Thoughts on the Cloud
- Details
- Last Updated: Wednesday, 26 February 2025 14:40
Defined..
Technically anything outside of your own LAN is classed as the cloud. However, my comments here refer to services that make life easier or provide us with social sharing, public information, private data management or access to.
Big Business
Generally these are all owned by big businesses which offer services, paid or free. Unfortunately the focus of their loyalty is not to their users, but to their shareholders and just making money, either by subscription, advertising, product sales, or a combination of, and ultimately submit to the Government.
Examples, not in any particular order are: Twitter, Instagram, Google, Facebook, Microsoft, Amazon, Apple, Xero and local utilities (Power, Gas, Internet) and even our own KiwiSaver.
The Good
Access to data from anywhere and everywhere. From Maps to home light-bulbs or remote control of your aircon unit or providing communications worldwide now virtually free to all. Several offer servers for rent that enable anyone to create a web presence for virtually any purpose.
Our financial systems have evolved over the last 20 odd years from paper ledgers and bank-books to internet banking allowing us to pay bills or transfer money instantly.
The Bad
Protection of our privacy. A claim they can't fulfill...
Mostly all significant services are based using cloud services provided by, Google, M.S Azure, Amazon AWS, and are based in the USA where they are required to hand over your data with decryption keys on the whim of a government department. And not just these companies as many smaller one rent their services from the big three.
Back in 2013 whistle blower Edward Snowden revealed that for years the NSA had been recording virtually all internet connections to and within the USA using Prism. (A process that split the light in private fibre optic cables and routed it into their own data centre without owner permission or knowledge.) Once this became public, affected business immediately implemented encryption systems. The NSA then began demanding legislation to force "back-doors" into such encryption systems, which so far has been avoided for various reasons, but if ever enacted it is highly likely that any such keys or methods would be discovered by hackers, rendering all such encryption totally useless. There have been several instances proving such NSA secrets cannot be kept or hacking software has escaped from their control.
Even KiwiSaver provider Generate has had thousands of their clients details stolen. Names, Bank and Credit card accounts, IRD numbers, Birthday and probably address - enough for a bad actor to perform identity fraud.
The bigger they are the harder they fall. This is so true with cloud based services. We all know about receiving program updates, that they take time to install and sometimes break things. Cloud based systems are no different and when things go wrong the effects are felt world-wide. While they go to great efforts to protect their data centers with multiple connections to the outside world, battery and generator power backups, faults still can and do occur. On this scale they support multiple data centers which synchronise with each other, so the loss of one should go unnoticed. Program updates usually have staggered roll-outs, but any issues may not become apparent until many data centers are affected and eventually their complaining users draw it to their attention. By this time its too late to stop and the effects can take hours to correct or reverse. Those systems that get fixed or remain working now become overloaded and unavailable to many users, for hours or even days. Remember that at all times, somewhere in the world users are starting their work for the day.
The Ugly
Despite having access to all internet communications for years, mostly unencrypted, the NSA completely failed to act on any terrorist communications that could have lead to predicting 9/11. Pretty much proving that giving them encryption back doors would not make any difference.
Little trust and accountability. They care about individual data about as much as you care about a fly on the wall or the ant on your kitchen bench. A quick dose of spray solves the problem.
The publication of facial images on sites, such as Facebook, Google etc. and their capture by sites such as Clearview may lead to ones complete loss of privacy. Not just for law enforcement as this site claims, but might in the future easily allow anyone to take a picture in public with their phone and with an app find the names and maybe other details of each person in the photo. For more info see an article on Radio NZ (RNZ.co.nz) on Clear View and the risks that such technology present.
P.S. Feb 28 2020 Clearview's client list was hacked!
Proof that many businesses are not trustworthy can be seen in our article 'A decade of failures', a review of security issues over the last decade. We must therefore be very vigilant and do all in our power to prevent such a loss of our privacy at all costs.