Cloud Paranoia Does Not Compute
For the last few years we’ve been hearing that cloud computing is the future. Last year I’ve argued that it is already the present, and Apple just further cemented that fact with its iCloud announcement. Apple is making iCloud services available across all of their devices so data created with and stored on one device can immediately become accessible on all the others. This is precisely what represents the biggest draw of cloud computing and where all of its benefits come from, namely effective automatization of data management and access, freeing a considerable amount of time from maintenance for activities that are more meaningful, and which represent the very purpose of having digital devices.
While Apple’s surge into the clouds represents a major endorsement of cloud computing their offering is actually less ambitious than what Google is trying to do with their Chromebooks, whose functionality would be completely dependent on the cloud hosted applications managed with a Google Account, making hardware almost completely irrelevant (just disposable thin clients to the cloud). While I have doubts that Chromebooks will be a major success, due competition from tablet devices that Google itself has a stake in, I think Apple’s iCloud stands a very good chance of success.
Apple’s implementation of the cloud presents less of a revolution and more of a logical evolution of the user experience they’ve been aiming for all along; automate all of the repetitive maintenance tasks and allow the user to focus on the work or play at hand. The iCloud is just another technological extension to that existing paradigm. No more syncing, and as Apple marketing says “no anything required”, “iCloud does it all for you”.
Of course, this trend is not lauded by everyone. There are a lot of people vocally opposing cloud computing and expressing concerns about it, and those concerns mainly center around the idea of entrusting your data (and even applications) to a company you may not exactly want to trust can do a good job at safeguarding it, let alone not abusing it for its own purposes.
Multiple well publicized security breaches of companies that were expected to have tight security practices doesn’t help matters. If hackers can so easily gain access to personal data of tens of millions of PlayStation Network users can’t they gain access to all of their data stored in the various clouds as well? This contributes to the assumption that storing something in the cloud means accepting the possibility that it will get accessed by questionable people with questionable purposes. This is very similar to the old adage that if you want to keep something private simply don’t post it online.
There is also a particular strain of criticism against cloud computing which sees it as a sort of a conspiracy by big corporations trying to make you dependent on the infrastructure they control, and ultimately track your every move so as to be able to tailor their offers and advertisements to your present desires, needs and location.
What this criticism ignores is the role users themselves play in the rise of cloud computing making them into the co-conspirators, and not just the “victims” of a would be conspiracy. If cloud computing didn’t offer anything of value it wouldn’t have taken off. Those who may argue that anything a big corporation pushes should succeed only because of the amount of clout they have should only look at major failures that happen pretty regularly despite the fact that they’re initiatives by the largest corporations in the world. Apple pretty much failed with their MobileMe platform. Google failed with Wave, Buzz, and to some extent Orkut. It doesn’t seem like these companies are completely immune to market movements.
But cloud computing is succeeding in various forms, and that would indicate that it represents something that a sufficient percentage of the masses in the market do want and find valuable.
So what do we make of the security and privacy concerns? I think we should ask how secure our data is in our own hands to begin with. Your computer and hard drives can be stolen. It could get malware that gives some hacker access to your data without you even knowing it, and you alone would have far less expertise on your hand to deal with any potential security breach should it happen. If your data is no less secure in your own hands than it is in the cloud then the whole security-based argument against cloud computing fails.
I think there is a very real possibility that the security argument against cloud computing has more to do with psychology than any real difference in security. Somehow something that is right there on a device you can see and touch with your own bare hands *seems* more secure than something stored on a farm of servers in a distant place. However, if we survey all the facts, this perception may not exactly fit reality.
There is also the question of whether you ever really are a completely independent manager of your data, and if this is even possible. If you use Windows you are effectively trusting Microsoft that they aren’t spying on your activities when you are connected to the internet, including what you do with your data. Same goes for Mac OS X and even Linux. While Linux may be open source, if you’re not surveying the source code yourself on a regular basis you are still to some extent trusting others who do so that they did a good job at preventing anyone from gaining unauthorized access.
I suppose it is ultimately a matter of degrees to which you are going to trust someone, but it doesn’t seem possible to use a computer or do anything with your data without at least some level of implicit trust and an embedded risk, at least if you are an “end user”, and not yourself professionally or as a hobby involved in technical maintenance and development.
Then there is the issue of worst case scenarios. What is the worst that can happen if your data gets leaked while stored in the cloud compared to your data being accessed from your own computer? Which option provides you with more recourse to recover the data and get justice?
This is probably going to be tough to answer, but it should be an interesting question to ponder. It can happen that your data on your computer gets hacked by a random hacker without you even knowing, whereas a company would be more likely to detect such intrusions. Also, hunting down and holding liable a random thief might prove more difficult than getting a company to reimburse you for the damage. Furthermore, if we’re talking about data loss, this is far more likely to happen without any recourse if the data is on your hard drive than if it is stored in a cloud with multiple redundancies.
When all of this is taken into consideration it might just be that the phobia against cloud computing is nothing more than just that; a fear rooted in psychological perception of that which is physically close to you as “more secure” than that which is stored elsewhere and accessed over the network. I do not wish to belittle the importance of privacy and security one bit, just point out that managing them locally doesn’t necessarily carry significant advantages over security in the cloud.
When considering the benefits of cloud computing, which effectively come down to an elimination of a large portion of maintenance and data management in favor of doing what you actually want to do with your digital devices, I wonder if it is worth being so paranoid to wholesale avoid cloud computing.
I think there should be a distinct difference between paranoia towards cloud computing in general and concerns for security of specific cloud computing services. It is more reasonable to evaluate and question the security of a single company or service, and their overall trustworthiness, than to generalize the entire idea of cloud computing as a negative proposition.
For instance, I can very much understand someone being vary of trusting Sony any time soon after recent breaches demonstrated their incredibly lax security practices, but that doesn’t necessarily make cloud computing a bad idea in general. If that was so then the common occurrence of security breaches of various web hosting servers should be a reason to avoid hosting web sites.
Ultimately it should and will be up to every individual to decide what to store in the cloud or whether to use cloud computing at all. I don’t want this article to read as an advertisement of cloud computing or any particular cloud service. I myself have been a fairly light user of cloud services, and the extent to which I’ve used them doesn’t make me worry much. I really wouldn’t consider it disastrous if a few innocuous pictures, notes or sound files “leaked” due to some breach of Dropbox’ servers, for instance.
There is an extent to which cloud services can be used to tremendously make our computing more convenient and efficient without really risking all that much. And those are, after all, what most people will store anyway; photos, music, videos, perhaps some documents, many of the things that a lot of people nowadays share deliberately on the web anyway.
What I merely want to point out is that opting to cut your time and monetary expenses by choosing to use cloud services isn’t necessarily as unwise or dare-I-say “stupid” as some might say it is, at least not any more than believing that things you store on your own local computers is “far more secure”.