The Wisdom of the (Madding) Clouds

Loved the "Wisdom of the Clouds" title, it's pinched from Paul Carr's piece on the issues that the Wikileaks affaire brought up - or rather, the way Cloud players rolled over when Sen Liebermann roughed them up and couldn't hand over user data fast enough (Twitter being the honourable exception).

It used to be that if the US government wanted access to documents or letters in my possession they’d have to subpoena me directly. As a foreign citizen there are all sorts of ways I could fight the request – and it was at least my choice whether to do so. As someone living in the US I also had the whole weight of the 4th Amendment on my side. Now, with everything in the cloud, the decision whether to hand over my personal information is almost entirely out of my hands. And unless, as happened with Twitter, the company storing my data decides to fight for openness on my behalf, there’s every possibility that I won’t even hear about the request until it’s too late. That’s just not how things should work in a free society.

We agree totally (see here) and its no accident that many of those most interested in telling YOU to open up run very closed shops themselves. Look at what they do, not what they say!

We would also argue that there is another, older reason to question wisdom of Clouds, and this is simply what happens if it goes away - all that data - gone. There are 3 aspects:

(i) Cloud not accessable from current location - this means potentually a whole lot of work you need to do can't be done. I am amazed at the increasing number of people who look at me as if I'm nuts when I say i use Thunderbird to actually store all my emails on my own hard drive(s), not just for backup but to work when connection is unavailable. It beggars belief that there are people who can't access their email locally, but there you go... the madding crowd and the Cloud and all that.

(ii) Cloud connection/service temporarily down - work stopper, especially if it is core data. Why would anyone take this risk. Clouds cannot be 99.99% reliable, and Murphy's Law clearly sates that the .001% will be at the most inconvenient time possible. No sane CIO would not have a backup strategy

(iii) Cloud service disappears - either it kocks you off (cf Wikileaks) or goes pop. In either case good luck getting your stuff back. At least with a hard disk crash you can try and sort it out yourself.

We have been worried for quite soem time about privacy implications of Cloud storage, especially on free services - though as the Wikileaks affaire proves. its not just free services that can play fast and loose.

Long term readers of this blog will know our recommendation is to go for hybrid services - use the cloud by all means , but keep a hot running local backup. This is borne by our experience over 20 years dealing with networked and hosted services. You cannot engineer these thinsg to be 100% reliable even at infinite cost. at affordable cost they will be a darn sight less fr quite a whiel. (I note the Cloud lobby can no longer claim that Cloud services are more economical)

Another thing we have been looking at is where can you put secure servers, ie ones that can't be pried into by powerful bodies. which countries would host such a service? (Encryption is not enough, as if the host country wants the data badly enough they can get it, and its no guarantee that your encryption can't be broken (or more likely, compromised by man-in-the-middle attacks) if the hoster is in cahoots with said snooping entity.