Saturday, 21 January 2012

Cloud Storage: I wouldn't bet on it

Do you store your data on a public cloud? Would you consider it? Not me, thank you. I've had serious doubts about this technology since it was introduced, and although I hate to say "I told you so", I told you so.

Recently (January 19, 2012), Megaupload was shut down. Its computers and toys (including some monster TVs and a clutch of Mercedes automobiles) were seized, not to mention somewhere around a thousand servers. If you have -- er, had -- any files stored there, color them Gone. Theoretically, they are in limbo, rather than actually gone. But you won't get them back unless and until the seven Megaupload people arrested are eventually found innocent, and given the speed of swift justice, that will take years.



There are lots of cloud-storage companies, some of which are subsidiaries of giants like Microsoft and Google. Their sheer size doesn't make them immune, either to the DOJ or to the whims of malicious hackers, which is why I've refused to board this train. There's no way in the world I would upload anything to such a site without a local backup of said data, and that rather defeats the point. The only valid reason that I can see to do this is to gain access to the files no matter where you are. This does not solve the problem, but merely relocates it. Should you update the cloud-file(s) from anywhere, then you need to copy the updates back to your location. If you're not at home or work, then hopefully you have a memory stick with you. 64-gig sticks are available now, for less than a dollar a gig, so it's feasible, unless the file you're updating is a database.

To the list of Things That Could Go Wrong, we should add Bankruptcy. In that event, you might not even receive advance notice and the chance to migrate your files to some other cloud provider. In the case of intervention by the DOJ or some equivalent, you can rest assured that all your unencrypted data will be inspected, if only to buttress the argument that criminal activity (copyright violations, possession of kiddie-porn, etc.) was taking place. The irony is, even and perhaps especially, if your data on the cloud is encrypted, a closer inspection is warranted. If you have nothing to hide, why bother with encryption? In that light, encryption borders on admission of guilt.

My advice: think very carefully before placing your head in a cloud. Ask the vendor what happens in the event of bankruptcy.

1 comment:

  1. Earlier this afternoon, the main Anonymous Twitter account declared, “The government takes down #Megaupload? 15 minutes later #Anonymous takes down government & record label sites. #ExpectUs.”

    The Anonymous group has claimed responsibility for taking down Universal Music, RIAA, MPAA and the DOJ website.

    Anonymous additionally claimed that the current attacks were “the largest attack ever by Anonymous,” with 5,635 participants. Anonymous says that its next target is the FBI’s website.

    Arthur

    ReplyDelete