It is no longer safe to move our governments and societies to US clouds

> Is the idea that they're more ready to listen and take action because of recent executive changes in the US, even though the cost of doing so has gone up by 100-1000x and the possibility of a joint retaliation from US tech giants and the government working in concert is now much higher?

I believe so, yes. I don't think Americans realize how profoundly the last few weeks have affected European political thought. It'll take a while before you see concrete changes. Europe is like a mammoth tanker, slow to change direction, but practically unstoppable. I believe that it's more likely now than ever before for European governments and businesses to sever their dependency on American technology. Lots of comments in this thread explain how hard this is, how big the feature gap between, say, AWS and OVH is, but as a European entrepreneur I gotta say, this looks a lot more like an opportunity than a problem to me.

The concerns expressed seem a bit silly, unless the various Euro systems didn't take the very basic approach of using open standards and avoiding lock-in. Oh, and they should be backing up their data somewhere besides "in the cloud".

If those very basic precautions had been taken, migrating to a Euro cloud, or a private environment (open cloud stack) would be trivial.

If not, a lot of people should be fired...but granted, there are a lot of stupid people out there...

All that said, I'd say the concerns around this are vastly overblown.

Why do you say that the cost of throwing out American tech giants has gone up by 100-1000x compared to 15 years ago? I mean before everything became cloud/SaaS, American software companies were still essential to most European business and governmental operations. It was just on more traditional server/desktop systems?

> but what to do with the cloud specific apps

Coming from IT land, the answer is simple: you don't use them in the first place, and you grit-and-bear the replacement cost if and when the time comes. This is a negative on my research notes, slide decks, and papers when it comes to evaluating various cloud platforms for our workloads, and yet it's also the number one reason we're forced into a specific provider (some leader loves their proprietary tooling, and forces us to use it).

Look, I'm not saying these proprietary tools are bad, per se, just that they have a steeper cost than initially presented to the consumer in terms of architecture complexity and inevitable migration. The very first question you should be asking before consuming niche or proprietary products from vendors is, "Can I do this in a standard way that's more portable?" For stuff like Azure Functions, the answer is emphatically yes - but it comes at the cost of managing additional infrastructure, which is often the main reason companies want to use those tools in the first place (a misguided notion about throwing out infrastructure to save money).

As for the solved problem of compute (VMs and Containers), well, literally any cloud provider should have that ready to go. The question is whether or not your org is willing to retain the talent needed to build and support your clouds internally, or if they'd rather pay higher outsourcing costs with vendor lock-in instead.

> but move where?

For hosting their government's own specific computing needs, and assuming a respectable GDP, they can build their own datacenters (pretty trivial) and hire contractors to build cloud computing environments (more challenging).

Open source cloud isn't too hard. There's OSS for about 80% of software needed for a cloud computing service provider, and you fill in the rest with proprietary and custom stuff. There's already several providers (one in the US, several in the EU/other countries) that offer "public cloud" using OpenStack. They literally give you, the customer, your own OpenStack cluster, and bill you for what you use. It's insanely easy and powerful. Yet everybody still uses the more popular providers (DO, Hetzner, Scaleway, etc), despite the fact that they all have proprietary interfaces, without anything close to feature parity with OpenStack. I guess people really like vendor lock-in and lack of features.

The hardware is more challenging to source; the chips all come from Taiwan or China, and the US and China make most of the good hardware.

For private business in their country, they might offer grants and tax incentives to EU companies to build out more local cloud hosting services. But since it's the EU I'm sure it's massively more complicated than that.

Scaleway at least is genuinely not a bad alternative for this kind of thing already today - they do have plenty of managed services like serverless functions, object storage, queues, etc, in addition to the simple VMs and container hosting.

OpenFaaS is one option for your functions. Knative is pretty good as well for the bulk of your applications without exposing developers to kubernetes directly. Between that and Crossplane I think you have all the pieces needed to move away to a self hosted solution where you are managing either metal or VMs through a hosting provider.

I’m not sure what this looks like outside of the US, but colocation providers offer racks of machines, or to host your machines, while providing access to cheap bandwidth and peering capabilities. It’s absolutely possible to move away from the major cloud providers. However, it will require a degree of investment within your organization to support these deployments no matter which you choose, which could be a new investment compared to using AWS, GCP or Azure.

Isn't Google doing some thing where they give the software stack to a local operating partner?

I guess you can say the code is still backdoored / untestable but it seems that could be audited.

> but what to do with the cloud specific apps (Azure functions etc.)?

Don't build them. Vendor lock-in is a real problem: even if there are no political issues, it's a business risk because they can charge you whatever they want.

Also, the cost of migrating off these things is usually overestimated. It's an HTTP request, for crying out loud.

https://european-alternatives.eu/

>I hope so too, but move where?

On premises.

> if the US government became a bad actor. It was seen as high impact but extremely low probability.

Was that before or after 2016?

If there really is no organizations competent to run government application in the Netherlands, then that is even bigger reason to start doing more of that in the country. I mean, computers are not going away! The competence and infrastructure does not magically appear. It requires consistent investment over time. Not being able to maintain computer based infrastructure is like not being able to maintain water supply of a country. Completely unacceptable. Heck these days maintaining water supply at city scale is difficult without computers and networking...

That is because you only hear about the failures.

This is a great point. For example, near where I live there’s a massive Google cloud warehouse out in the middle of a field next to the highway. Inside of that warehouse there’s a separate section for servers belonging to the US government that can benefit from all the electricity contracts Google has negotiated, the physical security and fences that Google has set up, and the fiber optic cables they’ve laid.

It’s the best of both worlds, they get the decades of research Google has put into systems engineering and fault tolerance while retaining the security of having their own servers.

Other developed countries are less comfortable because all the major cloud providers are US-owned companies and the NSA has a very, very long history of using US companies as information security weapons.

Not that they're the only ones. Israel has been busy stuffing investment cash into the pockets of Unit 8200 members so they can found security software and service startups coughSnykcough

Physical isolation is kind of irrelevant for the concerns being voiced here no? It's not like Europe's main worry is random people walking in and yanking hard disks out of servers in datacenters.

It's not the technology, it's the US Cloud Act which has slowed a lot of it down.

Very few actually qualified and capable techies here trust any of the US-based cloud providers.

Same for the German cloud, it's Azure Stack but operated by a subsidiary of Deutsche Telekom IIRC.

The 4 major cloud vendors (Azure, AWS, GCP and Oracle) all have Air-gapped regions in addition to their "GovCloud" regions.

The point is Amazon and Microsoft surely have vested interests in government data they are not supposed to be privy to.

Nice comparison

So the US is within its rights to ban TikTok?

Elon Musk will have access to all data.

That should scare everyone given his propaganda machinery aimed at elections he does or doesn’t like

The world literally has hard proofs of mass espionage by the NSA and CIA after Snowden and Wikileaks Vault 7. Moving your government secrets to the US cloud has been madness for at least 12 years.

Correct, it's more like a bitmask.

Except if any of the bits are flipped you're f-d; especially so if your adversary is a nation.

FOIA makes the US gov't one of the more transparent democracies, as a counterpoint. So much so it started getting copied by them.

https://reason.com/2024/12/26/foia-for-all/

“Transparency” as leaks from abuse is very, very different from transparency as a policy of easy access – and neither makes you necessarily better informed. In short, a biased selection of information can leave you worse off than having no information.

>> I don't think the US government is dumping classified info onto corporate cloud environments judging by this description from GovCloud.

There are cloud environments specifically for classified info:

https://aws.amazon.com/federal/secret-cloud/

https://techcommunity.microsoft.com/blog/coreinfrastructurea...

Not sure how the person doesn’t realize the contradiction.

The pun is intended.

The reasoning is that, with sufficient security, on premise (more or less) cloud technology is not much different in terms of sovereinty from sourcing your hardware from China.

the US government was invading and bombing people for decades and the EU did nothing. "chaotic evil" my ass, the only reason they're moving now is because MAGA is threatening them directly via Greenland, or indirectly, by pulling out of NATO and backing Russia.

[dead]

A lot of European companies and organisations use services provided by American companies but run on servers in Europe. In the UK the NHS uses AWS, the courts use MS teams, etc.

It's a bit premature to call it an alliance. So far there have only been talks.

> trying to turn Ukraine into basically colony (by demanding their resources forever)

Keep in mind it was Ukraine that proposed the idea of offering their resources back in October 2024[0]

0. https://www.cfr.org/expert-brief/zelenskyys-victory-plan-ukr...

EU also demands resources in exchange for military support such as the French+UK-led intervention into Libya. Saying US is an ally of Russia is a pretty big stretch, meanwhile the EU has members that are actually allied with Russia and lots of large Russia-aligned multinationals like Gunvor

> America is literally allying itself with Russia, trying to turn Ukraine into basically colony (by demanding their resources forever)

It was Ukraine/Zelensky who suggested that first not Trump. It was back in November. But we tend to forget such things for some reason...

From https://www.ft.com/content/623c197f-6952-4229-bfbc-0a96e43d6...

> Two of the ideas were laid out in Volodymyr Zelensky’s “victory plan” with Trump specifically in mind, said people involved in drawing it up. The proposals were later presented to Trump when Ukraine’s president met him in New York in September.

So Trump agreed eventually and then Zelensky started a media storm about how Trump wants take their natural resources and turn them into a colony. And everyone somehow immediately forgot that the proposal originated with Ukranian government.

> The levels of behaviors between the sides here are not symmetrical

It comes from a fundamentally different perceptions of reality and politics. There is idea that things have to be just and fair. And when they are not we like to say "it's not fair" and someone comes and fixes it. I am afraid it just doesn't work like that past the childhood age.

> American leadership made it clear that norms, laws or morality are only for suckers.

When weren't they? You're thinking maybe everyone just finally woke up? Morality and laws do not apply in practice on the international arena. It would be nice if they did, I agree, but they don't currently.

EU should have always had it's own strong army, it should have never trusted the US and not relied on them for protection. But they also shouldn't have been buying energy from Putin and funding his operation for years.

But would they still if the EU used tariff like policy to prohibit it? "The best time to plant a tree was 20 years ago, the next best time is now." Make the law, enforce the law, encourage the behavior and outcomes necessary to achieve the success criteria.

As someone with an infra background a lifetime ago, I am confident I could spin up Kubernetes and Deepseek R1 in OVH or Hetzer within a few days. The primitives exist, the EU simply needs to lean into cultivating and supporting them (orgs, platforms, etc) to push EU entities consuming these services away from US Tech. Perhaps the tech stack is a national security interest, just as a manufacturing base and supply chain is. Better to be prepared than to be entrenched in the US Tech ecosystem and then suddenly be held hostage for reasons.

Hosting LLMs at scale without Azure/Bedrock is still a massive pain, and they offer EU based data sovereignty, so not clear what the problem is there (or are we now saying no doing business with US companies at all?)

The EU doesn't have a significant tech industry.

[dead]

Don't forget Boeing moved their headquarters and leadership to DC. Making the widgets is just the inconvenient part management doesn't really care about/need to be involved with, the focus worthy part of their business is government extraction in Boeing corporate's minds. Our corporate class is such short sigted trash.

This presumes that today’s Europe is comparable to the one ca. 60 years ago: https://en.m.wikipedia.org/wiki/History_of_Airbus#1970%E2%80...

(I’m not disputing the chances, just the logic of the analogy with Airbus.)

Evroc in Sweden is trying to do this.

They can do even better. I don't know how much I can say but there is an EU funded alternative in the works.

> The main issue i see is that european cloud providers mostly have technically-ignorant upper management for which providing a cloud offering essentially boils down to "buy this software component from company xyz (likely an american company) and install this open source product abc, then slap a cloud marketing name and unleash the salespeople". They can't even contemplate the idea hiring somebody with FAANG-level skills, paying it FAANG-level money and let it do FAANG-level work. They hire a few underpaid 20-somethings and have them manage, at best, an OpenStack installation.

Thank you! As a german that saw how the sauce is made in public sector tenders it's exactly this!

This is not restricted to hosting / cloud sector. It's a good summary for most german IT companies.

Arrogance and incompetence are rampant. Programmers and their managers need to go en masse to have some substantial change.

Everyone is so full of themselves and disconnected from reality it's scary.

>I don't see europe building a realistic alternative to american cloud providers, and the core issue is not technical.

The brain drain ultimately takes it toll. The most capable people from europe ( and every where else), move to US , be they engineers, management, entrepreneurs etc.

"AWS Services That Do Not Support IPv6" - https://github.com/DuckbillGroup/aws-ipv6-gaps

They also move too slowly, so they fall further and further behind each year.

For example, Hetzner has great potential, but they’re only just now releasing object storage after 4 years in the cloud space, and they don’t even have managed database yet.

Ipv6 wasn't rally viable in a box until like last year.

Ok, that's one datapoint. Another datapoint says that Linux originated in Europe.

The used to exist (e.g. Hyves, StudiVZ), but they are murdered by FAANG. However, there are still locally successful companies that could expand to the rest of Europe if US companies were dropped. E.g. just speaking of The Netherlands, Bol.com is much more popular than Amazon, Marktplaats is more popular than eBay (which is pretty much non-existent here) and owned by a Nordic company, etc., iDEAL is much more popular for payments than PayPal, Stripe, etc. (and works far better). Such companies can fill the void.

Microsoft will be tough to replace. There are good alternatives, but retraining personnel, etc. will take years. Google, I am not sure. Their cloud services are replaceable. Search may be tougher, but the quality of Google Search has become so bad that it's often easier to ask an LLM.

With social networks or any EU startup problem is you have to deal with different languages right at the start.

Being US startup with English only you have access to 300m people right away.

There were country specific social networks but then all cool kids were on FB so everyone moved there.

The same with LinkedIn, our country specific business social network closed down finally last year. First 3-5 years it was growing then everyone moved to LinkedIn so that network was ghost town for 15 years someone kept it alive just in case but seems like they stopped wasting money.

Maybe so called social network is not something to reproduce. Who cares who runs them if they deteriorate sociality, generate addictive consumption of things detrimental to mental health and favor extremists point of view?

And that's why we need to stop being dependent on the US: everything in there is described in terms of « market share », and not in terms of usefulness, ethics, or independence.

Mastodon is German:

https://joinmastodon.org/about

(So is SAP, for that matter.)

There is an active effort currently to have the EU contribute towards funding https://freeourfeeds.com/ (to enable a distributed, global AT Proto network). Does the EU need the network to be home grown or have the valuation matter? I argue no, it is a utility, not a business to be captured and squeezed by investors or other potential controlling interests.

(as of this comment, Bluesky has ~32M users and counting)

They can fork phpbb. You didn’t really think these social networks are anything more than that?

We just need to see if phpbb can scale to a billion, and if not, why not.

PeerTube is made in France, Mastodon AFAIK in Germany.

Almost every EU company I worked with, migrated from Windows to Ubuntu at some point.

More like "Year of the EU computing independence" this time, totally for real guys!

It's been one year away for 30 years!

"Cloud" is not boxes like OVH and Hetzner sell. Cloud is a gigantic software layer offering all kinds of features and abstractions.

I think it'd be faster and cheaper to replicate GitHub or even Office, which are complex but fairly feature-stable, than to offer a real cloud competitor with a fraction of the services that Amazon, Microsoft or Google offer in their cloud portfolios.

I heard an interesting thought on the Lex Friedman podcast though. If software engineering really becomes cheaper and more readily available thanks to AI, maybe more companies will start building more of their own services. Then, maybe then, will the European enterprise be able to wean itself off from the big cloud vendors.

How does Scaleway measure up these days?

Are there good resources for comparing clouds with sovereignty in mind?

Are OVH decent? I'm not entirely sure that they're even passable and what other options would you have in Europe?

Since practically every government in Europe is a Microsoft "shop", Azure is the first stop when The Cloud is concerned. Unofortunately, often the last one too... Wheels were already moving, I helped rhem gain traction.

So yeah, not my favorite of the whole "not my favorite" cloud migration plan, but the only realistic path forward at the time

Multiple local copies, a cloud copy, and an archive copy on a different provider.

Interesting that I got down voted for this

Come on. We can draw a straight line from the GFW to companies like Baidu and Alibaba. Without it, they would (initially) struggle in direct competition with endemic US products.