Personal computing was defined to allow you to do whatever you want in your computer, in your own way. Whatever you create is yours. You may choose to save it, process it or share it and it will still legally belong to you.
If you are writing a letter, you may choose any word processing applications of your choice on any computer to work on it, save it across multiple formats & share it. The software should not hold you back on formats nor it should force you to store your documents anywhere you don’t expect it to, with or without your knowledge.
Many of us now have multiple computers, notebooks and to some extent, personal servers. Business & convenience demands have increased forcing us into real time, mobile and cloud computing. We are free to work in open areas with or without wireless access or power supply to get our jobs done.
In most cases, our demand for mobility grew exponentially, however, the supply of wireless access and power has limit us from performing our tasks properly. Wireless internet access has not caught up quickly as what we wanted to as well as battery technology.
This had led us to cloud computing. In some words, its an idea to allow us to access our data which we choose to store on that server and or to process them, and to access them when we needed it. Its a great approach, it solves our fundamental problem of mobile computing. I don’t have to bring copies of my vacation pictures everywhere in several discs just to show them once a while, I just needed to rely on a web service in a cloud server that stores, processes & displays them whenever I feel like showing it.
A great idea leads to a great business opportunity. From online directories, blogs, and online social websites sprung in matter of years to take advantage this. Its not a force not to be reckon with, not its just a fad that will go away. Its actually a working business model that works & makes money. The problem is its profiting on your expense.
The business model of cloud computing relies on information, your information. The more you give, the more bigger they get, the bigger they get, the more money they make and to some cases, the more they don’t care.
Privacy has always been a huge concern, from personal computing up to cloud computing. However, we are always exposed to privacy threats with and without our knowledge. The ones we know is a quick scam to rip information from us in a benign fashion. While we could differentiate this, its almost impossible to even detect hidden privacy threats that are directly in our control.
Business in the privacy area has started since the late 80’s with antivirus and firewalls. But this only works if you kept updating them as the threats never tend to stop. Even an experience user would caught with a virus or spyware. Now, remember, this is all threats to a machine that you have direct control of.
Supposing you use and rely on a service such as an online service that stores all your pictures. Its perhaps free & you are happy with the service. What are the chances will the server being infected with viruses, spy wares & threats? Spy ware and viruses, maybe little, but security threats happen all the time. For most servers out there, brute force login attacks happen almost every second, and in every program evolution, they might be successful. Sometimes, some online services may crash, bringing down all your data along with it, but your liability is normally a few hours of latest data just like when your computer shuts down in a middle of editing a document.
So, what do we have to loose? Its its a free service and if it fails, we find another service don’t we? Thats not even the question we have to start with. What we need to ask is what if someone steals our data, what would they do with it?
In the late 90’s and early 2000, online credit card fraud was so common that extensive campaigns were launched to re educate users that online transaction is safe and that the chances of your card being stolen in petrol pumps are higher. But what they don’t tell you is that the scope of data they compare is irrelevant and most cases are not reported, even if they were reported, they were not taken into the statistics due to credibility reasons. At one point of time, small amount frauds are not even considered a problem!
Heres a real example of a credit card fraud life cycle. Most credit card numbers are normally hacked from servers they claimed, Not true. Most servers don’t have any security to begin with, its like Fort Knox with an open door. Its impossible for anyone not to notice this.
However, most servers that don’t update their systems have reported weaknesses that people exploit. But in most cases, they just use any search engine like AltaVista or Yahoo to do their job. Most searches of /etc/passwd would actually reveal the real password file in the server. All someone has to do is to do is the crack the password file & log in. Another popular search is creditcard.txt or creditcard.dat.
What they do with your stolen card number is simple, they fake a purchase or subscription to they product or services, essentially making what they earn legal from a business stand point. Shell services is a popular package. It allows one to have a unix account that does code compiling, testing or even having irc bots on your behalf. Its normally USD 5-9.99 a month. They would normally fake a subscription for a 24 month subscription and charge the card. Because you did not notice or report your card was stolen, its probably going to take some time before you file a report and hence starting a string of disputes.
To avoid this trouble, most banks and gateway services would normally ignore small frauds. Most of them would be forgotten or refunded. And since the liability is so small, its soon a non issue for most people.
Remember, your lost is directly related to your liability. If you are refunded because of a credit card fraud, its not your problem or your liability as you would be refunded. However, if you were to loose any precious data, its your problem if its worth to others.
Back to Cloud Computing. While it helps you solve your intimidate problems, it posses a larger threat to you without you noticing it. This time, your data’s liability is limited to you and no cloud service would compensate for your lost of data, only the down time. So, if your private Banking documents or passwords are stolen because of their carelessness and malpractices, it would be your fault for relying on them. If you don’t have a backup, you are toast. Remember, most services would not report a break in unless its made public. So, in most cases, you wont have any knowledge about it.
What about privacy? The more money a free service makes is directly related to the number of they expose, not what they keep. Meaning to say, If they keep all your pictures for yourself to view, how would they make money? They make money normally from advertisement & since you have a small tendency to view your pictures once a year, many of your friends would view it more often & every page view would translate to an opportunity to sell advertisements and in a rate of 3% ( 3 clicks per 100 views ), the more page views that expose, the more money they possibly make. So they encourage you to share, making it easier, even to access your contact list in your mail account & mail everyone along it.
Is sharing caring to the free services? No. its purely a numbers game for profit.
Most of your data thats online probably belongs to them & they every right to do whatever they want to. It does not mean that they didn't do anything today means they wont in the future. When business become desperate, so will the measures. Do you really think anything you delete would be removed from their server immediately? How would you know? For once, you have totally no control.
Heres the same Cloud Computing Services that we trust so much being a time bomb in the near future.
Saturday, July 17, 2010
Subscribe to:
Posts (Atom)