Risks in the Cloud

Channeling Floyd a bit here, I’m reminded of “Get off of My Cloud” by the Rolling Stones.

I’m not a huge fan of the term cloud computing. Not entirely sure why, but I prefer using some variant of service, e.g. service-based computing or SaaS, because including “service” more accurately reflects what’s really going on in the cloud.

Photo by laffy4k from Flickr used under Creative Commons

Photo by laffy4k from Flickr used under Creative Commons

Some company is providing you with a computing service, as opposed to installable media, either for free or for money. In exchange, you agree to T&C that control how your data can be used and sometimes give them money.

Don’t get me wrong. I like services-by-wire as much as the next person, depending on where I’m standing, and I’m not penning a diatribe against them. However, I have noticed a few interesting posts recently that call out some of the common (and not so common) pitfalls of relying too much on the cloud. These are worth reading and sharing for comment.

First, Lifehacker had a post called “The Hidden Risks of Cloud Computing“. Not the most eye-catching title, but one of their hidden risks was an eye-opener. Specifically, that while law enforcement agencies must obtain a search warrant to search your place of residence, including your electronic files, they only need to obtain a subpoena to get access to records of your activity from third-parties. Apparently, they can do so without your knowledge too.

I guess I should have known this based on all the RIAA and piracy stories floating around, but somehow it didn’t stick.

Sure, no biggie if you’re not doing anything illegal, but definitely a privacy concern.

A post from ReadWriteWeb included another new one for me, namely that service providers using virtualization don’t always use data encryption because virtual machines “don’t always have enough access to the random numbers needed to properly encrypt data.”

Yikes.

Of course, most service providers *do* use virtualization because it’s cheap and easy, and you don’t always have any way of knowing who does and doesn’t, unless it’s disclosed by the provider. Some services don’t need encryption, but others, e.g. those that store personal information about you, definitely do need it. Sure, if data are transferred over SSL, you don’t have to worry about over-the-wire as much, but all bets are off if someone has a way inside the provider’s network.

This isn’t normally an easy hack, and I’m not saying that providers are more or less vulnerable to this type of intrusion. Don’t kill the messenger.

Fortunately, these types of attacks are difficult, making them less common and requiring a motivated black hat.

With cloud computing, most of the risks aren’t as difficult and are much more well-known. The two posts include the standard risks that I’m sure you’ve heard:

  • Trusting a single provider too much.
  • Weak security based on easily hacked password recovery processes.
  • Provider lock-in and data ownership.
  • Downtime and data unavailability.

For some things you do online, these issues may not matter, but if they do, you’ll want to be as safe and prepared as possible. For example, what if your social bookmarking provider loses all your data? What if your favorite lifestreaming app is bought by a huge social network? What happens to all your old data? Or say your favorite micro-blogging service doesn’t surface your all your updates in their UI? Are they gone forever?

Generally speaking, most people are lax about backing up their own systems, but when it comes to a service provider, they expect backups and archival history, regardless of whether the service is free or not. Seems a bit ironic, but again, this is why I prefer using the term service when discussing cloud computing.

If you’re wondering, your old tweets aren’t deleted.

This isn’t obvious though, and I’ve seen several posts on how to archive your tweets. Surprise, there are even services that will do this for you. I found a few with a quick search, one of which collects your Twitter credentials and a fee. Personally, I’m not in a hurry to archive my tweets, but I can see value there for others.

Inline sidebar, with nefarious social hacking on the rise, why would you trust a Twitter service provider that doesn’t use Twitter’s OAuth implementation with your credentials?

Sorry, bit of a tangent there.

The point about risk in the cloud remains: the artifacts you create aren’t always yours, unless the T&C say otherwise, they belong to the provider. Good luck exporting your stuff out of these services too, especially the free ones. While exporting tweets isn’t terribly difficult, imagine how much work it would be to get your pictures out of Facebook or Flickr.

Online services rock.

They’re easy and affordable and save you tons of time and effort replicating similar functionality yourself. Even if you’re a very savvy user who wants to maintain equipment and gear in your own mini-datacenter, you’ll probably rely on at least some services in the cloud.

The message here is know the risks.

So, did I miss any? Have any stories to share about services? Am I out of line and paranoid?

Find the comments.

AboutJake

a.k.a.:jkuramot

5 comments

  1. “They’re easy and affordable”. The 'affordability' can be a huge risk in itself. For example, if EC2 doesn't meet the uptime SLA, you get a service credit for the downtime. The amount spent to ensure an SLA is met will differ considerably depending whether you plug your business's potential loss of $10,000 a day against the service providers potential loss of $10 a day.
    Another risk I've read about is hardware seizure. If one of your service provider's other customers is dodgy, you are also at risk. http://www.wired.com/threatlevel/2009/04/data-c

  2. Yeah, downtime is a killer, and an SLA won't protect you from lost revenue due to the provider's downtime. As with most things, companies write off this risk in favor of the bottom line number, until it happens to them.

    I hadn't heard that about hardware seizures. It's actually pretty frightening that the FBI seemed to know nothing about colocation. I hope that was a mistake, or FUD from a party under investigation.

    Funny, the colocation story makes an argument for EC2 when you compare losses 🙂

    Of course, I highly doubt any VC would fund a 90s-style operation whose business plan called for buying its own gear and hardware and staffing its own datacenter under its own operation. No one would do that with their own money.

    Refer again to the bottom line vs. risk hedge.

  3. A later report
    “FBI Special Agent Allyn Lynd…told the court that the owner of the co-location facility was being investigated for fraud and that even though Liquid Motors was not part of the investigation, its equipment might have been used to facilitate fraud by others.”
    For a reputable host, COLO should be safer than VM as at least your equipment is physically separate from other customers. SaaS, where your data may sit right next to a suspect's, would be riskier.

  4. Yeah, but even a reputable colo could fall under this blanket assertion. If someone's doing bad things in your reputable colo, this guilt-by-association taints you too, i.e. you were facilitating the nefarious behavior. And it also taints your innocent customers.

    Although I'm sure the same assumption could be applied to VMs too.

    Plus, it's very specific to the agent/agency and what they request from the judge issuing the warrant. Kinda disturbing.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.