Weblogic Authors: Yeshim Deniz, Elizabeth White, Michael Meiner, Michael Bushong, Avi Rosenthal

Related Topics: Agile Computing, @CloudExpo

Agile Computing: Article

Cloud Computing & Privacy: Would You Trust Amazon?

Do you trust [the computer landlord] not to let the bad guys (such as the police) into your machine?

David Crossland's Blog

The Guardian recently posted an article quoting Richard Stallman on cloud computing. If a user wants to use network applications in freedom, they can do their own computing on their own computer with their copy of a freedom-respecting network-accessed program if their computer is a network server. Is this a good idea? Yes, I think so.

While this is not the common vision of “cloud computing,” I think that is what critics of “cloud computing” like autonomo.us should be enabling people to do.

Amazon offers a popular “elastic cloud computing” virtual server hosting service, where users upload a GNU/Xen-Linux system disk image which is booted but for which bandwidth, storage disk and processing power is ‘elastic’ - can scale arbitrarily, and on demand. I have not used this service, but I hear it is very simple to use with a pre-configured disk image.

I wonder if putting a system disk image together for services like this, consisting of only free software suitable for the common tasks people use proprietary cloud computing for, and that is configurable with a simple ‘installation wizard,’ would be a good way to provide a practical alternative to cloud computing?

These common tasks seem to be e-mail (Microsoft Hotmail, Google Mail) calendars (Google Calendars) collaborative authoring/spreadsheets (Google Docs) task management (37signals BaseCamp) and blog/status/photo publishing (Blogger/LiveJournal/WordPress, Twitter/identi.ca, Flickr/Picasa, and omnipotent Facebook). The programs behind WordPress and identi.ca seem to show the way forward with “federation” features that allow users to run their own programs while benefiting from the ‘network effects’ typical of centralised services.

Running your own cloud usually means renting a virtualized computer. Or renting a physical computer, or renting space in a telehouse rack with your own physical computer, or leaving your desktop computer turned on 24/7 and connected via residential DSL with a static IP address as Chris does - but I don’t think there is any real difference in terms of freedom here.

This is typically seen as very complex, but I think services like Amazon make it much easier than it used to be.

Renting a computer brings up another issue though, which Richard Stallman brought up with me when I asked him about this: “Do you trust [the computer landlord] not to let the bad guys (such as the police) into your machine?”

I am not sure how to answer that question, and my uncertainly is summarized as: would you trust Amazon?

A small personable and ‘trustworthy’ ISP seems just as vulnerable to haxor attacks or surveillance requests from the state as a large corporate ‘faceless’ ISP to me.

I also wonder about why any bad guys would want access to a personal network server any more than a laptop. Simple vandals trawl the net for unpatched servers (and laptops…) but a personal network server would have a simple authentication lock that would adequately prevent such vandals from accessing out of date server programs.

Obviously the state wants to get into machines to fight crime, and as I’m not a criminal that’s okay - but it also wants access to fight political dissent, and as an activist I am wary about that. But the simplest, cheapest and most common way for the police to get into a machine and to stifle the operator’s dissent is to seize it. People who meet active stifling of their political network activity, say like The Pirate Bay, adequately mitigate that with backups in multiple jurisdictions, so that when any server is seized, another is put online within in a few days.

If the state wants to have covert access without disconnecting the machine, that also seems straightforward, although more expensive; the way the UK surveillance law works, citizens made complicit in surveillance activity (eg, being forced to reveal crypto passwords) face up to 2 years in jail if they tell anyone about it. And police ask ISPs for things without forcing them and ISPs routinely bend over; I suppose thats the difference between a small personable company and a backstabbing corporate one. And for unlawful forced access, I think it is impossible to totally secure against that, since individuals acting alone have annually gained illicit root access to governmentally-secret computers the last 30 years.

But getting into machines covertly seems unnecessary; the tap is better done ‘upstream’ at the network switch. And it's well known that spy agencies have total access to all network traffic with systems like Echelon and Carnivore. (So if I was involved in political dissent forcefully opposed by the state, then probably I would avoid using computer networks. The Unabomber did alright that way… ;-)

I agree it is good to mention this issue when publicizing the problems of cloud computing. But it seems to me that in the current political climate the answer to the question is always, “I do not trust the computer landlord not to let the bad guys (such as the police) into my rented machine, just by asking.”

Yet avoiding cloud computing with programs you control but on servers you rent does not do anything to help resolve this.

Creative Commons License
This article by David Crossland, except the quotations and unless otherwise expressly stated, is licensed under a Creative Commons Attribution-Share Alike 3.0 Unported License.

More Stories By David Crossland

David Crossley is a post graduate MA Student in Typeface Design at the University of Reading in the UK.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

@ThingsExpo Stories
"There's plenty of bandwidth out there but it's never in the right place. So what Cedexis does is uses data to work out the best pathways to get data from the origin to the person who wants to get it," explained Simon Jones, Evangelist and Head of Marketing at Cedexis, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect at GE, and Ibrahim Gokcen, who leads GE's advanced IoT analytics, focused on the Internet of Things / Industrial Internet and how to make it operational for business end-users. Learn about the challenges posed by machine and sensor data and how to marry it with enterprise data. They also discussed the tips and tricks to provide the Industrial Internet as an end-user consumable service using Big Data Analytics and Industrial C...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City. Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term.
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
With privacy often voiced as the primary concern when using cloud based services, SyncriBox was designed to ensure that the software remains completely under the customer's control. Having both the source and destination files remain under the user?s control, there are no privacy or security issues. Since files are synchronized using Syncrify Server, no third party ever sees these files.
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
In his session at 21st Cloud Expo, Carl J. Levine, Senior Technical Evangelist for NS1, will objectively discuss how DNS is used to solve Digital Transformation challenges in large SaaS applications, CDNs, AdTech platforms, and other demanding use cases. Carl J. Levine is the Senior Technical Evangelist for NS1. A veteran of the Internet Infrastructure space, he has over a decade of experience with startups, networking protocols and Internet infrastructure, combined with the unique ability to it...
"Cloud Academy is an enterprise training platform for the cloud, specifically public clouds. We offer guided learning experiences on AWS, Azure, Google Cloud and all the surrounding methodologies and technologies that you need to know and your teams need to know in order to leverage the full benefits of the cloud," explained Alex Brower, VP of Marketing at Cloud Academy, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clar...
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
Internet-of-Things discussions can end up either going down the consumer gadget rabbit hole or focused on the sort of data logging that industrial manufacturers have been doing forever. However, in fact, companies today are already using IoT data both to optimize their operational technology and to improve the experience of customer interactions in novel ways. In his session at @ThingsExpo, Gordon Haff, Red Hat Technology Evangelist, shared examples from a wide range of industries – including en...
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Rodrigo Coutinho is part of OutSystems' founders' team and currently the Head of Product Design. He provides a cross-functional role where he supports Product Management in defining the positioning and direction of the Agile Platform, while at the same time promoting model-based development and new techniques to deliver applications in the cloud.
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of bus...
delaPlex is a global technology and software development solutions and consulting provider, deeply committed to helping companies drive growth, revenue and marketplace value. Since 2008, delaPlex's objective has been to be a trusted advisor to its clients. By redefining the outsourcing industry's business model, the innovative delaPlex Agile Business Framework brings an unmatched alliance of industry experts, across industries and functional skillsets, to clients anywhere around the world.
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or per...