Tag Archives: Amazon

Combating money laundering with free books

Posted on by
Reply

Well that’s a weird title, isn’t it? But it turns out that Amazon is an excellent place for all kinds of commerce: buying goods, selling services (Mechanical Turk, hello!). Oh yeah, and money laundering. One author recently discovered some of his titles were being used as part of a money laundering scheme. Since Amazon is essentially unwilling to do anything about it, he did the only thing he could: he made the books free.

Of course, that won’t stop people from “selling” used copies for large sums of money. It does give people who are actually interested in the book a way to get it for free. And by driving people to his website instead of Amazon, he helps readers avoid the illegitimate listings. But I suspect most people go to Amazon first when they’re looking for a book (or just about anything else). In that case, visitors are more likely to find the illegitimate, expensive copy and give up.

No matter what the effect on readers, there’s a clear effect on Mr. Faber: he’s not making money. Faber probably doesn’t need the money from book sales. As the co-founder and Chief Investment Officer of an investment company, he’s probably doing pretty well. But someone who makes their living – or at least a substantial portion of their living – from book sales has more to lose doing this.

Of course, authors shouldn’t be the ones to fight Amazon’s fraud problems. The last I heard, Amazon has a few dollars that they could throw at it. On the other hand, they get a cut of the money that gets laundered, too. It’s in their (short-term) financial interests to try not to notice this. The only real losers I see are the banks who have to cover the losses from the stolen cards (and the poor saps who get stuck with the bogus 1099). Could the banks put pressure on Amazon to fix it? Or will it require a big fine from the feds?

The AWS/VMWare partnership

Posted on by
1

Disclosures: My employer is an AWS partner. This post is solely my personal opinion and does not represent the opinion of my employer or AWS. I have no knowledge of this partnership beyond what has been publicly announced. I also own a small number of shares of Amazon stock.

Last week, Amazon Web Services (AWS) and VMWare announced a partnership that would make AWS the preferred cloud solution for VMWare. AWS will provide a separate set of hardware running VMWare’s software managed by VMWare staff. Customers can then provision a VMWare environment from that pool that looks the same as an internal data center.

As others have pointed out, this is essentially a colocation service that just happens to be run by Amazon. I share that view of it, but I don’t take the view that AWS blinked. It’s true that AWS has eschewed hybrid cloud in favor of pure cloud offerings, and they’ve done quite well with that strategy.

I don’t think the market particularly cares about purity, nor do I think the message will get muddled. Here’s how I see this deal: VMWare sees people moving stuff to the cloud and they know that the more that trend continues, the smaller their market becomes. Meanwhile AWS is printing money but is aware of the opportunity to print more. Microsoft Azure, despite having an easy answer for hybrid, doesn’t seem to be a real threat to AWS at the moment.

But I don’t think AWS leadership is stupid or complacent, and this deal represents a low-risk, high-reward opportunity for them. With this partnership, AWS now has an entry into organizations that have previously been cloud-averse. Organizations can dip their toes into “cloud” without having to re-tool (although this is not the best long-term strategy, as @cloud_opinion points out). As the organization becomes comfortable with the version of the cloud they’re using, it becomes easier for AWS sales reps to talk them into moving various parts to AWS proper.

Now I don’t mean to imply that AWS is a sheep in wolf’s clothing here. This deal seems mutually beneficial. VMWare is going to face a shrinking market over time. With this deal, they at least get to buy themselves some time. For AWS, it’s more of a long game, and they can put as much or as little into this partnership as they want. For both companies, it’s a good argument to prevent customers from switching to Microsoft’s offerings.

What will be most interesting is to see if Google Cloud, the other major infrastructure-as-a-service (IaaS) provider will respond. Google’s strategy, up until about a year ago, has seemed to be “we’re Google, of course people will use us”. That has worked fairly well for startups, but it has very little traction in the enterprise. Google can continue to be more technically-focused, but that will hinder their ability to get into major corporations (especially those outside of the tech industry).

I don’t see that there’s a natural fit at this point (though I also wouldn’t have expected AWS and VMWare to pair up, so what do I know?). One interesting option would be for Google to buy Red Hat (disclosure: I also own a few shares of Red Hat) and make Open Shift its hybrid solution. I don’t see that happening, though, as it doesn’t seem like the right move for either company.

The VMWare-on-AWS offering will not be generally available until sometime next year, so we have a little bit of time before we can see how it plays out.

Actually, it’s about ethics in book reviews

Posted on by
Reply

Bruce Schneier shared a story earlier this month about how Amazon is apparently mining information to flag book reviews when the reviewer has a relationship with the author. I write book reviews (though I don’t post them to Amazon), so this seems relevant to my interests. I can see why Amazon would do something like this. People buy books, in part, based on reviews. If Amazon’s reviews are credible, people will be more likely to buy well-reviewed books. Plus: ethics!

The first few purchases would likely be unaffected until the buyer has a chance to form an evaluation of credibility. And even then, how much stock do people put into online reviews of any product or service? I tend to only look at reviews in aggregate, unless the specific reviewer has established credibility.

I hope that my occasional book reviews have established some sort of credibility with my ones of readers. I certainly try to make it clear when I might have a bias (e.g. disclosing stock ownership or a personal friendship). Mostly, though, I’m motivated to give accurate reviews in order to advance my own thought leadership. I’m very self-serving sometimes.

On the whole, I appreciate that Amazon is trying to keep reviews fully-disclosed. I just don’t think they’re doing it very well. If a reviewer has a relationship with the reviewee and it is properly disclosed, there’s no reason to suppress the review.

Full disclosure: I own a small number of shares in Amazon.

Book review: AWS System Administration

Posted on by
Reply

In his forthcoming book, Mike Ryan aims to introduce Amazon Web Services (AWS) to developers and systems administrators. Correctly creating and managing an AWS environment is a cross between development and administration, so anyone coming from a straight admin or dev background would probably miss key components.

Unfortunately, in aiming for two audiences, he produces a book that doesn’t seem to quite satisfy either. The book goes into a lot of unnecessary detail, for example a lot of Postgresql detail in the backup chapter, and a lot of Puppet specifics scattered throughout.

My biggest complaint is the way the book is organized. Basic AWS concepts like regions aren’t introduced in the beginning. Several concepts appear in passing before they are explained. EC2 security groups are lumped into the chapter at IAM roles, but it makes more sense to separate those.

Much of the book focuses on a single example, without a lot of discussion of other use cases. However, the use of auto scaling and Elastic Load Balancers in various cases is very well explained. The use and limitations of IAM roles is excellent as well.

This book could benefit from some reorganization and a more focused audience. With more information about AWS and less on implementation details for specific environments, the second edition could be a valuable resource.

AWS System Administration is scheduled to be released on July 25. It is published by O’Reilly Media.

Cloud detente

Posted on by
Reply

Evident.io founder and CEO Tim Prendergast wondered on Twitter why other cloud service providers aren’t taking marketing advantage of the Xen vulnerability that lead Amazon and Rackspace to reboot a large number of cloud instances over a few-day period. Digital Ocean, Azure, and Google Compute Engine all use other hypervisors, so isn’t this an opportunity for them to brag about their security? Amazon is the clear market leader, so pointing out this vulnerability is a great differentiator.

Except that it isn’t. It’s a matter of chance that Xen is The hypervisor facing an apparently serious and soon-to-be-public exploit. Next week it could be Mircosoft’s Hyper-V. Imagine the PR nightmare if Microsoft bragged about how much more secure Azure is only to see a major exploit strike Hyper-V next week. It would be even worse if the exploit was active in the wild before patches could be applied.

“Choose us because of this Xen issue” is the cloud service provider equivalent of an airline running a “don’t fly those guys, they just had a plane crash” ad campaign. Just because your competition was unlucky this time, there’s no guarantee that you won’t be the lower next time.

I’m all for companies touting legitimate security features. Amazon’s handling of this incident seems pretty good, and I think they generally do a good job of giving users the ability to secure their environment. That doesn’t mean someone can’t come along and do it better. If there’s anything 2014 has taught us, it’s that we have a long road ahead of us when it comes to the security of computing.

It’s to the credit of Amazon’s competition that they’ve remained silent. It shows a great degree of professionalism. Digital Ocean’s Chief Technology Evangelist John Edgar had the best explanation for the silence: “because we’re not assholes mostly.”

Amazon VPC: A great gotcha

Posted on by
Reply

If you’re not familiar with the Amazon Web Services offerings, one feature is the Virtual Private Cloud (VPC). VPC is effectively a way of walling yourself off from all or part of the world. If you’re running a public-facing web server, it might not be so important. If you’re running a compute cluster, it’s a no-brainer. Just be careful about that “no-brainer” part.

While working on a new cluster for a customer today, I was trying to figure out why the HTCondor scheduler wasn’t showing up to the collector. The daemons were all running. HTCondor security policies weren’t getting in the way. I could use condor_config_val from each host to query the other host. I brought in a colleague to double-check me. He couldn’t figure it out either.

After beating our heads against the wall for a while, and finding absolutely nothing helpful in the logs, I noticed one tiny detail in the logs. The schedd kept saying it was updating the collector, but the collector never seemed to notice. The schedd kept saying it was updating the collector via UDP. How many times had I watched that line go by?

The last time, though, it clicked. And it clicked hard. I had set up a security group to allow all traffic within the VPC. Except I had set it for all TCP traffic, so the UDP packets were being silently dropped. As UDP packets are wont to do. When I changed the security group rule from TCP to all protocols, the scheduler magically appeared in the pool.

Once again, the moral of the story is: don’t be stupid.

The “Amazon tax”: who’s the bad guy?

Posted on by
4

ArsTechnica had an article recently about how Amazon has decided to cut off its California affiliates in order to avoid having to collect California sales tax. The California law considers independent affiliates to be a physical presence of the affiliated company, a position Amazon disagrees with. In the midst of an overwhelming budget crisis, it’s understandable that Governor Brown would want California residents to pay the same tax on their Amazon purchases that they would at BigBoxStoreCo. There’s concern that this could end up resulting in a loss in tax revenue as employees of these affiliates lose their jobs. I did a cursory search for reports of such job losses in other states that have enacted similar laws, but couldn’t find anything concrete.

I understand why Amazon is taking this position. They’re not avoiding paying taxes (the customers would be the ones paying), they’re avoiding the overhead of determining the appropriate sales tax for every combination of address and product. Sales taxes are complicated. They vary not only by state, but sometimes by county and city. Different products are sales-taxable and others aren’t. Some customers are exempt from sales tax for certain purchases. Trying to keep all of that straight for the entire country is a non-trivial overhead.

So what’s the solution? One argument is that sales taxes are inherently unfair as they disproportionately affect the poor. Some would argue that a uniform sales tax is the solution. Another issue is that sales taxes are the sometimes only way to get money people who don’t live in the area but use services and infrastructure. This is a complicated problem and the solution is way more political than I care to be on this blog (if you like law and politics, Doug Masson’s blog is an enjoyable read). I take this as an example of how governments have yet to catch up with technology. It’s not unreasonable that online retailers collect sales taxes, but it’s unreasonable to expect it until the process is simplified.