We are developing the social individualist meta-context for the future. From the very serious to the extremely frivolous... lets see what is on the mind of the Samizdata people.

Samizdata, derived from Samizdat /n. - a system of clandestine publication of banned literature in the USSR [Russ.,= self-publishing house]

If The Cloud is the future, we need more than one future

There is a good article on TechRaptor about alleged Chinese intrusions into iCloud.

Greatfire.org, a website dedicated to monitoring and combating online censorship in China, has provided technical evidence to substantiate these allegations. Apple was already facing some heat after pulling anti-censorship apps from it’s iStore and also it’s recent decision to move iCloud storage of Chinese user data to centers within mainland china.

And just in case you think China is the only Bad Guys we need to worry about…

Of course, no one should pretend that this kind of spying only goes on in repressive countries like China. In comparison to the NSA use of ‘fiber-optic splitters’ to copy and filter data directly from the telecommunications backbone, a MITM attack seems rather quaint. Furthermore, it was reported earlier this year that the NSA had capitalized on the Heartbleed bug to steal passwords and other sensitive information.

Big Brother has many guises.

16 comments to If The Cloud is the future, we need more than one future

  • Laird

    I’m certainly not worried about China; it’s my own government which concerns me. I put precious little onto the Cloud, and what goes there is totally innocuous and/or I don’t care who sees it. Everything else stays safely earthbound.

  • I hardly use Cloud storage at all.

  • I use the cloud to disseminate technical information. Stuff I actually want open.

    An example: http://spacetimepro.blogspot.com/2014/03/lpc1114-devl.html

    BTW just so you know. I’m a former Naval Nuke and all my comms are probably subject to heightened government scrutiny. Ah. Well.

  • The Neon Madman

    Each time that you see the term “the cloud”, substitute the equivalent “someone else’s server”. Clarifies the picture for most people.

  • Andrew Duffin

    What The Neon Madman said.

  • I am using SpiderOak, as recommended by Mr Snowden. I’ll post up a review soon.

  • Well sure Neon Madmen, but does anyone not already understand that?

  • Tedd

    I’m a big user of, and a big fan of, cloud services. They are great equalizers for small competitors. Markets are nearly always configured to protect the large and the established, so small challengers need all the help they can get. Cloud services are one of the most powerful tools at their disposal.

    On the subject of security, your data is at much greater risk from incompetent IT (including, for most of us, when it’s on your home computer) than it is from being in the cloud. Unless you’re somebody really big, or are in a very IT-savvy industry, it’s highly unlikely that your data will be less secure in the cloud than when entrusted to your own IT people, or to yourself.

  • it’s highly unlikely that your data will be less secure in the cloud than when entrusted to your own IT people, or to yourself.

    Not convinced. Especially as my sensitive data sits somewhere that has an ‘off’ switch and an air gap when not in use.

  • Mr Ed

    Well sure Neon Madmen, but does anyone not already understand that?

    I think that’s a perfectly valid point by Neon Madmen. The lack of knowledge of what computers do (and don’t do) is broad and deep.

    Heck, many people think socialism works. Not that many understand how a microwave works.

  • Jerry

    Agree totally with Neon and others here

    ‘Each time that you see the term “the cloud”, substitute the equivalent “someone else’s server”.’
    Substitute ‘computer’ for ‘server’. ‘Server’ is another mystery term to MANY people.

    Spent decades in and retired from IT ( Data Processing to old timers )- LONG before there were ‘PC’s and believe me, security was an afterthought at the PC level. NO ONE EVER considered that there would be literally millions of computers interconnected. This is partly because early telecommunications efforts were riddled with problems, lack of reliability ( data integrity ) being a major issue ( hey, flip a ‘zero’ or a ‘one’ and the results can be, as manuals state, unpredictable ! ).

    In many cases, one does not know where the cloud is physically ( yes I know that one does not always get the same storage space at the same location.

    Ask yourself these questions.

    If you backup your system ( or store some of your data ) on ‘the cloud’,
    WHO would you call if it all vanished ( and how would you PROVE what was there, when it was put there, who put it there etc. ?? )
    How would you know if any of your data was corrupted or modified without lengthy comparison runs, and what could your do about it ?

    Sorry but my data, sensitive or not stays in my possession.
    One of the best approaches is that sensitive data is kept on a system or systems that are not even connected to the internet ( tough to hack !! ).
    Add encryption, GOOD encryption, software on top of that helps.

    People seem concerned about identity theft ( doing your banking from a PHONE for crying out loud !? – is your time REALLY that damn valuable ? ) and yet have their data scattered from hell to breakfast, have little if any idea EXACTLY WHERE the data is or who may have access to it and then wonder HOW someone got access to it.

    Sorry, some of you just keep believing you’re data is safe this way but not me.

  • Tedd

    Perry:

    You can simply never connect your computer to the internet. But that seriously erodes its utility.

    If you connect to the internet at all then you are living in a fool’s paradise if you think turning off the switch now and then is helping. Last time I checked, it took 7 seconds for a bot to attempt an attack on a newly-configured computer, after connecting it to the internet. And that was years ago. It would not surprise me if it’s under a second, now.

    Trying to protect yourself by disconnecting from the internet is about like trying to avoid a shock by only touching the wires briefly.

  • Well to state the obvious Ted, time is not just money, it is also exposure. Whilst my data is offline, I have yet to see a bot than can jump the air gap. I can make sure everything is up to date, scanned and happy before reaching over and plugging in that FireWire to the RAID. No boot delay vulnerability window. And all the information I really need to protect simply has zero reason to always be accessible (and therefore attackable), because I am not using it daily. And much of it only rarely, if ever, need to get out and about.

  • Tedd

    Good luck with that, Perry. I’ll see your intermittent off switch and raise you a professional IT staff that knows far more than I ever will and has a financial incentive to do a good job. For the average person, and for the typical business, concern about data security is simply not a good reason to not use cloud services. You can’t protect your data as well as they can.