Is Amazon Rigging the Bidding For Massive Government Contracts? (vanityfair.com) 128
SpzToid quotes Vanity Fair:
The controversy involves a plan to move all of the Defense Department's data -- classified and unclassified -- on to the cloud. The information is currently strewn across some 400 centers, and the Pentagon's top brass believes that consolidating it into one cloud-based system, the way the CIA did in 2013, will make it more secure and accessible. That's why, on July 26, the Defense Department issued a request for proposals called JEDI, short for Joint Enterprise Defense Infrastructure. Whoever winds up landing the winner-take-all contract will be awarded $10 billion -- instantly becoming one of America's biggest federal contractors.
But when JEDI was issued, on the day Congress recessed for the summer, the deal appeared to be rigged in favor of a single provider: Amazon. According to insiders familiar with the 1,375-page request for proposal, the language contains a host of technical stipulations that only Amazon can meet, making it hard for other leading cloud-services providers to win -- or even apply for -- the contract. One provision, for instance, stipulates that bidders must already generate more than $2 billion a year in commercial cloud revenues -- a "bigger is better" requirement that rules out all but a few of Amazon's rivals... Much of the language of JEDI, in fact, seems specifically tailored for Jeff Bezos. "Everybody immediately knew that it was for Amazon," says a rival bidder who asked not to be named. To even make a bid, a provider must maintain a distance of at least 150 miles between its data centers and provide "32 GB of RAM" -- specifications that few providers other than Amazon can meet.
The article also cites last year's "so-called Amazon amendment, a provision buried in a defense authorization bill that will establish Amazon as the go-to portal for every online purchase the government makes -- some $53 billion every year." And it also notes that Amazon employs more than 100 lobbyists in Washington, and "has spent $67 million on lobbying since 2000 -- including more this year than Citigroup, JP Morgan Chase, and Wells Fargo combined."
The article says this controversy may be "a sign of how tech giants and Silicon Valley tycoons will dominate Washington for generations to come."
But when JEDI was issued, on the day Congress recessed for the summer, the deal appeared to be rigged in favor of a single provider: Amazon. According to insiders familiar with the 1,375-page request for proposal, the language contains a host of technical stipulations that only Amazon can meet, making it hard for other leading cloud-services providers to win -- or even apply for -- the contract. One provision, for instance, stipulates that bidders must already generate more than $2 billion a year in commercial cloud revenues -- a "bigger is better" requirement that rules out all but a few of Amazon's rivals... Much of the language of JEDI, in fact, seems specifically tailored for Jeff Bezos. "Everybody immediately knew that it was for Amazon," says a rival bidder who asked not to be named. To even make a bid, a provider must maintain a distance of at least 150 miles between its data centers and provide "32 GB of RAM" -- specifications that few providers other than Amazon can meet.
The article also cites last year's "so-called Amazon amendment, a provision buried in a defense authorization bill that will establish Amazon as the go-to portal for every online purchase the government makes -- some $53 billion every year." And it also notes that Amazon employs more than 100 lobbyists in Washington, and "has spent $67 million on lobbying since 2000 -- including more this year than Citigroup, JP Morgan Chase, and Wells Fargo combined."
The article says this controversy may be "a sign of how tech giants and Silicon Valley tycoons will dominate Washington for generations to come."
Oh no! (Score:2)
Next up: is the government rigging the bidding for government contracts?
Re: (Score:2)
I'd be much more worried if this wasn't going to best cloud provider in the market which Amazon is. And Amazon's pricing is reasonable, some things could be cheaper but overall things are priced competitively. Seems like the only people complaining are Microsoft and Oracle, both stellar examples of fine businesses.
Requirements (Score:5, Informative)
The "must already have $2B in revenues" is a little sketchy.
These two don't seem particularly discriminatory: Data centers 150 miles or more apart is something every cloud provider of any significance already has. Maybe not every data center is 150 miles from every other, but Amazon doesn't have that either. 32gb ram virtual servers is trivially added for anyone who didn't have it -- the physical servers backing the VMs often have 1TB ram or more.
Here's what really cuts out almost everybody: Amazon has a virtual networking system (VPCs) with their cloud product that allows for complex security infrastructures with VMs behind multiple layers of protection devices. Most cloud providers offer VMs plugged directly in to the Internet. Period.
Re: (Score:2)
The $2B revenue isn’t that odd— it basically says they want an established player where the government revenue will not dominate their books. Financial resilience.
Re: (Score:2)
Actually it IS pretty odd. If I were the DoD shopping for cloud services I'd want to be 50%+ of their revenue. Make sure you have them by the short hairs from day 1 - and that they'll jump through any hoops to keep you happy (and them in business).
And a mandatory re-bid every 4 years. Keeps them on their toes staying current.
Re: (Score:2)
Google and Azure. Which others? Linnode? Nope. Vultr? Nope. Several offer a "private interface" for talking between servers at a data center without incurring bandwidth charges but that's it.
Re: (Score:2)
I'm sure there are other smaller providers out there.
They are crazy expensive compared to AWS, and they want to "manage" all our stuff.
Re: (Score:2)
Re: (Score:2)
The answer may surprise you!
Re:Oh no! (Score:5, Interesting)
When Boeing launched the brand new 7E7 (which later became the Boeing 787), there was an almost titanic battle between various states as to where Boeing was going to situate the production lines, and eventually the issue was decided when Washington State passed tax relief laws which gave Boeing massive discounts for planes produced there.
The laws were ridiculous, with Boeing supporters claiming straight faced that the tax relief could be claimed by any aircraft manufacturer, so it wasn't state aid to Boeing (this was the height of the Airbus-Boeing state aid battle, initiated by the US government).
Problem was, the tax relief laws stated requirements that covered exactly the range of seats that the Boeing 787 was being marketed at, exactly the efficiency gains the Boeing 787 was being marketed at, exactly the production timescales the Boeing 787 was being marketed at, and all in all all the restrictions added up to eliminate all aircraft except for the Boeing 787...
Ironically, Boeing ended up missing both the production timescales and the efficiency gains cited as requirements in the law, but they still received the tax relief...
Re: Oh no! (Score:1)
Actually next up should be why is the government, with mostly fairly steady workloads that don't require scaling up and scaling down, that run 24/7, that hold data that often must be encrypted and therefore can't be de-duped even thinking cloud computing is a good idea? They get none of the advantages and all of the excess costs plus corporate-enabled foreign spying.
The entire thing is a dumb idea. Even the big IT analyst firms have wised up and admits cloud computing is MORE expensive unless your workloa
Re: (Score:2)
The best goverment money can buy! (Score:5, Interesting)
Amazon employs more than 100 lobbyists in Washington, and has spent $67 million on lobbying since 2000.
It's true. We have the best government money can buy.
Re: (Score:2)
And the best money government can print.
Re: (Score:1)
Who's complaining? (Score:5, Interesting)
One of the good-old-boys DoD contractors thought they had the sole source contract for bid rigging?
Re: (Score:2)
Ah, the Mommy-he-did-it-first defense. Always a winner.
Er, Open Stack, anyone? (Score:5, Informative)
The existing defense-oriented government data centres can easily support a really large open stack instance, which provides a more secure option that trusting a single vendor.
(In previous lives, I've worked with both Open Stack and with the Solaris side of the U.S. Defense Department's server farms: what I propose is child's play for them. Other departments? Maybe so, maybe not.)
Way to drain the swamp! (Score:4, Informative)
bad summary, are their real Amazon based clauses? (Score:5, Insightful)
Re: (Score:2)
WaPo (Score:1)
I see Bezos' purchase of the Pravda on the Potomac is paying dividends.
Re: (Score:2)
Really? And your evidence for this is? WaPo, if anything, has been very critical of the Administration and DoD.
You sound like a conspiracy "theorist"...a plot behind every grain of sand.
Re: (Score:2)
I find it fascinating how you people put blind partisanship ahead of common sense. It's such a deeply ingrained part of your thinking, you don't even notice it.
Oh, do tell: who do you think Bezos conspired with to buy the WaPo?
Re: (Score:1)
You say all that like Amazon doesn't have tools and documentation available for customers to secure the data they put in their bucket.
AWS _users_ have a terrible track record (Score:5, Insightful)
God I'm tried of seeing this. I'm not the biggest fan of AWS or S3 but when you see a news article on documents being leaked on S3 is almost certainly 100% the users fault (I'm not aware of any cases where it wasn't).
S3 defaults to private/restricted access. If you created a bucket right now and uploaded files the are not publicly accessible. You have to explicitly grant public access and if you do that through the web interface it even prompts you with something akin to "this is probably a very bad idea, are you really sure you want to do this".
The only fault that can be laid at Amazon's feet is that the ACL system can be very difficult to learn and master for novices. This causes non-tech types to just throw up their hands and just go with the public option thinking that it will be fixed later. AWS could help the situation by creating an S3 lite that had a more dropbox like interface and allowed access to be easily managed through OAuth access based on social media accounts.
maybe call all users as ANY AWS user some may (Score:2)
maybe call all users as ANY AWS user some may think that all users = all users in your domain.
Re: (Score:1)
> the ACL system can be very difficult to learn and master for novices.
If you actually know the 3 conflicting, completely independent ACL systems, you wouldn't say that. The *normal* ACL system for AWS objects is very complex, but for S3 there are 2 other hidden and obsolete ACL systems in use. Did you know that?
Does not apply here (Score:4, Informative)
AWS does not give you full control or even console (Score:2)
AWS does not give you full control or even console access so you can't load your ISO as boot also you don't control the AWS router that maps the PUB IPV4 to your local IPV4 and you can't get your OWN server or cluster that is just your systems and not auto balanced loads from any AWS VM.
Someone's conducting "info ops" on this contract (Score:5, Informative)
Here's a different view:
In the past several months, a private investigative firm has been shopping around to Washington reporters a 100-plus-page dossier raising the specter of corruption on the part of senior Defense Department and private company officials in the competition for the JEDI cloud contract. But at least some of the dossier's conclusions do not stand up to close scrutiny.
https://www.defenseone.com/tec... [defenseone.com]
Big Cloud Providers - Not Amazon (Score:1)
Was this article posted by the owner of some two-bit regional hosting operation? The specifications mentioned in the summary aren't tailored to Amazon, but hit every major cloud provider from Rackspace through IBM, Microsoft, Amazon, etc.
If you don't have datacenters outside of a 150 mile radius and you think that 32GB RAM is extreme, you're not capable of hosting even a mid-sized enterprise, let alone a large government. There wouldn't be too many small businesses that could get away with 32GB RAM in a ser
Re:Big Cloud Providers - Not Amazon (Score:5, Interesting)
Actually, the $2 billion in commercial cloud revenue will cut out pretty much everyone except Amazon, Microsoft, and maybe IBM.
Oracle, of course, will fudge their numbers to claim that much from commercial cloud, but I wouldn't believe them. Database, yes. Commercial cloud, no.
The other big player, CSRA, makes most of their revenue off of gov't contracts, not commercial. IBM may be in the same boat. Rackspace comes close, but doesn't hit the $2 billion threshold as of 2014 numbers. (See Wikipedia)
Google is big, but is only FedRAMP Moderate and I have no idea if they have been certified by DISA.
what is that 32GB listed about then? big for some (Score:2)
what is that 32GB listed about then? For some loads an VM with 32GB can be extreme. If any thing 32GB per DC = must be some small system over all.
Re: (Score:2)
Of course they could ... they would just sub-contract out the contract to AWS.
What about FedRamp? (Score:4, Informative)
I suspect once Trump groks this, he will FREAK out. He seems to have a huge amount of hatred for Amazon [businessinsider.com], so I would expect him just ordering the DoD to not do this if AWS is going to be the provider...not sure if he will have any other solutions.
Personally, I think anything that falls under 800-53 should NOT be outsourced in any way; you can't properly lock down the underlying AWS; you don't have access to their actual infrastructure. How would you audit that all the switches that your data travels across have the proper DoD login banners, or restricting SNMP by IP address? Maybe they already do all this; but a "small breach" could become "keys to the kingdom" to a huge amount of information.
It's quite easy, actually (Score:2)
Re: (Score:2)
I think this is probably the way it will go. Amazon cannot simply add DoD to their current infrastructure. It is too large. And DoD will not be happy with sharing their work commercial infrastructure. They are already pulling out their hair attempting to secure their supply chain. And they are starting to put serious money behind that securing.
Re: (Score:2)
DoD actually already has private regions within Amazon.
Re: (Score:2)
Yah, let's get DoD to become their own cloud provide and duplicate Amazon within DoD. There are several reasons why DoD chose not to do that: cost, complexity, staffing, location, bureaucratic inertia, and giving Congress an opening to declare which parts must be built in which congressional districts and states. And that latter is important to DoD, it raises their costs to do just about anything they'd like.
In the past I would have said it ran counter to Republican priorities of siphoning government off to
Defense data in the _cloud_? (Score:2)
This stuff must be completely non-critical. I can only imaging that all is routinely stolen and distributed globally anyways...
Please do this! (Score:1)
The controversy involves a plan to move all of the Defense Department's data -- classified and unclassified -- on to the cloud.
That is an excellent idea! It should be rolled out [washingtonpost.com] as soon as [businessinsider.com] possible. [freebeacon.com]
Sincerely,
China.
Amazon is cheaper than the alternative (Score:5, Interesting)
Cloud computing is cheaper. The problem for the defense industry is security.
Amazon is the only one to pass the test. It cost them a lot.
Now they're reaping the benefit of that expense.
They are the only cloud player to have invested in defense level security.
It saves money, even if they are the only player
Re:Amazon is cheaper than the alternative (Score:5, Informative)
Amazon was the *first* to pass the FedRAMP High test, and first to get approved on all 5 non-classified DISA Impact Levels back in 2014, but is by no means still the only.
Amazon, Microsoft, Oracle, and CSRA are all approved at FedRAMP High levels. For DISA Impact Level 5, the above list is also joined by IBM and possibly others.
Re: (Score:3, Interesting)
Re: (Score:2)
Re: (Score:2)
You can filter to just show "approved" and at the High level. That's where I got my initial list from.
https://marketplace.fedramp.gov/#/products?status=Compliant&sort=productName&impactLevel=High [fedramp.gov]
Nothing new. (Score:2)
This is similar to contracts that detail that they need to support Microsoft's software's proprietary protocols without actually saying it should be a Windows server. Sure, an alternative is technically possible but it doesn't exist. It's pretty shit but it just means that's they have no interest in changing their operations.
Yes, it's bullshit but it's old bullshit that's been going on for decades.
Exclusion (Score:2)
satisfactory (Score:2)
Re: (Score:3)
Unfortunately, some purchases require mandated check of several select sources first, GSA is one of them. Companies supply their wares via GSA. This was supposed to give government cheaper costs. It rarely works out that way because once it was established as being on the first go-to sources, government created an artificial barrier to a market. Hence contractors to GSA quickly figured they could raise their prices so the saving evaporated and probably increased.
Re: (Score:2)
Umm...why don't you wait until Mueller returns his report. If you know anything about prosecutions, prosecutors never reveal everything they know at the time they know it to prevent the rats from covering their tracks....not that Trump has anything to hide. He's a paradigm of virtue.
Re: Think Again (Score:1)
Not me, though.
When they say 'Are you ready for some Football?!', I say yes.
Yes I am.
Re: Sounds like FUD (Score:1)
The 150-mile minimum (Score:5, Interesting)
Re: (Score:2)
An Anonymous Coward in this post [slashdot.org] covers most of the ground, although to clarify one point, packet switching was developed for survivablity, later the ARPANET for sharing scarce and precious computer resources for research the government was paying for.
That said, anything that prevents Oracle from bidding on this contract is fine by me, they and Google with its allergy towards defense contracting are the only vendors who should not be in the running. They also only have tiny slices of the market, while as
Standard RFP process (Score:2)
This is a pretty standard part of any RFP, where vendors fight to make sure the requirements favor themselves. It's up to the project committee to weight the various requirements and figure out which ones are real and which ones are vendor-related BS.
This is likely intentional. Not a scandal. (Score:4, Informative)
Speaking as a federal employee - it’s incredibly difficult to just buy what you need. In business you find a provider and initiate a contract. In government, there are a ridiculous number of steps that make this impossible, all in the name of ensuring we cannot send a sweetheart deal to a relative or etc. This means it is not possible to just buy, say, a Dell computer, we have to propose a computer buy and specify what we need and let a reseller bid. We “save money” by buying the exact same Dell from a reseller who bought it from Dell to sell it to us. I am still 100% unclear how that can possibly be cheaper, but the reseller meets the requirement to be minority owned or Veteran owned or what have you, so hooray.
What happens in many cases when you have a very specific need is that multiple resellers will jump in and insist that they can provide what you want, when in fact they cannot. We spent about a year researching software for a very specific need and settled on one service that did what we wanted; during the bidding, several other providers (which we had specifically rejected during our fact-finding) popped up and insisted they could do things that their software clearly was not capable of doing. The contracting agents don’t have the background to know this. They just see a vendor saying “we can do this for way cheaper” without realizing that “way cheaper” is only possible because the service lacks 50% of what we need it to do.
Writing an “open bid” contract in such a way that only one vendor really can match the need is the simplest, fastest way around this mess, and unless/until the federal contracting and acquisition system is fixed, this will continue to happen. Everyone on the inside knows it happens, and honestly every once in a while some other vendor actually CAN meet the requirements, so it is as fair as we can make it without wasting everyone’s time and your tax dollars.
Tl;dr: if it looks suspiciously specific it’s intentional, and likely so for a damn good reason. We’d save a lot more cash if we just accepted some level of graft once in a while.
(Don’t get me started on the “approved” vendor site we have to use for most smaller buys; imagine Amazon if coded by Microsoft in 1996, where everything you buy that claims to be “new” is actually remanufactured, “name brand genuine” shows up as a knock-off, and once we actually got a device show up with European voltage requirements even though it stated repeatedly that it took 115v. Damn thing wouldn’t turn on with our puny American voltage and we had to fight to return it.)
Old tactic (Score:2)
Writing grants and contract proposals so that they exclude everyone but the vendor you want is dead simple; my clients used to do it all the time when they wanted a new high-end scientific gadget or piece of expensive gear.
You just write the grant so that it specifies as "mandatory" one or more features that disqualify all the other entries. It's pretty easy to do.
In my client's case they just wrote that one of "must-have" items was a "sample exchange airlock" mechanism for any new electron microscope they
BS Twitter rhetoric?? (Score:2)
So we all are familiar with the twitter rhetoric from POTUS regarding Amazon taking an 'unfair' advantage of mismanaged pricing by the USPS and how it is
'supposedly' upside down in a debt structure standpoint. We are also aware this is party driven because Jeff B owns both amazon and the washington post.
But here is the thing. When it comes to deals like this, this is the one area that the executive branch has complete latitude. These aren't congressional decisions, these fall squarely on department heads. S
Wait, what? (Score:2)
To even make a bid, a provider must maintain a distance of at least 150 miles between its data centers and provide "32 GB of RAM" -- specifications that few providers other than Amazon can meet.
Basically all major cloud providers can do that, even smaller ones. Linode? They top out at 300GB of RAM on their largest nodes, and have data centers in all four extremes of the US. DigitalOcean? They go up to 192GB and have data centers in NYC and SF. For an extreme case, Microsoft will do 3.8 TB of RAM on Azure.
Who Cares (Score:1)
Sumpin like, oh I don't know, like ... ARE YOU READY FOR SOME FOOTBALL?!!!
Woo-hoo!
We're gonna go all the way this year, I just know it! We finally got some fresh meat in the backfield, and finally got someone who can throw the ball. Yeooow, boy's a stud!
You guys act like this 'lobbying' shit matters, but what matters is getting the first down without getiing a flag on the play. I mean, first down, baby, that's what it
Cloud Computing Is cheaper - Not buying it (Score:1)