# Are We Too Complacent About Cloud Computing? [VIDEO]



## lotuseclat79 (Sep 12, 2003)

Are We Too Complacent About Cloud Computing? [VIDEO].

*Why should we care? Letting others control our computing is inexpensive, convenient and mostly safe right? Have a look ...*

-- Tom


----------



## namenotfound (Apr 30, 2005)

I would never trust it. Same reason I only used Google Docs once, just to try it out, I don't want others to have access to my files.


----------



## tomdkat (May 6, 2006)

Thanks for the link. Interesting article and video of Richard Stallman.

I don't think people are "complacent" with cloud computing because most don't know what it is or how it works. That same argument could also be made about PC users and the software they use.  LOL

Getting back on topic, the points Stallman makes are good points but I disagree with his conclusions. He's overstating things a bit.

Things will get real interesting when we reach the point of ultimatum: either participate in the "cloud" or don't participate at all.

EDIT: Does your web browser count as a "SaaS" app? When doing web searches, you send "your data" (search criteria) to the server (search engine), which you have NO control over, and the server sends data (search results) back. Seems to fit Stallman's description to me.

Peace...


----------



## jiml8 (Jul 3, 2005)

> Things will get real interesting when we reach the point of ultimatum: either participate in the "cloud" or don't participate at all.


It will never get to that point so long as there are enough people (like me) who oppose cloud computing. There will be desktop products available written by those of us who think the cloud is a horrible idea.


----------



## jiml8 (Jul 3, 2005)

in that clip, Stallman completely ignored another aspect of SaaS, though perhaps he discussed it elsewhere.

He showed how it is worse than spyware and worse than a program with a back door. But he didn't consider the fact that it encourages you to have someone else maintain all your data, he just showed how it forces you to give that someone else your data.

People are lazy. Someone who uses SaaS is going to let that server be their data repository. Then, when that server crashes and loses data, that someone will be out of business.

SaaS is just a hugely bad idea. Maintaining your own data, maintaining your own IT infrastructure is just a cost of doing business. Any alternative is worse.


----------



## tomdkat (May 6, 2006)

jiml8 said:


> It will never get to that point so long as there are enough people (like me) who oppose cloud computing. There will be desktop products available written by those of us who think the cloud is a horrible idea.


Running applications (traditional or otherwise) is only one aspect of cloud computing. As cloud computing gains more momentum, it will become harder and harder to avoid using it.

If the mobile computing platform gains more momentum, cloud computing makes more sense since you'll be able to use a full office suite from your mobile device, etc.

Peace...


----------



## tomdkat (May 6, 2006)

jiml8 said:


> He showed how it is worse than spyware and worse than a program with a back door.


I don't think he "showed" that as much as he asserted that.



> But he didn't consider the fact that it encourages you to have someone else maintain all your data, he just showed how it forces you to give that someone else your data.


I don't think SaaS "encourages" relying on someone else to "maintain" your data since the typical user of SaaS will most likely be focusing on the software app and not thinking much about the state of their data, as long as it's accessible to them. The other thing to keep in mind is that "all" of your data won't be stored on some server(s) you have no knowledge of. Only the data you submit to the SaaS will or can be.



> People are lazy. Someone who uses SaaS is going to let that server be their data repository. Then, when that server crashes and loses data, that someone will be out of business.


Look at Gmail as an example. Gmail stores an INSANE amount of user data. How often has Gmail crashed or been unavailable since it first came out? How many users have lost ALL of their email as a result of a Gmail crash?

That's part of the beauty of the cloud. The situation you describe ideally won't happen with cloud computing because the point of the "cloud" is the data is stored in redundant and distributed locations. Gmail isn't stored on "one" mail server. It's spread out over many servers all over the place. The "cloud" is more of an abstract concept and one I think is pretty neat. You store your data "out there" so that it's readily and easily accessible to you using any device you want and from any location you want, provided you can get connected to the network. The "where" part becomes less of an issue because your data is waiting for you to manage.

Here's an example: do a Google web search on something. You will get some search results. Glance through the search results and check out the kinds of hits you got. Cool. After doing that, ask yourself, "From which server did these search results come?" Then ask yourself, "Does the particular server really matter?"



> SaaS is just a hugely bad idea. Maintaining your own data, maintaining your own IT infrastructure is just a cost of doing business. Any alternative is worse.


Again, if your web browser counts as SaaS then how are you reading this forum and posting your comments? Don't your comments count as "your data"? Sure, it's in the public domain and are now "out there" but they are tied to your handle (at least on this forum) and therefore linked to you.

My mom doesn't have an IT infrastructure, nor does she really need one. However, the ability for her to keep the calendar on her mobile device and home computer in sync without having to physically connect them is really convenient. The ability for her to access her e-mail from anywhere and on any device is really convenient. If you travel and print your airline boarding pass from your remote location, does that count as using SaaS? Do you know from which server that boarding pass originated? Does it matter?

When it comes to cloud computing, the "server-centric" mindset needs to change because it's a much different landscape.

Peace...


----------



## JohnWill (Oct 19, 2002)

I use gmail with a pop client, and I don't leave any mail on their servers. I've never lost any mail with gmail either, since it's not stored there. 

If an when on-line backups get to be more reliable and the Internet infrastructure supports higher speeds, cloud backup will become an attractive option for many folks.


----------



## namenotfound (Apr 30, 2005)

Twitter stores all avatars on Amazon's cloud service. I wonder how many other companies use 3rd party clouds?


----------



## tomdkat (May 6, 2006)

JohnWill said:


> I use gmail with a pop client, and I don't leave any mail on their servers. I've never lost any mail with gmail either, since it's not stored there.


You raise a good indirect point. What is more likely to happen: a local hard drive crashing or "the cloud" crashing?

I understand Google has teams of people dealing with hardware issues yet those issues have yet to prevent access to my Gmail account. When I work on a system with a hard drive which has crashed, the downtime appears to be significant. Even with good backups, the downtime is consciously felt. Why? Because you *don't have access to your data* until your system has been restored.

I also have a Gmail account I use a POP3 client (Thunderbird) to access but I access that mail remotely so I leave the messages on the server. I haven't lost any messages in that account either. A client of mine has been having intermittent access problems with Windows Live Mail's IMAP connection to her Gmail account but for the most part it works.

Peace...


----------



## tomdkat (May 6, 2006)

namenotfound said:


> Twitter stores all avatars on Amazon's cloud service. I wonder how many other companies use 3rd party clouds?


That's another good point.

EDIT: Apparently, I misread namenotfound's initial post. 

Peace...


----------



## jiml8 (Jul 3, 2005)

tomdkat said:


> I don't think he "showed" that as much as he asserted that.


Granted.



> I don't think SaaS "encourages" relying on someone else to "maintain" your data since the typical user of SaaS will most likely be focusing on the software app and not thinking much about the state of their data, as long as it's accessible to them.


Hence the encouragement. It is implicit in the model.



> The other thing to keep in mind is that "all" of your data won't be stored on some server(s) you have no knowledge of. Only the data you submit to the SaaS will or can be.


And if you are using SaaS applications for key business operations, then you have placed very critical data - perhaps your MOST critical data - out there.



> Look at Gmail as an example. Gmail stores an INSANE amount of user data. How often has Gmail crashed or been unavailable since it first came out? How many users have lost ALL of their email as a result of a Gmail crash?


I don't use gmail. I don't know that answer. There have been outages, but data loss? I don't know. One of the cell carriers (alltel? I forget...) lost all their clients' contact info last fall due to a screwup. Microsoft was behind that one; bought the service, didn't properly maintain it...things went to hell...

How about data compromise? There's been a lot of press lately about China attacking Google. We also know of many many instances where servers (including banks) have been cracked. SaaS servers, particularly those that could be expected to contain valuable business data, would have to be a huge target. The business that participates is trusting A LOT to the security, competence, and ethics of the service provider. I suggest that history gives absolutely no reason for such trust.



> That's part of the beauty of the cloud. The situation you describe ideally won't happen with cloud computing because the point of the "cloud" is the data is stored in redundant and distributed locations.


Emphasis on "ideally". Then there is reality. A Google will distribute the data; many other providers, particularly niche providers - and I am one such - won't because they lack the resources.



> Again, if your web browser counts as SaaS then how are you reading this forum and posting your comments? Don't your comments count as "your data"? Sure, it's in the public domain and are now "out there" but they are tied to your handle (at least on this forum) and therefore linked to you.


A browser isn't SaaS, though there is a push to try to deploy SaaS services that work with browsers (very wrongheaded IMNSHO...browsers just aren't secure enough).

And you can certainly make the argument that this site represents SaaS, and I won't dispute the point. But the "data" I make available here is not critical to the functioning of my business and, quite obviously, constitute information that *I*, and no one else, choose to make public.



> My mom doesn't have an IT infrastructure, nor does she really need one. However, the ability for her to keep the calendar on her mobile device and home computer in sync without having to physically connect them is really convenient.


Agreed. Bluetooth when they are in proximity, and there is no fundamental reason why they couldn't sync over the internet when they aren't in proximity. There need be no third party available for any of it, so long as the mobile device can find the home computer. Given always-on connections this is not an insurmountable obstacle though it would require some means of publishing dynamic IP addresses.



> The ability for her to access her e-mail from anywhere and on any device is really convenient.


Again, agreed. I do that anyway using SSH to access my main workstation from wherever I happen to be. There is, once again, absolutely no reason why such technology could not be widespread and easy to use. Again what is required is the ability to publish a dynamic IP. I do that by having my workstation periodically announce its address to my website, and I hit my website to find where to look for my workstation.



> If you travel and print your airline boarding pass from your remote location, does that count as using SaaS?


If it does, then it is someone else's SaaS and not yours. It is their critical business information (your reservation and information as a passenger) not yours. All you need is the boarding pass.



> When it comes to cloud computing, the "server-centric" mindset needs to change because it's a much different landscape.


It also involves a radical loss of control, a loss of privacy, and a loss of security...all into an environment that should provide no one with any comfort that those losses can be controlled or even mitigated.

I do offer SaaS with my product, for those that want it. I don't push it, and I try to push against it. But I won't fight the tape; if it is what people want then it is what they want.

Not very many people want it, and I think that is a good thing.


----------



## jiml8 (Jul 3, 2005)

> You raise a good indirect point. What is more likely to happen: a local hard drive crashing or "the cloud" crashing?


"The cloud" crashes far, far more often than any individual hard drive crashes.

On another thread on this site in the last few days, I observed you having a conversation with an individual who could not access a particular site. You said "it works here".

Any time a DNS problem prevents a particular set of data from being accessible, "the cloud" has crashed.

Any time your ISP reboots the router that provides your connection, "the cloud" has crashed.

Any time a service goes down at your ISP and keeps you from getting on the net, "the cloud" has crashed.

Any time the server holding your latest data, which has not yet been replicated across the network crashes, "the cloud" has crashed.

When the company that hosts the software that is the service that you are accessing goes broke and goes dark, "the cloud" has REALLY crashed.

And what do you call it when hackers in Russia manage to peel back the security of that server, and make off with your data? Stealing the formula for your secret sauce? Or the drawings for your new single-stage-to-orbit space plane? Or, just your business bank account numbers?

"The cloud" is just a name to use when what you really mean is "I don't know where my data is". In my book, a recipe for a major disaster.


----------



## JohnWill (Oct 19, 2002)

I'll stick with my multiple layer backup scheme, it's still to "cloudy" out there for me.


----------



## tomdkat (May 6, 2006)

jiml8 said:


> Hence the encouragement. It is implicit in the model.


I disagree. "encouragement" implies conscious awareness which I assert isn't present when those use "cloud computing" or "SaaS". I don't dispute the reality is the storing and maintaining of the data (to keep it available to the data generator or owner) is tasked to someone or more than one person whom the data generator won't know or even know exists but this is much different than "encouraging" people to trust these unknown persons.

Besides, these people will spend most of their time providing care and feeding to the computers that will actually be interacting with the actual data in question.



> And if you are using SaaS applications for key business operations, then you have placed very critical data - perhaps your MOST critical data - out there.


Yep, absolutely and I know of some companies that have done and do this and haven't had any issues with doing so. Granted, these are not Fortune 500 corporations but they are legit and real businesses, nonetheless. In fact, one business (now defunct) used Google Docs for all document management and manipulation. If I needed to access the schedule for a large website content update, I would refer to the spreadsheet in Google Docs to get the info I needed to do my part.



> I don't use gmail. I don't know that answer. There have been outages, but data loss? I don't know.


That's precisely the point. If there was a massive Gmail data loss, it would be all over the media. I don't own or use a BlackBerry but I've heard about the R.I.M. outages impacting large numbers of BlackBerry users. The kind of data loss you mention really has yet to be a reality, when talking "cloud computing".



> One of the cell carriers (alltel? I forget...) lost all their clients' contact info last fall due to a screwup. Microsoft was behind that one; bought the service, didn't properly maintain it...things went to hell...


Clearly, things can go wrong and I'm NOT saying they won't when talking about "cloud computing". However, this is one area where the cloud concept differs from a traditional "single large server" model. If one part of the cloud fails, other parts provide that functionality so the access to data or apps is preserved and the outage not noticed (since the data or apps are still available and working).

Amazon's cloud service has been around for a while now and I haven't heard or read of any catastrophic disasters with their cloud services. If there have been, please post links to the stories.



> How about data compromise? There's been a lot of press lately about China attacking Google. We also know of many many instances where servers (including banks) have been cracked. SaaS servers, particularly those that could be expected to contain valuable business data, would have to be a huge target. The business that participates is trusting A LOT to the security, competence, and ethics of the service provider. I suggest that history gives absolutely no reason for such trust.


The potential for data compromise will ALWAYS be an issue and is nothing unique to "cloud computing" or even computers in general. I have heard of banks having security breaches where sensitive data had been compromised. Most of those are involving laptops of bank employees being stolen and not the banks servers directly being hacked. I have been an indirect victim of some of this due to being informed of my account being part of a group that was "compromised" and I was issued a new account number. My money (albeit very little ) remained intact and nothing else really happened other than getting the new account number.

The thing is the "cloud computing" service providers fully understand that their service and their servers will be a direct target for attack. They will protect their service and servers as best as they can AND proactively. Why? Because developing a reputation of NOT being able to protect the data they effectively "host" will damage the business and it won't succeed.

History has definitely proven that the fight against hackers will never cease and will only get more intense as consumer level computing hardware gets more powerful and the hackers develop new techniques. I don't trust ANY data will be 100% safe and secure but I DO trust the larger agencies (like banks, etc) who manage my sensitive data using computers will take securing that data very seriously and do what they can to keep my data secure. Now, if they can only get the PEOPLE who loose these laptops to be more careful... 



> Emphasis on "ideally". Then there is reality. A Google will distribute the data; many other providers, particularly niche providers - and I am one such - won't because they lack the resources.


I think my "ideal" situation is more of a reality than either of us really know. From what I understand, Google's index is _already_ stored in a "cloud" such that in any given group of servers has a problem, the search engine continues to function because of the nature of the "cloud".

I would be interested in reading about a study of the robustness of a "cloud" architecture, citing real world examples.

The now defunct company I mentioned above started looking into using Amazon's cloud service but we just never got far enough to get the site deployed there. This company was a small startup and NOT large by any means. Amazon's service addressed a number of our needs nicely and the price was right. The smaller niche providers can find "cloud computing" solutions that suit their needs if/when they are ready to do so.



> A browser isn't SaaS, though there is a push to try to deploy SaaS services that work with browsers (very wrongheaded IMNSHO...browsers just aren't secure enough).


I don't know, given the definition posted in that article:


> But another category of software we all know and use is software as a service (SaaS)  a web-based version of proprietary software that ships out all your data across the tubes and lets someone else do the computing for you. SaaS programs range in scope from banking software to e-mail apps, and theyre typically used more by small and medium-sized businesses.


Browser's are web-based in that they need the web in order to function. The vast MINORITY of web browser users user their web browsers for NOT browsing the web. Anytime we purchase anything online, do a web search, or even contact a remote web site, data unique to us IS being sent out and is processed by some other machine we know nothing about. Ever watch a YouTube video? Do you know anything about the servers or people maintaining the server streaming that video? Yet, the YouTube server(s) stream the video as well as shipping the player software used by the browser to play that video.

I guess another way of thinking of it would be: how effective of a tool is a web browser without a connection to the Internet? I can start a word processor and create a document I can use for whatever purpose and WITHOUT an Internet connection. A web browser is VERY effective when doing website development so you can see how the site renders while developing it and this can be done without an Internet connection. What else can it do without an Internet connection? Even with an Internet connection, how effective is a browser if it never sends any data over the Internet?



> And you can certainly make the argument that this site represents SaaS, and I won't dispute the point. But the "data" I make available here is not critical to the functioning of my business and, quite obviously, constitute information that *I*, and no one else, choose to make public.


The thing is *people* decide what is "important" data and what isn't. The data, itself, doesn't "know" if it's important or not. If SaaS needs data to function, that data needs to be provided. If you're not comfortable providing the data a particular SaaS application wants or needs, simply don't use that application. SaaS doesn't inherently "require" sensitive data to function. The kind of data any given SaaS app needs to function will depend on the particular SaaS app in question.



> Agreed. Bluetooth when they are in proximity, and there is no fundamental reason why they couldn't sync over the internet when they aren't in proximity.


Sure there is. You need a *server* involved to facilitate the connection between the two components. My mom's computer doesn't have Bluetooth support even though her mobile phone does. If she can update her calendar from her phone while away from home and have those updates automatically sync'd to her home computer, she won't need to worry about establishing a connection between her computer and phone, let alone having to power her phone on to get it connected, etc.



> Given always-on connections this is not an insurmountable obstacle though it would require some means of publishing dynamic IP addresses.


Publishing IP addresses, configuring firewalls and possibly routers to allow the traffic to flow. All of a sudden, my mom is more of a computer networking "expert" than she arguably needs to be.



> Again, agreed. I do that anyway using SSH to access my main workstation from wherever I happen to be. There is, once again, absolutely no reason why such technology could not be widespread and easy to use.


How many people reading this thread would be able to configure SSH to run on their systems? Besides, what happens if the "server" system isn't available? Fortunately, my home computer was off when there was a blackout in my area a couple of weeks ago but my mom's computer wasn't. If she was away from home and her machine wasn't available for ANY reason, she wouldn't have access to the data on it (e-mail or otherwise). I get miffed when the ATM machines are closed for maintenance. I get miffed when any of the online services I use are down for maintenance. At least in those cases, I would blame "them". 



> If it does, then it is someone else's SaaS and not yours. It is their critical business information (your reservation and information as a passenger) not yours. All you need is the boarding pass.


Not true. I have to provide information identifying myself as the correct passenger so I can get the appropriate boarding pass. Otherwise, how would they know which boarding pass to allow me to print? The SaaS is the function that allows me to print the boarding pass. I send them the info to identify me so they can retrieve the appropriate info and generate the boarding pass to present to me for printing. THEIR computers retrieve the appropriate info and generate the boarding pass, not mine. I don't own a "SaaS" but I would be using their's.



> It also involves a radical loss of control, a loss of privacy, and a loss of security...all into an environment that should provide no one with any comfort that those losses can be controlled or even mitigated.


You're right that it involves loss of control (the radical nature of it depends on the specific data in question), and *potential* loss of privacy, and *potential* loss of security. The same privacy and security issues exist in many other facets of our lives and are not restricted just to "cloud computing". We don't *know* if any data we hand over will be kept "private" and "secure" regardless of who we hand it over to. When I call my insurance company, their computer asks me for one of two pieces of identifying information: my membership number or my social security number. How do I know their computer isn't recording that information to make available to someone else, without my knowledge or approval? The answer is: I don't.

What really boggles my mind is the I.R.S. When you pay your Federal Income Tax (at least in the U.S.), the I.R.S. instructs you to put your social security number on the check (if you pay by check) such that your payment will be properly processed. I imagine it would be processed regardless of that number being on it but that is what the I.R.S. instructs owing tax payers to do. How safe is that? What happens to that info as the check gets processed?



> I do offer SaaS with my product, for those that want it. I don't push it, and I try to push against it. But I won't fight the tape; if it is what people want then it is what they want.
> 
> Not very many people want it, and I think that is a good thing.


That's cool. As the web becomes more and more functional as a computing platform (which is the direction "cloud computing" takes us in), we'll see how this sentiment changes.

Peace...


----------



## tomdkat (May 6, 2006)

jiml8 said:


> "The cloud" crashes far, far more often than any individual hard drive crashes.


Ok, let's explore this. 



> Any time a DNS problem prevents a particular set of data from being accessible, "the cloud" has crashed.


Well, let's see. If the DNS is misconfigured on any given system, "the cloud" most definitely has NOT crashed. Next, if the one or two *particular* DNS servers used by the system in question are down, the rest of the Internet still functions AND using different DNS servers *can* solve the problem involved with original DNS servers by virtue of not using them. "the cloud" has not crashed. Personally, I don't think the current DNS uses a "cloud" processing model. If that were the case, authoritative servers would be sprinkled about here and there so that if one authoritative DNS went down, another one would serve that request.



> Any time your ISP reboots the router that provides your connection, "the cloud" has crashed.


Give me a break. "the cloud" is not accessible, but it certainly has NOT crashed. LOL *Your access* to "the cloud" doesn't define "the cloud". If your ISP prevents your computer from connecting to the Internet, any data you have stored in "the cloud" is *still available* just not to you, using your ISPs broken Internet connection. Using a different Internet connection restores your access to your data *regardless* of the state of your ISP's Internet connection OR the state of your computer to your ISP's networking gear.



> Any time a service goes down at your ISP and keeps you from getting on the net, "the cloud" has crashed.


The ISP is not "the cloud".



> Any time the server holding your latest data, which has not yet been replicated across the network crashes, "the cloud" has crashed.


This is plausible but is it likely? Not sure about that.



> When the company that hosts the software that is the service that you are accessing goes broke and goes dark, "the cloud" has REALLY crashed.


Well, that particular cloud service provider certainly has crashed. I guess the moral of that story is to choose your cloud service providers carefully. I don't think Amazon.com is going away any time soon. 



> And what do you call it when hackers in Russia manage to peel back the security of that server, and make off with your data? Stealing the formula for your secret sauce? Or the drawings for your new single-stage-to-orbit space plane? Or, just your business bank account numbers?


I don't call it a "crash of the cloud", at the very least. If anything, I would probably call it the same thing as I would call hackers from ANY country peeling back the security of ANY agency or company that has sensitive data of mine, regardless of "cloud computing" being involved at all.



> "The cloud" is just a name to use when what you really mean is "I don't know where my data is". In my book, a recipe for a major disaster.


It's far more than that. "The cloud" is a name to use when you mean, "I don't know where or how my data is being stored or processed but it's there when I need it."

I don't have any problem with you keeping your recipe for disaster but it's a recipe for a disaster which hasn't happened despite people cooking with it for a while now. We can argue what "might" or "could" happen all day and night long. As long as we don't lose sight of what HAS or HAS NOT happened, I'm good. If we lose sight of what HAS or HAS NOT happened, I'm concerned since the arguments appear to stem more from fear of the unknown more than anything else.

Peace...


----------



## jiml8 (Jul 3, 2005)

tomdkat said:


> Give me a break. "the cloud" is not accessible, but it certainly has NOT crashed. LOL *Your access* to "the cloud" doesn't define "the cloud". If your ISP prevents your computer from connecting to the Internet, any data you have stored in "the cloud" is *still available* just not to you, using your ISPs broken Internet connection. Using a different Internet connection restores your access to your data *regardless* of the state of your ISP's Internet connection OR the state of your computer to your ISP's networking gear.


A difference without a distinction...to the common user anyway. How many times do you see someone ask a question on this site which starts with "My internet isn't working...."

If your data is "out there" and you can't access it, then it really doesn't matter why you can't access it - you can't access it. Well, it DOES matter; some forms of lost access will eventually be corrected, but if the argument is that "my data is there when I need it..." then the myriad of examples I gave shows how that is false.



> I don't have any problem with you keeping your recipe for disaster but it's a recipe for a disaster which hasn't happened despite people cooking with it for a while now.


Happened just last fall (October) with a cell phone network. I said Alltell, but I just looked it up and it was T-Mobile. They lost a LOT of data from the entire network for users of their Sidekick.
http://www.appleinsider.com/article..._data_loss_casts_dark_on_cloud_computing.html

In an earlier post you asked about when Google had lost data. Gmail lost a LOT of data, including backups, in 2006.
http://www.oreillynet.com/xml/blog/2006/12/gmail_disaster_google_confirme.html

Palm Pre. Data loss Nov 2009 if you reset or replace your webOS phone.
http://www.roughlydrafted.com/2009/11/26/palm-pre-users-suffer-cloud-computing-data-loss/

Ma.gnolia bookmark sharing service lost data in January 2009
http://www.wired.com/epicenter/2009/01/magnolia-suffer/



> We can argue what "might" or "could" happen all day and night long. As long as we don't lose sight of what HAS or HAS NOT happened, I'm good. If we lose sight of what HAS or HAS NOT happened, I'm concerned since the arguments appear to stem more from fear of the unknown more than anything else.


OK. What HAS happened is that the cloud has lost user data in a number of high profile incidents. It has even happened to Google.

Why would anyone think that this track record will improve over time? if anything, as/if "the cloud" becomes more pervasive, the opportunity for loss will increase and the number of incidents pretty much has to increase.

Speaking for myself, I have not lost one bit of data in over 20 years. This is through lightning strikes and fires, hard drive crashes, errors in management, and pretty much every other possibility for loss. I don't use the cloud, and I protect my own data through a comprehensive backup scheme. Yes, I have had to restore from backup on many occasions. Sometimes I have had to go back two or three backups to find an undamaged copy. But I have so far always succeeded.

Maybe your mother doesn't need to do that to the same extent, but some fairly routine procedures will make her data safe without relying on the cloud. Also, without the cloud, her privacy is enhanced and her security is better. After all, if her system is compromised, accessing her data over the cloud still gives her away to the bad guys, but if her system is not compromised and she isn't using the cloud, her data is not subject to the myriad of possible attack vectors that this unknown server, located someplace in cloud-land, constantly faces. Further, unless she is the Prime Minister of England or some such, her system by itself is a much less attractive target than that cloud-land server that contains the valuable data of tens of thousands of individuals. More bang for the buck, cracking the cloud-land server.

Any business, from small to large, has to have a data backup plan in place. The cloud is touted as a way to make it so that businesses don't have to bother with these mundane chores, but that is exactly equivalent to you taking your jugular vein and laying it in the hand of a complete stranger and saying "please don't squeeze".


----------



## jiml8 (Jul 3, 2005)

tomdkat said:


> I disagree. "encouragement" implies conscious awareness which I assert isn't present when those use "cloud computing" or "SaaS". I don't dispute the reality is the storing and maintaining of the data (to keep it available to the data generator or owner) is tasked to someone or more than one person whom the data generator won't know or even know exists but this is much different than "encouraging" people to trust these unknown persons.


This is semantics and I don't think it is useful to pursue it very far. People respond to the incentives they are given. Even if the service takes no action to suggest that the user should just let the service take care of the data, many users will decide to do that anyway. The model permits it and it is easier.



> Besides, these people will spend most of their time providing care and feeding to the computers that will actually be interacting with the actual data in question.


Let's just hope they're competent and honest.



> That's precisely the point. If there was a massive Gmail data loss, it would be all over the media. I don't own or use a BlackBerry but I've heard about the R.I.M. outages impacting large numbers of BlackBerry users. The kind of data loss you mention really has yet to be a reality, when talking "cloud computing".


See my previous post. Google HAS lost data. I had forgotten about the RIMM problems, but you are right...they did it too.



> Clearly, things can go wrong and I'm NOT saying they won't when talking about "cloud computing". However, this is one area where the cloud concept differs from a traditional "single large server" model. If one part of the cloud fails, other parts provide that functionality so the access to data or apps is preserved and the outage not noticed (since the data or apps are still available and working).


Again. Didn't work for T-Mobile, or Gmail. or those others I linked in the previous post.



> Amazon's cloud service has been around for a while now and I haven't heard or read of any catastrophic disasters with their cloud services. If there have been, please post links to the stories.


*koff*, *koff*
http://www.datacenterknowledge.com/archives/2010/05/10/amazon-addresses-ec2-power-outages/

Note the "7 hour outage" and the "data loss" (though it was only for a "small number of users")



> The potential for data compromise will ALWAYS be an issue and is nothing unique to "cloud computing" or even computers in general.


...yet, use of the cloud introduces a whole new set of attack vectors.



> I have heard of banks having security breaches where sensitive data had been compromised. Most of those are involving laptops of bank employees being stolen and not the banks servers directly being hacked. I have been an indirect victim of some of this due to being informed of my account being part of a group that was "compromised" and I was issued a new account number. My money (albeit very little ) remained intact and nothing else really happened other than getting the new account number.


Yup. Me too. But my day to day business data isn't available to those banks. The bad guys couldn't steal my software. Or the sensitive data I have about some of my clients.



> The thing is the "cloud computing" service providers fully understand that their service and their servers will be a direct target for attack. They will protect their service and servers as best as they can AND proactively. Why? Because developing a reputation of NOT being able to protect the data they effectively "host" will damage the business and it won't succeed.


You can be a mighty fortress and withstand all the bombards and hope the walls hold. Or you can be stealthy and quiet and steal silently through the minefields and away. When you are stealing silently away, you are a much smaller target even if you are carrying the crown jewels. Particularly if those bombards are blasting the fortress walls specifically to get at those crown jewels.



> I think my "ideal" situation is more of a reality than either of us really know.


Not according to the links I provided.



> The thing is *people* decide what is "important" data and what isn't. The data, itself, doesn't "know" if it's important or not. If SaaS needs data to function, that data needs to be provided. If you're not comfortable providing the data a particular SaaS application wants or needs, simply don't use that application. SaaS doesn't inherently "require" sensitive data to function. The kind of data any given SaaS app needs to function will depend on the particular SaaS app in question.


But, let us return to where this discussion began. You stated that the cloud would take over. I stated it wouldn't.

Now it would appear that you have come around to my way of thinking; if you don't like it, don't use it.

Cool. 



> Sure there is. You need a *server* involved to facilitate the connection between the two components.


A server is nothing but a computer program. It doesn't even need to have access to the internet, though if it doesn't its utility is often lessened. Server programs can and do run on Windows desktop computers. This is a complete and total non-issue.



> My mom's computer doesn't have Bluetooth support even though her mobile phone does. If she can update her calendar from her phone while away from home and have those updates automatically sync'd to her home computer, she won't need to worry about establishing a connection between her computer and phone, let alone having to power her phone on to get it connected, etc.
> 
> Publishing IP addresses, configuring firewalls and possibly routers to allow the traffic to flow. All of a sudden, my mom is more of a computer networking "expert" than she arguably needs to be.
> 
> How many people reading this thread would be able to configure SSH to run on their systems? Besides, what happens if the "server" system isn't available? Fortunately, my home computer was off when there was a blackout in my area a couple of weeks ago but my mom's computer wasn't. If she was away from home and her machine wasn't available for ANY reason, she wouldn't have access to the data on it (e-mail or otherwise). I get miffed when the ATM machines are closed for maintenance. I get miffed when any of the online services I use are down for maintenance. At least in those cases, I would blame "them".


All this is true, which is why my phraseology was as it was. There is no reason at all, however, that this could not be changed and made fully automatic, if a standard was defined and the major vendors all signed on. One of the biggest problems I have with my ASP program is the need to forward ports through firewalls. There is no standard way to do that automatically, and most of my client base lacks the sophistication to do it themselves. If the manufacturers would define a standard, provide a means to sign up my service and obtain, say, a legitimate digital key that I could provide to clients that would automatically permit configuration of their router, then I could solve my biggest problem.

Envision a world where your mother brings her blackberry close to the desktop, tells them to learn each other, then walks away, with each now configured to find and recognize the other. It would be something like the GoToMyPC service, but with a higher level of automation in setup. There would be no need for a third party to keep the data and the apps.



> Not true. I have to provide information identifying myself as the correct passenger so I can get the appropriate boarding pass. Otherwise, how would they know which boarding pass to allow me to print? The SaaS is the function that allows me to print the boarding pass. I send them the info to identify me so they can retrieve the appropriate info and generate the boarding pass to present to me for printing. THEIR computers retrieve the appropriate info and generate the boarding pass, not mine. I don't own a "SaaS" but I would be using their's.


Again, semantics. It isn't YOUR SaaS, if that is what it is (and it probably isn't. It probably is a private network or a VPN that connects to dedicated and secured host servers belonging to the airline, running the airline's software). You are using their terminal and beyond that they are choosing how they do it.



> You're right that it involves loss of control (the radical nature of it depends on the specific data in question), and *potential* loss of privacy, and *potential* loss of security. The same privacy and security issues exist in many other facets of our lives and are not restricted just to "cloud computing".


And THAT is neither an excuse nor a justification.



> We don't *know* if any data we hand over will be kept "private" and "secure" regardless of who we hand it over to. When I call my insurance company, their computer asks me for one of two pieces of identifying information: my membership number or my social security number. How do I know their computer isn't recording that information to make available to someone else, without my knowledge or approval? The answer is: I don't.


And you don't care. YOU called THEM. You initiated the conversation, so you have a strong assurance that you are talking to who you think you are talking to. They already have the information and are merely verifying that it is safe to talk to YOU.

Now, had THEY called YOU and asked for that information, you would be several different type of fool if you answered.


----------



## tomdkat (May 6, 2006)

jiml8 said:


> A difference without a distinction...to the common user anyway. How many times do you see someone ask a question on this site which starts with "My internet isn't working...."


Far too often than I would like to admit. Of course, I also give these people the benefit of the doubt that they are _actually_ referring to their Internet *connection* when they refer to "their Internet", just like I do for those who refer to their "Bluetooth *headset* or *ear piece*" as their "Bluetooth". I mean if someone posts *online* that their "Internet" went out and they serious believe "The Internet" is not working, then we've got some fundamental educational issues to address. 



> If your data is "out there" and you can't access it, then it really doesn't matter why you can't access it - you can't access it. Well, it DOES matter; some forms of lost access will eventually be corrected, but if the argument is that "my data is there when I need it..." then the myriad of examples I gave shows how that is false.


Actually, only one of your examples comes close but that's it. If your hard drive crashes, the data on it might or might not be accessible depending on the nature of the crash. With some effort and technical knowledge or assistance from someone with technical knowledge, the data can be recovered and the hard drive repaired (reformatted maybe) or replaced. If my ISP (Comcast) has a problem in my area and my neighbor has a different ISP (say AT&T DSL), then I can use their Internet connection (if they allow me to do so) to access my data. The fact that *I* can't access it doesn't mean that data is *not* accessible.

If the *server(s)* that provide access to my data are unable to do so, then my data is *not* accessible because the point of failure isn't on my end but on their end and will be outside of my control (something I have never disputed). The point of the "cloud" is to minimize or eliminate that single point of failure such that my data will be available regardless of any given point of failure. Of course, if the entire Internet goes down then the "cloud" has crashed and I will then be in the predicament you describe. That is unless I maintain redundant backups of my data locally, which would then provide me access to my data even though it's not available online.

I think we're talking apples and oranges here.



> Happened just last fall (October) with a cell phone network. I said Alltell, but I just looked it up and it was T-Mobile. They lost a LOT of data from the entire network for users of their Sidekick.
> http://www.appleinsider.com/article..._data_loss_casts_dark_on_cloud_computing.html


Cool. I didn't know T-Mobile was a "cloud" service provider, nor did I know their mobile network used "cloud computing" services. After looking at that article (thanks for the link), I learned that it was a Sidekick issue that I vaguely remember hearing about in the news. What I found of interest in that article was this:


> Microsoft's takeover of Danger almost two years ago should have given the software giant the time to fortify and secure Danger's online operations. _Instead, it appears the company actually removed support to cut costs_. According to a source familiar with Danger before and after the Microsoft acquisition, T-Mobile's close partnership with the original Danger was leveraged and then betrayed by Microsoft when Steve Ballmer's company decided there would be more money involved in dropping its exclusive deal with T-Mobile to partner with Verizon on the side.


I didn't know "Danger" was the original creator of the Sidekick and Microsoft had acquired them. So, given Microsoft's decision to _remove support_ of Danger's online operations to cut costs, the question that I have is: would this crash have happened if Microsoft didn't make the decision to remove support? Does this really point out an issue inherent to "cloud computing"? Were Danger's servers spread out in multiple locations or were they all consolidated in the same data center? Ok, so that's three questions. 

Also, it looks like some of that data was restored.



> In an earlier post you asked about when Google had lost data. Gmail lost a LOT of data, including backups, in 2006.
> http://www.oreillynet.com/xml/blog/2006/12/gmail_disaster_google_confirme.html


Ok, in that article, I read this:


> Hi there TechCrunch folks,
> 
> We saw your post today about Gmail and wanted to let you know what was going on.
> 
> ...


60 people is a _lot_ of people but when considering the volumes of people using Gmail, even in 2006, I'm not sure why the number of people who lost their e-mail was limited to 60. Of course, this took place *4* years ago. Given the volume of traffic Gmail gets, I wonder why this hasn't happened again since then. Hmmmm.



> Palm Pre. Data loss Nov 2009 if you reset or replace your webOS phone.
> http://www.roughlydrafted.com/2009/11/26/palm-pre-users-suffer-cloud-computing-data-loss/


This appears to be loss of a different kind in that the server-side of the equation doesn't seem to have taken a "hit" of any kind but the backups they were supposed to be performing weren't being performed. Unfortunately, no explanation of what actually happened has been posted so it's not clear on where the failure occurred and why it occurred. I would imagine those who didn't reset or replace the webOS phone were not impacted.



> Ma.gnolia bookmark sharing service lost data in January 2009
> http://www.wired.com/epicenter/2009/01/magnolia-suffer/


Thanks for this link too. From that article, I read this:


> Ma.gnolia experienced every web services worst nightmare: data corruption and loss. For Ma.gnolia, this means that the service is offline and members bookmarks are unavailable, both through the website itself and the API. As I evaluate recovery options, I cant provide a certain timeline or prognosis as to to when or to what degree
> Ma.gnolia or your bookmarks will return; only that this process will take days, not hours.


Unfortunately, the article doesn't indicate whether the data was actually restored or not. If it was, than the data wasn't "lost" or at least it was unavailable temporarily vs being "lost" for good.

So, those are examples of the kinds of things that can go wrong when things are mismanaged but certainly not as catastrophic as you or those articles might imply. I see that sort of like checking luggage when flying somewhere. Some people refuse to check their luggage for fear of it getting lost. There are statistics that support the fact that airlines can lose far more luggage than they should. However, the 20-30% of luggage that gets lost pales in comparison to the 70-80% (numerically respectively ) of luggage that doesn't.

Yes, things CAN happen and failures CAN occur. Given the volumes of people using online services today, why are we NOT hearing about more of these outages? Why hasn't Facebook lost ALL or MOST of the profiles of its members? Why hasn't Twitter lost ALL or MOST of the tweets posted there? Why hasn't YouTube lost most of the video content it hosts? I mean we're really pushing the Internet hard and as more people get broadband Internet access, it will be pushed even harder.

Given these LARGE and popular sites, providing interactive services, why are we NOT hearing about more crashes or data loss?



> OK. What HAS happened is that the cloud has lost user data in a number of high profile incidents. It has even happened to Google.
> 
> Why would anyone think that this track record will improve over time? if anything, as/if "the cloud" becomes more pervasive, the opportunity for loss will increase and the number of incidents pretty much has to increase.


Great point! The thing is, *we* have yet to see this actually happen. The Gmail outage was in *2006*. I bet there are MORE Gmail users today than in 2006. Shouldn't that mean Gmail is _more_ prone to outages than in 2006 simply because there are more users and more data in its control?

Why would anyone think this track record will improve over time? Has time already demonstrated that? Or do you want to allow for more time? How often does Twitter go down a month? How often has Twitter been down since Jan 2009? Do those numbers not indicate things are improving or does it indicate the site and service maintainers are simply getting lucky?



> Speaking for myself, I have not lost one bit of data in over 20 years. This is through lightning strikes and fires, hard drive crashes, errors in management, and pretty much every other possibility for loss. I don't use the cloud, and I protect my own data through a comprehensive backup scheme. Yes, I have had to restore from backup on many occasions. Sometimes I have had to go back two or three backups to find an undamaged copy. But I have so far always succeeded.


Sounds good. I wish more people would backup their data, including myself.  LOL



> Maybe your mother doesn't need to do that to the same extent, but some fairly routine procedures will make her data safe without relying on the cloud.


Ah, but she doesn't *have* to rely on the "cloud". It simply provides convenient access to her data, making it *easier* for her to manage it. She doesn't *have* to use the "cloud" exclusively, nor does she *have* to not use it at all. It's simply a tool she can use in a manner that suits her needs best.

Ideally, local backups of important data would be saved locally for redundancy while she uses the online services to provide the data access she wants or needs in the manner in which works best for her. If she doesn't have to worry about making sure her calendar is sync'd between her phone and computer because those devices will deal with that themselves, she can focus that energy on other things BUT not be completely aloof to the fact that she needs to make sure her local backups are maintained and safely stored.



> Also, without the cloud, her privacy is enhanced and her security is better. After all, if her system is compromised, accessing her data over the cloud still gives her away to the bad guys, but if her system is not compromised and she isn't using the cloud, her data is not subject to the myriad of possible attack vectors that this unknown server, located someplace in cloud-land, constantly faces.[/url]My mom was the victim of identity theft _before_ she started spending as much time online as she does now. Again, "the cloud" doesn't _necessarily_ put you more at risk. If you choose NOT to put sensitive info "out there", it's not "out there" for hackers to try to gain access to. I have a Facebook profile. I DO NOT put my phone number in it, nor do I put specific location information in it. I know people that have that info in their profiles. If hackers get into Facebook and gain access to my profile, they won't find much of interest. "the cloud" doesn't FORCE me to put sensitive data "out there".
> 
> Now, her and my sensitive data is kept by our banks, hospitals, my employer, the State of California (where we live), and the U.S. Federal Government. Those agencies, alone, provide plenty of opportunity for unauthorized parties to gain access to my data and those most likely won't involved "cloud computing".
> 
> ...


----------



## tomdkat (May 6, 2006)

jiml8 said:


> This is semantics and I don't think it is useful to pursue it very far. People respond to the incentives they are given. Even if the service takes no action to suggest that the user should just let the service take care of the data, many users will decide to do that anyway. The model permits it and it is easier.


You're right. People do respond to the incentives they are given. The "good" decision makers will do the proper research and investigation to determine if that solution is right for them. The practicality of online data storage for a person or business doesn't *require* them to make online storage the *only* means of data storage. The company pushing the service might argue otherwise, but that's the company trying to get business. That's not inherent to the technology.



> Let's just hope they're competent and honest.


I think the companies employing these people would have these same concerns. Don't you?



> See my previous post. Google HAS lost data. I had forgotten about the RIMM problems, but you are right...they did it too.


I did read that post (our posts are flying past each other through "the cloud" ). 60 users is a lot of people but when considering the number of Gmail users, it's not the "massive" data loss I mentioned in my post.



> Again. Didn't work for T-Mobile, or Gmail. or those others I linked in the previous post.


You should do the same with my comments above. 



> *koff*, *koff*
> http://www.datacenterknowledge.com/archives/2010/05/10/amazon-addresses-ec2-power-outages/
> 
> Note the "7 hour outage" and the "data loss" (though it was only for a "small number of users")


Thank you for mentioning the "small number of users" part, since that illustrates my point. My comment from above:


> Amazon's cloud service has been around for a while now and I haven't heard or read of any *catastrophic disasters* with their cloud services. If there have been, please post links to the stories.


I don't consider a small number of users being impacted "catastrophic" even though those particular users might feel differently. 

Again, given the number of people using Amazon's cloud, does a "small number" actually indicate a "catastrophy" to you? Besides, we know nothing of the actual impact of the outage on those customers since we know nothing of the kinds of sites hosted in that particular rack that was impacted. Clearly, those sites weren't distributed across different systems in different locations, so we're back to the "single point of failure" issue, right?



> ...yet, use of the cloud introduces a whole new set of attack vectors.


 I don't think so. I mean when you get down to the nitty gritty, we're talking about servers hosting data, regardless of the configuration. A server connected to the Internet will always present a hacking opportunity.



> Yup. Me too. But my day to day business data isn't available to those banks. The bad guys couldn't steal my software. Or the sensitive data I have about some of my clients.


See, that's what I mean. You *choose* not to provide your day to day business data to those banks just like you can *choose* not to store that data in "the cloud". "the cloud" doesn't require you to store your most critical data in it.



> You can be a mighty fortress and withstand all the bombards and hope the walls hold. Or you can be stealthy and quiet and steal silently through the minefields and away. When you are stealing silently away, you are a much smaller target even if you are carrying the crown jewels. Particularly if those bombards are blasting the fortress walls specifically to get at those crown jewels.


Do you honestly think the "cloud service" providers would be this inept? I can see a smaller provider not having the resources to deal with this, but a major provider?



> Not according to the links I provided.


Your links illustrate part of my point. I mean the examples just don't support your assertions.



> But, let us return to where this discussion began. You stated that the cloud would take over. I stated it wouldn't.


I didn't state that at all. I posted this:


> Things will get real interesting when we reach the point of ultimatum: either participate in the "cloud" or don't participate at all.


Meaning, I think there will come a point in time where people will have to choose whether or not to participate in "cloud computing" or not. For example, Chrome OS. If/when Chrome OS ships on a Netbook, the person who buys that Netbook will have to participate in Google's "cloud". Why? Because that's how Chrome OS is setup. If they want to run Chrome OS, they participate in the "cloud". If they don't want to do that, they don't run Chrome OS. Hence the "ultimatum". 

I have no idea if "cloud computing" will actually become the dominant or prevalent computing model but computing trends are certainly heading in that direction. When I hear "lay" people talking about how they like Google Docs, I see that as an indication that people are warming up to doing more and more online.



> Now it would appear that you have come around to my way of thinking; if you don't like it, don't use it.
> 
> Cool.


 Not quite. I'm not proposing an "all or nothing" approach, as you seem to be doing. You keep using "critical data" as the only example of the data to be stored in "the cloud" and the only thing that can happen to that data is it will be lost or compromised in some fashion. My thinking is quite the contrary. "cloud computing" is simply a tool that can or should be used as it fits in with any given person or business' computing needs. The people should *choose* which data to store in "the cloud" and which data not to store there. "the cloud" is nothing to fear. 



> A server is nothing but a computer program. It doesn't even need to have access to the internet, though if it doesn't its utility is often lessened. Server programs can and do run on Windows desktop computers. This is a complete and total non-issue.


It's not a non-issue. Why? Because that server needs to be configured and administered. A server doesn't even need access to the Internet to retain its full utility. I run Apache on my system and it doesn't have access to the Internet (given my firewall rules) yet it functions on my LAN beautifully. You can't "just" publish an IP address and expect things to "just work". Look at the number of people seeking help with "WAMP" or "XAMPP" servers and tell them they are making an issue out of something that isn't one. 



> All this is true, which is why my phraseology was as it was. There is no reason at all, however, that this could not be changed and made fully automatic, if a standard was defined and the major vendors all signed on. One of the biggest problems I have with my ASP program is the need to forward ports through firewalls. There is no standard way to do that automatically, and most of my client base lacks the sophistication to do it themselves. If the manufacturers would define a standard, provide a means to sign up my service and obtain, say, a legitimate digital key that I could provide to clients that would automatically permit configuration of their router, then I could solve my biggest problem.


Understood but unfortunately, that's not reality. The reasons for this are what you state, competition from different vendors not wanting to standardize.



> Envision a world where your mother brings her blackberry close to the desktop, tells them to learn each other, then walks away, with each now configured to find and recognize the other. It would be something like the GoToMyPC service, but with a higher level of automation in setup. There would be no need for a third party to keep the data and the apps.


Yep, that would be cool. Now, let's envision the world of today. My mom can update her calendar on her BlackBerry, it syncs with whatever service she uses and turn it off. When gets home, she fires up her PC, logs in and her calendar gets sync'd by the calendar app that starts when the system boots. She doesn't have to touch the BlackBerry at all.



> Again, semantics. It isn't YOUR SaaS, if that is what it is (and it probably isn't. It probably is a private network or a VPN that connects to dedicated and secured host servers belonging to the airline, running the airline's software). You are using their terminal and beyond that they are choosing how they do it.


Ah, I see the disconnect. I'm talking about printing boarding passes at *home*, not at the airport. People who fly SouthWest sometimes print their boarding passes at home (or at some computer not at the airport) so they don't have to check in at the terminal. They use their browser to connect to the airline's website, login (thus supplying identification info to "the cloud" for processing), and access their boarding pass for printing on the local computer. I guess in some cases, they might be able to do the same from a mobile device and display the barcode for the pass on their screen for scanning before boarding.



> And THAT is neither an excuse nor a justification.


My comment wasn't meant to be either. Just stating the privacy and security issues you cite aren't exclusive to "cloud computing". We need to be conscious of privacy and security in most facets of our lives.



> And you don't care. YOU called THEM. You initiated the conversation, so you have a strong assurance that you are talking to who you think you are talking to. They already have the information and are merely verifying that it is safe to talk to YOU.


A "cloud computing" service doesn't *pull* whatever data it wants from my computer or mobile device. I have to configure my computer or device to *send* the data I wanted stored in "the cloud" to "the cloud". Still, that doesn't mean the recipient of that information will handle my information safely and securely. I might *trust* that is the case but that's not "assurance". What assurance would I have that my info is being kept safe? Here's an anecdote. My boss took us out to lunch and we went to a local Chinese restaurant. He paid the bill by giving his credit card to the server who ran the charge. The server returns with his receipt and he signs and we leave. 2 weeks later, the Secret Service calls him out of the blue and tells him his credit card number got compromised and apparently at least one employee of that Chinese restaurant, where we had been eating for YEARS before this incident, was involved in a credit card number theft ring. They swiped his card twice: once in THEIR reader and once in the reader to run the actual charge.

We went back to the restaurant after this went down to see if we could identify who was missing so we would know who the thief was.

When I call my bank or insurance company, I know absolutely nothing about the person I'm speaking with but I trust the company that employs them will make sure they won't jeopardize the safety of my sensitive information.



> Now, had THEY called YOU and asked for that information, you would be several different type of fool if you answered.


Clearly. LOL Wouldn't that be funny! The thing is, that kind of thing happens with phishing e-mail and people take the bait. Interesting times we live in.... 

Peace....


----------



## Stoner (Oct 26, 2002)

Very interesting discussion, tomdkat and jiml8.

As an onlooker, the concept of 'cloud computing' and storage in the 'cloud' seems to have a lot of crossover in the discussion....blurring of concepts.
I suspect the ultimate success of the concept hinges on business acceptance in regards to acceptable losses versus the bottom line.......and the type of data being generated from cloud computing.
Banking already absorbs losses from just their own servers, but the model is more profitable.
Proprietary works, like scientific research, will likely not embrace cloud computing, imo...common sense and corporate paranoia concerning industrial spying.

On a personal level, I find too much risk with the concept of cloud computing to trust any of my own financial computing and record keeping to unknown servers across the world.
I don't even file my tax returns 'across the internet' .

BTW.......Federal and State estimated tax returns are due today.
Mine's in the mail ..................


----------



## jp1203 (Jul 21, 2005)

My main problem is that it's a single point of failure. If your internet connection goes down, you're done. Right now, if I've got power, I can get to all of my files. Sure, my DSL connection is just about as reliable as it gets, but should something happen I don't want to be without everything.

Also, should a remote server somewhere lose anything for one reason or another, I'd be very upset. At home, I've got mirrored RAID drives, plus weekly backups on an external. Chances are, I'm not going to lose anything--and if I do, it's probably going to be my own fault.

Relying on others to keep my data safe and available isn't something I like the idea of, especially when I take care of everything myself just fine.


----------



## GreyWolfAlpha (Jun 17, 2010)

The biggest issue we have with cloud computing is security. I work for a Global company that is very sensitive to espionage. Trust for the cloud is just not there. If one day we are forced then alternatives will be found.


----------



## paisanol69 (Sep 7, 2005)

http://forums.techguy.org/tech-related-news/930239-new-bill-grants-fed-power.html 
(Thanks Tom, for the link)

...however, re: link above... the proposed bill is one of the reasons that I feel the hype regarding cloud computing, and its supposed "take-over"of the internet, in the near future, is not as likely as some would think. 
There are several other reasons that I don't think cloud computing will become as accepted (compaired to the use of full functionality home computer units) as a few folks would have us believe (Steve Jobs anyone)
I cannot imigine that any majority of linux users are going to be willing to commit all their data to the cloud, since in my experience, most linux users are above the average, or norm, when it comes to computer knowledge.

What with google touting their new OS, and stating that it is designed to be used in conjunction with their cloud, is going to draw in a whole slew of non-savvy computer users, who purchased their net books thinking that even though they saved money, their experience on the web will be as good as anyone elses, no matter where they store their data.

The backlash when those less than educated folks start hitting delays, or non-access issues thru the cloud, is going to be huge. And it will happen,as more of them sign onto the idea of the "cloud" That is just my personal opinion, I know it has been discussed here in this thread.

Add to that, what the reaction will be, (by those same less than savy masses), when our own government decides its time to "shut down" the web, for whatever reason ( and once our government passes this law, you can bet there will be other governments that will follow suit) they feel is necessary (security? terrorism??)

I can see it now, all of those folks that have the google, or similar operating system installed, not only can they NOT ACCESS the web, but their computers are completely worthless since their OS only functions, when connected to the cloud.

yep, google is onto a sure fired winner, with the cloud OS.


----------



## Mumbodog (Oct 3, 2007)

> Are We Too Complacent About Cloud Computing?


Maybe the title should be:

"Are We Too Ignorant About Cloud Computing?"

No offense intended to any members here.

I am Never going to intentionally store personal data on the cloud myself. Even though most of our personal data is stored somewhere on the net.

.


----------

