The Dangers Of The Cloud
Storing all your data in the cloud isn't necessarily a good idea.
The latest and, if you believe the hype, greatest thing in computing is the “cloud,” the idea that we should all store our data remotely rather than on hard drives and other such devices. It’s taken hold among Apple users in the form of iCloud, and other cloud services offered by Google (Google Drive is their latest effort), Amazon, and other companies. In some sense it makes sense and it’s very convenient. Why store all my songs on a hard drive in my house when I can put them in the cloud and access them from my phone, tablet, or laptop? The same goes for e-books and such. The cloud, however, isn’t just about songs and e-books, there are serious people out there encouraging individuals and business people to put all their data in the cloud by stressing the alleged conveniences of being able to access it anytime anywhere in an easier manner than, say, logging in via a VPN. It’s an intriguing idea, especially in a world where we are all becoming increasingly mobile and less tied down to our desktops.
However, Apple co-founder Steve Wozniak pointed out a few days ago that there are some serious problems with the entire cloud concept that people aren’t considering right now:
WASHINGTON — Steve Wozniak, who co-founded Apple with the late Steve Jobs, predicted “horrible problems” in the coming years as cloud-based computing takes hold.
Wozniak, 61, was the star turn at the penultimate performance in Washington of “The Agony and the Ecstasy of Steve Jobs,” monologist Mike Daisey’s controversial two-hour expose of Apple’s labor conditions in China.
In a post-performance dialogue with Daisey and audience members, Wozniak held forth on topics as varied as public education (he once did a stint as a school teacher) and reality TV (having appeared on “Dancing with the Stars”).
But the engineering wizard behind the progenitor of today’s personal computer, the Apple II, was most outspoken on the shift away from hard disks towards uploading data into remote servers, known as cloud computing.
“I really worry about everything going to the cloud,” he said. “I think it’s going to be horrendous. I think there are going to be a lot of horrible problems in the next five years.”
He added: “With the cloud, you don’t own anything. You already signed it away” through the legalistic terms of service with a cloud provider that computer users must agree to.
“I want to feel that I own things,” Wozniak said. “A lot of people feel, ‘Oh, everything is really on my computer,’ but I say the more we transfer everything onto the web, onto the cloud, the less we’re going to have control over it.
Wozniak had no idea how prescient his comments over the weekend were because, just yesterday, Mat Honan, a writer for Wired, revealed that his iCloud account had been hacked into, causing him to lose much precious data:
In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.
In many ways, this was all my fault. My accounts were daisy-chained together. Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter. Had I used two-factor authentication for my Google account, it’s possible that none of this would have happened, because their ultimate goal was always to take over my Twitter account and wreak havoc. Lulz.
Had I been regularly backing up the data on my MacBook, I wouldn’t have had to worry about losing more than a year’s worth of photos, covering the entire lifespan of my daughter, or documents and e-mails that I had stored in no other location.
Those security lapses are my fault, and I deeply, deeply regret them.
But what happened to me exposes vital security flaws in several customer service systems, most notably Apple’s and Amazon’s. Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information. In short, the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification. The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices.
This isn’t just my problem. Since Friday, Aug. 3, when hackers broke into my accounts, I’ve heard from other users who were compromised in the same way, at least one of whom was targeted by the same group.
Worries about the security of remotely stored data are nothing new, of course. There have been other remote data storage services that have had security issues of their own. Additionally, as anyone who runs a website that they don’t run off their own servers know, sometimes your entire businesses Internet presence can be at the mercy of company thousands of mile away. When the derecho hit the Washington, D.C. area in late June, it took out several high-traffic web sites not because they were located there but because they used hosting services provided by Amazon, which were taken out when the power went down in the area for several days. It may not sound like a big deal, but when your business depends on a web presence, a multi-day outage can be a huge problem. Now, imagine if that storm had taken out a bunch of cloud servers and made it impossible for individuals and businesses unaffected by the storm to access their data for several days.
Personally, I’ve never been entirely convinced of this idea of offline data storage and backup. Convenience aside, there are serious issues concerning security that any business that would take advantage of these kinds of services ought to take into account. In my profession, we have an ethical duty to keep client confidences secret, and that includes anything in a computer that might constitute confidential information, the same goes for people in the medical profession. How could I possibly be assured that online data storage or backup would be secure enough that no third-party would ever be able to access it? If I mess that up, it becomes a serious enough ethical violation that loss of license is not beyond the realm of possibility. For other companies, why would they possibly consider storing potential trade secrets offline unless it was in a location that they had control over?
Then you come to the problem that Honan had, which is likely to become increasingly common as we connect more and more of our accounts and store more and more of our data in the cloud. As he admits himself, there are some steps he could’ve taken to make what happened to him far harder to accomplish, such as signing up for Google’s two-step verification system which is quite honestly the best way to make sure the password to your Google Account is safe. I’ve been using it for the better part of a year now and, while there are inconvenient like having to re-verify yourself every 30 days or so, it does provide a certain piece of mind in that it makes it virtually impossible for someone to hack into your Google Account without you know about it. As an Android phone user, that’s an essential level of security. Honan’s Wired colleague Kim Zetter gives several more examples of how you can prevent yourself from suffering his fate. Many of them are standard-issue online and computer network security rules that we’ve all heard before, but which many people seemingly ignore.
For me, Woz’s warnings and Honan’s data disaster just reinforce the doubts that I have about the entire cloud concept. I like the idea of being able to access my music, and maybe someday more, from anywhere but I still maintain copies of everything on my computers at home. More importantly, there’s some data that I will simply never release into the cloud no matter how convenient it is. Confidential client data, obviously, but also anything involving finances, family, or anything personal that I wouldn’t want to fall into the wrong hands. It’s my data, and I want to have control over it. A bit over cautious? Perhaps, but I’d rather be safe than sorry.
I have good, multiply redundant, backups going back 25 years. I’ve rarely met anyone else who does. Most people run to the counter at Best Buy to save their data when their computer dies.
I think the Cloud is safer, when you do a true comparison, over all users, and when you don’t do a false comparison between the cloud and people like me.
There is an “availability problem” when people do the comparison. They model the cloud against a vision of the single user, and probably an idealized one. The comparison ignores, or rejects, the true-typical user, who as I say is heading to Best Buy or calling IT to “get their data back.”
(People like me are used to getting calls from family, saving data after viruses, or hardware failures, or moving data to new operating systems releases.)
I had my doubts about the cloud too….but like anything new and innovative, it must be used properly. For one, I’d keep back-ups of all important (to me) data. Two hard disks and one cloud.
For another, like you say…nothing sensitive. Media files only…music, movies, photos. The best way to think of the cloud is “remote access” not “remote storage.”
Amazon just sent me an e-mail saying that all the music I uploaded to the cloud will be upgraded quality-wise, making me think that they won’t even be using “my” files at some point. Again….access, not storage.
@Herb:
I personally think that Dropbox and Google Drive are the least interesting cloud applications. They are unstructured bridges from the old world to the new.
The true cloud world is structured data, like your on-line bill pay, and your on-line brokerage account.
If you are really anti-cloud, you have to stop using those and start sending bills again by paper mails, and doing all investing by the same path.
The cloud isn’t about backing up your Quicken data file, it’s about using a cloud space service instead.
If you don’t believe in the cloud, you’d have to make sure your employer, banks, and brokerages either do not have an email address for you, or that they all have a separate one.
Right now my “serious” gmail account is the most sensitive thing I own. It has a lot of “history.”
It is sure as heck not the email I use on this forum.
And people think I’m being a luddite for wanting to buy my music on CDs.
Encryption would solve any cloud worries. What is very telling is that virtually no platform makes it easy for users to even exchange email with 128 bit encryption. In fact, quite the opposite. Government and business have ZERO interest in easy encryption because it keeps them out
In the meantime, the cloud is not another hard drive, and ought not be treated as such. Its a service, not a repository.
BTW, here’s a cloud thing more important than non-technical cloud angst:
High Frequency Trading: Wall Street’s Doomsday Machine?
Here’s a useful metaphor: think of “The Cloud” as Social Security for your data. And rely on it accordingly.
@James in LA:
I think compartmentalization is the most important strategy. Ideally I’d have a core email address, one my employers, banks, and the IRS all use. I’d make that recoverable to my cell phone, but I’d never access it from my cell phone. No one, having found my phone, should be able learn that email by dredging histories on it.
Then I’d set up a separate social email, and attach it to facebook, meetup, or whatever. I would let my phone know about and use that account.
You can add a third email if you just want to talk smack on the internets, without affecting those two.
@john personna: As devices continue to diversify, compartmentalization is going to be more trouble than it’s worth. Soon, your clothing, then your skin, will be your “phone” and soon we’ll stop calling them “phones” altogether. Hanging one’s identity on a email address is awfully thin gruel. It cannot possibly protect those who are most vulnerable.
If we had easy, ubiquitous encryption, none of it would be necessary. I say we ought to start demanding it.
@James in LA:
Well, the guy who was “hacked” above was actually defrauded by “social engineering” (a poor phrase IMO). Someone talked their way into a primary account. If he’d had one solid jamesinla.com account, and a help line give it out, he’d be done, even with strong encryption.
It sounds like he would have been saved by a loose phone-computer connection. No one outside a bank or a serious correspondent should have known his core email.
That said, certainly Apple and Google want you to have a single sign-in, all encompassing, cloud presence.
I’d agree that is “too much cloud.”
(All my PC’s notebooks and desktops use strong passwords and encrypted home directories. Once I log in, Chrome only knows my non-serous IDs. I pop a Chrome incognito window before accessing banks etc.
With those multiple levels of security it would be very hard for someone given my notebook to even know my secure email, let alone access it.)
Every engineer I know and/or work with (including myself) keeps multiple copies of all data. The cloud can be convenient, but I see it more as a tertiary backup system or file sharing system than primary storage – and it functions well in that capacity.
Proprietary information of course (meaning most design work including documentation) is never kept on the cloud – as the saying goes, never send anything through the net that you wouldn’t feel comfortable shouting from the rooftops. Which means no on-line banking, though with modern banking hours that’s never been a problem; banks up here are open late during the week and on Saturdays.
The problem isn’t the cloud, its thinking that one solution (cloud in this case) is sufficient for all problems, and doesn’t need backup.
@george:
I think revision control systems are just a locally managed cloud. It was RCS that made engineering safe with multiple PC failure.
And of course cloud RCS is very popular now.
@george:
No, that is a pedantic and narrow cloud definition.
Certainly far more of your secure services are on the Amazon cloud than you know.
Frickin’ NASDAQ is on the Amazon cloud.
@john personna:
Well, RCS’s are typically tied into the local data center rather than external, so I think you’re getting away from what is meant by the cloud when you say they’re a locally managed cloud. By that kind of definition, you could call your PC a type of cloud, since the various storage devices on it act as an even more localized cloud. Generally cloud refers to storage leaving your own establishment (business, home etc).
As you point out, many secure services are on the Amazon cloud. And in general every time you use for instance a credit card you’re sending info through the net. So yes, the saying is too narrow. But that’s been true for a long time, and the point of the saying has always been to remind people that online security is weak, and so to keep backups of data and finances, to watch for possible identity theft (lest you find your home has been mortgaged off without your knowledge etc). Basically, its like acknowleding that even with a locked door your house can be broken into, so take it into account.
And I personally dislike online banking.
@george:
Actually I think I have a better “cloudy” definition.
In the old days RCS was at a local IS division. Then it moved to an engineering closet. Then it moved to Rackspace.
Once you get to Rackspace you are getting pretty cloudy. Especially if Rackspace moves you from a physical machine to a VM.
In this case, the hacker remote wiped his hard drive. This is less a cloud problem than a security problem. The problem of course is the more you do to secure your system, the less convenient it is. I don’t know if there is any way to square the circle.
Let’s see, bandwidth cap of 150GB, 250GB of material want to save, most online work is done in a wireless dead zone. Thumb drives, portable hard drives, microsd cards easily fill the gap, protect my privacy and put failure issues in my hands . And yes I prefer to receive paper bills and even pay them in person where possible, the three mile walk tween the various offices is exercise and postage stamps keep the postal workers paid.
I am a bit of a cloud skeptic*, but not really for the reason explored here (security). Yes, obviously, you don’t want someone to go into your iCloud account and deleting your stuff. However, you also don’t want a hard drive dying. The obvious solution is both. A lot more emphasis needs to be put on automatic synchronicity rather than single locations for any data.
* – Which does not mean, as John Personna suggests, I must oppose cloud computing everywhere and pay with everything by check. Merely that local copies and local applications aren’t going anywhere.
@Stonetools:
Truecrypt can encrypt an entire Windows system, I would chose that any day over remote wiping.
Now, I don’t know if there’s anything like that for any Apple OS.
Just ask the millions of people who were using Megaupload for cloud computing how that turned out for them.. Cloud computing is a great idea but unfortunately it doesn’t translate well to reality…
@Trumwill: I currently have 5 computers in my household. One of the computers is using an 80 gig WD hard drive from early 2000 and while I don’t store anything on it that isn’t backed up the drive has been giving perfect SMART data returns. I haven’t had a hard drive crash since the firmware bugged seagate 7200.1 barracuda drive bricked itself due to Seagate’s incompetence (their firmware was badly written). I haven’t had a WD or Samsung die on me in over a decade. Hard drives are so reliable now it’s amazing. That said I still have a backup routine that I follow once a week where all the systems are backed up on to the server we run. Hard drives are so cheap these days (now that they recovered from the flooding) that there’s no reason to not have all your data backed up at least once if not twice or on a RAID array. Right this moment you can buy 3 TB WD green drives for about 100 bucks shipped.
@matt: I have not had as good of luck as you. Hard drives are not what I would call “frequent,” but frequent enough that I got a NAS so that I could have everything backed up from all of my hard drives (also on five computers, coincidentally enough!) as easily and effortlessly as possible. Most people aren’t going to do that, though.
Whether cloud computing translates well into reality depends on how we define it. In some ways, it’s great. As the staple of how we use computers… I have concerns and skepticism.
@Trumwill: I noticed that my luck with hard drives improved greatly when I shifted solely to Western Digital drives. I have a Samsung ecogreen f4 2TB drive that is utterly rock solid though. Obviously this is all anecdotal as hard drive design has improved greatly in the last 20+ years.
If I had the money I would totally use a NAS. Unfortunately I haven’t located a broken one someone is willing to give away 🙁 Most of my “toys” are items that were given to me because they were broken.
@matt: I think you’re right about hard drives improving, though they remain a low-probability, catastrophic scope hazard. Left on their own, they’re pretty durable. However, problems with the power supply and such can cause problems with the hard drive even if it is well-made. I actually track a lot of the problems I’ve had with hard drives back to this. And even a perfect hard drive won’t last forever. The more hard drives you have, the more likely one of them will be that rare dud. (Perhaps not a problem for most people, though more of a concern for those of us with five machines…)
I mostly go with WD, though somewhat reluctantly. I had a WD and a Seagate die at the same time. The latter provided such better service it wasn’t even funny. But WD’s have had better prices and a slightly lower fail rate.
The easy alternative to a NAS is two separate detachable USB drives. They should be different brands and use different brand HDs. Never leave them both on-line. Connect them at separate times to make back-ups. When one fails, buy a replacement promptly.
In ancient days I wrote HD drivers and got some scuttlebutt on drive failures. It was often a manufacturer’s batch, but they would never admit it.
(I just use old PC’s as NAS, following the “never all on at the same time” rule.)
@Trumwill: When my Seagate drive bricked itself due to a defect in the firmware they were very good about covering the costs of mailing and data recovery. I haven’t had to use WD’s customer service so I cannot comment on that. Unfortunately the Seagate drive ended up succumbing to a hardware based failure less then a year later. Fortunately I had already bought a new Hard drive and was only using the Seagate to store low priority data.
I’m currently running 12 hard drives amongst all my machines with the most in my “server” which is a $12 ebay E4400(l2) OCed up to 2.7ghz (basically set 1066 fsb w/ varying multiplier which maxes at 10x depending on usage) asrock g41m-s3 w/ 4gb ddr3 with about 6 TB of total storage capability. I use clonezilla to do backups over the network. I’ve been looking into trying freeNAS since it seems to be good. I would appreciate any suggestions you might have to improve my setup. Do keep in mind though that I’m rather quite poor so I’ve built these machines from discarded broken machines. Even my monitor was given to me cause it was broken (popped some caps and a mosfet in the PSU).
@john personna: Yeah I’m always paranoid about batch based failures. Even my WD drives vary in size/date and model (green black blue etc) in an attempt to at least keep myself somewhat covered.