Wednesday, April 23, 2008

The perils of Web-based computing

This isn't going to be a technical discussion, don't worry.

Microsoft has just announced its Live Mesh initiative. This will seamlessly integrate data and applications on your computer and the Web, and you'll be able to store your data in a central location where you can retrieve it from any computer. It's Microsoft's answer to Adobe's AIR and Google Gears, both of which address the same issue. The field is often called "cloud computing", which isn't a bad description - everything's up in a cloud of computers. Somewhere.

These sound fine and dandy, but there are three issues that the developers and boosters of these and similar products haven't addressed to my satisfaction.

The first is security. We read almost daily of data being lost by Government departments, banks and commercial firms. It's endemic. How can any user be sure that his or her data will be secure when it's all on a server somewhere on the Web? The server might not even be in his own country - it could be in China, Russia or Nigeria, where computer hackers run rampant. For all the assurances that one's data is 'safe', I guarantee right now that such data will be accessed by unauthorized persons at some stage. Probably sooner rather than later.

The second is reliability. I rely on the Web very heavily for research and other activities, but at least when there's a slowdown due to heavy traffic, or a lightning strike takes out my neighborhood cable for a few hours, I can work on my computer using my data and applications. If all those are stored on a server somewhere in the never-never-land of the Web, and I can't access them - then what? If terrorists take out key cables or nodes - as appears to have happened recently in the Middle East, taking down Internet services to several countries for days and weeks - what happens to little old me?

The third is privacy. Google already retains copies of every single e-mail sent and received by Google Mail clients. Even if you delete them from Google's mail service, their servers still retain backup copies. Google mines those e-mails for personal information to tailor advertisements delivered to you. What are you betting that Google won't do precisely and exactly the same to your personal information, files, data, pictures and everything else you store on their servers? And if you think that Microsoft, Adobe or any other company won't do precisely the same thing, there's a bridge in Brooklyn I'd like to sell you. Cash only, please, and in small bills.

No, you can count me out of the integrated online environment, thank you very much. I'll continue to keep my own applications and my own data on my own hard drive, and back them up onto my own devices.



bob@thenest said...

No way in the world would I go for it. Even my online backups in my own server space are encrypted, and I still feel a bit exposed at that.

fuzzys dad said...

I will not use this service.

Simeron Steelhammer said...

Well, I hate to break it to everyone but, you use it right now, whether you want to or not.

If you have a credit card, you use it.

If you have a bank account, you use it.

If you have a store card or any other form of non-cash transaction, you use it.

If you have a driver's license, fishing license or any other form of "government documentation", such as a birth certificate, SSN or anything else the government uses to identify you, you use it.

Now, this being said, you can LIMIT what is there but, the hard fact is that you can't limit it enough really without a fair amount of expense and a great deal of hassle unless you want to live in a cave and be completely out of society in all ways.

With the Grid soon to make the Web look like a 300 baud modem, this problem is going to be far more extensive.

Full length movie on the Web = 2-4 hours to download.

Full length movie on the Grid = 2-4 SECONDS to download.

Grid went operational in March 2008. 55000 servers on pure fiber. Estimate 250,000 servers in 2 years, pure fiber.

What can we do about this?

1) Make people encrypt things correctly.

2) Make companies encrypt things correctly.

3) Make companies, government agencies and anyone else that stores data set up the proper protections on thier computer systems to STOP hackers.

4) Employ TRAINED IT people that monitor all these systems FOR attacks 24/7/366 in a leap year.

5) Give these people the means to fight the attacks incoming even if this means cutting connections TO the Web/Grid for a few hours.

I mean, here are your choices if it comes to #5 above...lose your data to some hacker or be inconveinced for a few hours. Your choice.

"Cloud computing" has been here since the early 1990s. It's just growing more and more obvious to the general masses now and has become easier and easier to do.

And for an example of what I am talking about here...look at the TJMaxx fiasco.

13 years hackers were hitting thier systems, mining personal information. There is even a report of them SWITCHING KEYPADS at one of thier stores to keylog PIN numbers with transactions and then switching the thing back after two or three weeks to get them.

All this started because at the computer kiosks where they take applications at, some twit of a trained IT monkey did NOT disable the USB ports on the computer and then LEFT THE COMPUTER ON THE STORE NETWORK!

One USB device later, hacking program uploaded to kiosk computer. Once on the computer, hacker has access to store network, a little hacking later, into the company network and the deviltry begins.

For 13 years...about 20 million customers...all thier data...

Now, here are some other things for you to think on...

Type your phone number into Google and get your address. Then go to Google Earth and take a good look from space at your house...zoom in to the highest magnification and wave at yourself, make sure to pick that stuff out of your teeth too. can't "not" use this stuff because we are in the age of technology. By simply living, you're using it unknowingly.

What must be done is like any good soldier can tell you is train your troops, deploy them with the proper gear, give them enough latitude so they can actually fight and win the battle and then get the hell out of thier way and let them do thier job.

Now, do I think this is going to happen?

HELL no...I've done this for 30 odd years and have yet to see it.

So just ruin your credit yourself, check your credit reports three times a year (its free if you do it right each time) and try to stay under the radar while praying...

Phyphor666 said...

This reminds me of the Cortex from Firefly/Serenity. Specifically, the description thereof from the Serenity RPG sourcebook (Yes, I read it once, sue me) Anyhoo, it describes the cortex in the EXACT SAME WAY as cloud computing is described, namely, no local storage, everything is accessed from a central network server...and if your network link goes down?


I say, hell no. Things like X-drive and Gmail that allow me to keep data and mail off-site (for usage elsewhere, obviously) are fine...but I'd still rather have my stuff mainly stored locally.