Tag Archives: slashdot

Privacy, security, and data integrity in "The Cloud"

The following are thoughts I wrote up in anticipation of Thursday’s Ask Slashdot, where I was discussing “The Cloud” with the Slashdot community.

The Question:

“With so much personal data being kept on the cloud, including government and health records, do you have any concerns about it falling into the wrong hands? Do you think the cloud’s benefits are outweighed by continuing security issues?”

I used to be a security “expert” (at least according to my business card), but that was long enough ago, and things have changed sufficiently since then, that I no longer make that claim. However, back then, most of our customers happened to be in healthcare in some form or another, and I was appalled, on a daily basis, how insecure their data was. Any high school kid with some tools could completely own their network servers with very little effort. We hired one of those high school kids, and he frequently did.

Furthermore, with a little sweet talking, or looking under keyboards, we got access to all the stuff that he didn’t. Granted, this was in the days immediately before HIPAA, and in the first days after HIPAA (health care related data privacy/security legislation in the USA, circa 1996 and following, more stringently enforced after about 2002 or so) when people were trying to figure out how to implement the requirements. I naively hope that HIPAA has corrected some of the most glaring of these problems.

It’s hard to imagine that putting data “in the cloud”, whatever that happens to mean in the particular case under discussion, could be any less secure than where they’re already storing your data.

Every time I go to a doctor’s office and have to fill out all the same data, yet again, or when I have to fill out yet another government form with all the same information that they already have, often two or three times on the same set of forms, I think, why, in 2011, do I have to fill out these forms at all, when they already have so much information on me that should be readily accessible? A retinal scan, or even an ID number, should be sufficient to avoid this. Why haven’t we solved this problem yet? (Yes, that’s a very naive position, largely inspired by the frustration of filling out the 8th form while other peoples’ kids run around screaming and sneezing on me.)

One obvious requirement that should be placed on any “in the cloud” service where my medical information is stored is that the software securing it must be Open Source. This should be a requirement that we all demand. If you say that my data is secure, prove it to me by letting me inspect your code, do a security audit, and patch holes that I find.

I’ve long thought that government software should be software of the people, by the people, for the people. If I pay for the development of software that used to run, say, the TSA, then I should have access to that code. And if the IRS is using software to store my data, I should have access to that code so that I can verify that it’s secure, and is calculating my tax refund correctly.

I’m not sure, as a non-lawyer who has never worked as a government contractor, whether such demands are at all realistic or probable, but I still think it’s worth making the demands. While I’m confident that *my* congress critter didn’t understand the letter I sent him on the subject (at least, based on his content-free response), I would encourage you to contact yours, and maybe there’s one out there that would understand.

Now, having said all of that, it’s worth noting that the phrase “in the cloud” is, for the most part, rubbish. Servers “in the cloud” are installed, secured, and maintained, by sysadmins like you and me. Some of those sysadmins are good at what they do, and some of them aren’t. “The cloud” is not intrinsically secure or insecure, because “the cloud” is not a definable entity, as much as the tech press wants it to be. This is a misnomer perpetrated by the poorly-informed press, and not really something that’s based in reality.

Every time we read an article about “the cloud”, it’s useful to take a moment to consider what it actually means in that particular scenario.

Although “the cloud” means “I don’t care where my servers are”, there are in fact actual servers somewhere, and there’s an actual person or team of persons responsible for maintaining that server or servers, and they are either good at their job, or they aren’t. Talking about “the cloud” as though it’s one homogeneous mush of data is nonsense, and leads to all sorts of false conclusions.

Ask Slashdot

I’ll be on “Ask Slashdot” tomorrow, answering questions about “The Cloud” and security. This is not exactly my area of expertise, which hardly means that I am without opinions. Being ignorant gives me free rein to have opinions.

I’m reminded, of course, of the last time I was on Slashdot. You’ll note, if you actually subject yourself to the comments, that practically every comment is either about my choice of Comic Sans font (it actually wasn’t Comic Sans, but another one that looks sort of like it), the fact that the presentation was written in Powerpoint (it wasn’t, actually, it was in Apple Keynote) or the fact that the file is a PDF (guilty).

Now, bear in mind that this was a JOKE presentation, given as a lightning talk at ApacheCon. It was intended to be humorous. It got a standing ovation. People still talk about that presentation at every ApacheCon since then.

Note also, that the PDF file in question is 666k.

You’re not supposed to take this seriously.

But the Slashdot crowd saw it as an opportunity to be superior and cruel, without actually reading what they were commenting about.

My career has wandered many places since then. I’ve changed what I do a number of times, none so large a change as joining Sourceforge. But the ability of commenters, on Slashdot and elsewhere, to be superior and cruel has only grown since then. So, I’m a little trepidatious. (Yes, it’s a word.)