surge in threat actorsscanning for Juniper, cisco and
Palo Alto network devices.
So it you know kind ofrelatively generic message
across the board for each one ofthese vendors, there's
basically been a surge of actorslooking for either scanning
(12:44):
these services offered by eachvendor or looking for default
credentials across the board.
I think even Palo said thatthey mentioned there was a
significant surge in loginscanning activity targeting
their Global Protect portals,which are obviously publicly
accessible.
(13:04):
They said over the last 30 daysthey saw 24,000 unique IP
addresses attempting to accessthese portals, although they
don't mention any login attempts, just like scanning from each
of these IP addresses, which isa bit strange.
But yeah, I think there's evenmention in here of the issue the
(13:26):
known vulnerability with Ciscosmart licensing as well and then
even mentions what is this.
Yeah, t128 username and password, 128t routes Sounds like a
generic login for maybe somekind of platform that was maybe
acquired by Juniper at somepoint.
So don't know if this is.
(13:46):
You know, it's kind of justgeneric botnets and obviously
this is there's been an uptickin this targeting here.
Don't know if this is somethingrelated to AI.
Maybe some of this is beingautomated and why it's being
done at a broader scale.
But, yeah, just make sure youare, make sure, aware of these,
make sure your platforms arepatched, make sure you're not
(14:07):
using default passwords.
Yeah, I think that's thegeneral sentiment here.
Tim McConnaughy (14:13):
Yeah, I can't even imagine the idea of putting
a network device publiclyaccessible with default
credentials.
Now, I mean, the article doesmention for each of the vendors
Juniper, Cisco and Paolo whattype of vulnerability or
scanning or, you know, loginattempt or whatever it was
that's happening, and it doespoint out that you know for
(14:36):
Cisco, of course, Ciscodisclosed a smart licensing.
Vulnerability was last year,and in that case there was a
default hard-coded credentialthat customers didn't even see,
Like, wasn't even.
You couldn't change it anyway,Like.
So that's a different kind ofexploit, Although, boy, that
one's pretty bad.
(14:57):
But then again, you know, likeI said, that's, everybody has
something going on, Everybodyeats, yeah, everybody rides that
train eventually, yeah, we'renot throwing stones, it's more.
Chris Miles (15:07):
It's about the response that train eventually.
Yeah, we're not throwing stones, it's about the response.
Tim McConnaughy (15:10):
that's important, yeah, and the
responses again, especiallycontrasting this with the
previous article.
They're getting it out there todo this stuff.
So I think, yeah, so the AIthing, I think that I mean,
obviously it's being automated,there's no question about
automation, the scanning that'shappening being automated,
there's no question aboutautomation there's.
You know, the scanning that'shappening is automated, there's
no question about that.
I think that I wonder if we'reseeing more of an uptick in the
(15:33):
or if this is.
This doesn't feel sophisticated, right, it feels like a shotgun
, like all scanning is.
But I wonder if this is.
If you remember, like when Kaliand other automated penetration
tools were kind of made moreavailable, you kind of had the.
(15:53):
Even before that, actually youhad the whole script kitty thing
where everybody could just getscripts and anybody could launch
an attack and be a hacker ifyou will.
I wonder if there's some ofthat going on, because we've
seen time and again and againhow easy it is to prompt, evade,
Like you know, do the thing,you know, poison the prompt
where you can actually get an AIto do some things for you or
(16:14):
give you some information thatyou probably it probably is told
not to give you.
It's criminally easy to do.
So, yeah, I think we're seeingan uptick, but I don't know if
they're, I don't know if it'srelated.
I think we will eventually, ifnot now, see more attacks, just
because it becomes more and moreeasy to launch this.
You know, to find this info andlaunch these kinds of attacks
(16:38):
from anybody.
All right, let's see.
We got one more here and thisone's pretty, I mean.
Yeah, I didn't see it coming,although I just don't think it's
.
It's not the most interestingarticle, but it is.
It is very relevant to cloudnetworking.
So AWS has kind of announcedthe general availability, at
least in some regions, for itsroute server.
Construct base is basically, ifyou know, Azure route server.
(17:01):
It's basically ARS, it's almostentirely the same.
The idea is that you can have athird party virtualized device
that can form a BGP neighborshipwith this route server, and
this route server will handlepropagating all of the routes
that are learned into VPCs,right?
(17:22):
So think TGW without the TGWpart, right?
Yeah?
Chris Miles (17:27):
The simplest way I usually think of these route
server things is kind of like aBGP route reflector, so it's
typically not in the data planeat all.
It's really just doing thefacilitation of propagating BGP
routes.
That's its sole purpose, that'sit.
So yeah, like you said, tim, Idid not see this coming because
(17:47):
you do see adoption of it inAzure.
But Azure also has a verydistinct architecture that they
push people towards, like ifwe're talking about the landing
zones or even the VWANs of whatpeople are using, whereas I
don't see that requirement thatmuch in AWS with kind of the
architectures that you buildwith TGW.
(18:08):
Obviously, there's exceptions tothat rule, but one thing that
drives me crazy, man, iswhenever AWS puts out a new
service, they'll havedocumentation out day one.
They have, you know, kind ofgeneral availability out day one
.
The diagrams are shit Like.
There's not even like, not evenlike.
I know this.
This is a service that theyoffer.
(18:28):
There's going to be like one oftheir little unique icons that
they're gonna make for it but onthese diagrams they just put
you know a, a white square thatsays route server.
It's like come on, guys, this is, this should be the easy part.
Is the the marketing piece?
Tim McConnaughy (18:41):
yeah, I was, I was reaching it, uh, reading the
documentation and it'sbasically like, yeah, I, I'm
still, I'm with you.
I don't a hundred percentunderstand.
It's like the point with ARS.
It makes perfect sense the waythat Azure does its routing.
With AWS, you have TGW and it'snot as abstracted as like VLAN
is.
It's very, very much, very,very uh in the data plane.
(19:03):
It's very simple.
Um, so this kind of out-of-bandroute server thing is almost
like why?
Chris Miles (19:14):
would I use this?
Tim McConnaughy (19:14):
instead of a TGW.
I guess if we're just peering,if you just don't want a TGW,
but we're going to do VPCpeering or something, I'm still
trying to wrap my head aroundwhat the use case is here as
well.
But there's quotas and it costswhat?
$0.75 an hour.
Chris Miles (19:29):
It's not cheap.
I mean, ars isn't cheap either.
Well, no, that's true.
Tim McConnaughy (19:31):
It makes sense, but at least with a yeah.
And this is the part wheremaybe, once I figure out what is
the, what is the point of your,of this new service?
Because I mean they even in thedocumentation say, is that you
know, if you want to propagateroutes into a tgw route table,
use transit gateway connect.
Chris Miles (19:45):
So you can't even use it with TGW right.
Tim McConnaughy (19:48):
Which is what 99% of AWS customers that need
to move traffic are probablyalready using right.
Which either this, or CloudWin,which has managed TGW.
So, yeah, this strikes me as awe don't want to build a small.
This is more like a small.
This seems like a small mediumbusiness play where, like, for
whatever reason, they don't wantto build a small.
(20:09):
This is more like a small.
This seems like a small mediumbusiness play where, for
whatever reason, they're notusing a TGW, they don't have a
big enough environment.
For whatever reason, they'rejust not using a TGW.
Chris Miles (20:15):
Here you go, here's your way to do third party yeah
it's funny they launched a verysimilar service to something
that's in Azure, but it'scompletely different from how
it's used in Azure, Because inAzure it's like you're typically
connecting it to express routesand your landing zone and
things like that, but this oneyou don't do any of that, at
least day one.
So yeah, quite odd, I imagine toyour point.
(20:40):
It's probably there's a certainsubset of customers that have
been asking for this for a while, so that's probably why the
documentation is quite light.
I would think Maybe they'regetting it out there just to
service the people that theyknow that need it and it'll kind
of grow into something beyondhere.
But yeah, it's just.
I mean it's cool, but I'm stillscratching my head Like I don't
foresee any kind of clientsthat I interface with in cloud
(21:03):
using this anytime soon.
Tim McConnaughy (21:04):
Yeah, I'm also struggling with it.
Even in their diagram itdoesn't make sense.
You've got two private subnetsand the same VPC, a device A and
device B, right, and thenyou're peering with these
endpoints and the endpoint peerswith the route server and the
route server is updating the twoprivate subnet route tables.
I'm just thinking like, what isthe situation where I needed to
do?
Chris Miles (21:23):
this, yeah, so we'll include the link in the
show notes.
So if you if you're else, youwant to have a look at the
documentation.
Have a look through it and andlet us know if you're also
scratching your head and if youcan think of an exact use case
where this, this makes sensethat maybe we're not thinking of
.
Let us know.
Tim McConnaughy (21:38):
Love to hear it yeah, absolutely all right, and
with that I think we are readyto close it out this week.
Um, so hope you guys enjoyedthe uh fortnightly news.
If there's anything we missedthat you think was a bigger
story than what we covered, uh,please drop us a line.
You know, post on blue sky, orsend us a message.
Hate mails fine, call us likesthat yeah, call us names.
(22:00):
You probably do that anyway, sowe just want to know what you're
calling us yeah, right, yeah,we just want to know so we can
start using the names ourselves.
That'd be fine.
Yeah, anything you want to doto give us any feedback on how
much you hate this project thatwe're doing, that would be
really appreciated.
All right, we'll see everyonenext time for the Fortnightly
News.
Take care, see you, see youguys, see ya.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!