Every cloud has an unknown lining
Off the Beat: Bruce Byfield's Blog
Where cloud computing is concerned, I confess to being a Luddite. I'm not utterly opposed to it, but the conditions under which I would ever store data in the cloud remove most of the reasons that most people would do so.
The usual argument for the cloud is convenience. Storing data in the cloud means that it is always available (assuming your connection is up), and you no longer have to transport files by flash drive or DVD between one computer and the next.
In addition, Matt Harley recently suggested that ChromeOS, which is built around the cloud, has other advantages over local Linux installations. He points out that, because ChromeBooks depend on the Internet, they have no problem with connectivity. But his main contention is that ChromeBooks are idiot-proof. Because they take care of updates for users, the risk of users running into problems when they upgrade are mostly eliminated.
Exchanging Security for Convenience
Harley adds some new points to the discussion, but I am still not convinced. As Harley mentions himself, connectivity is less common a problem on Linux that it used to be. Yet, even if that were not so, the advantage is not exclusive to ChromeOS and is available on any computer that ships with an operating system already installed.
As for being idiot-proof, I have seen too many supposedly routine upgrades go awry to assume that the problems will go away simply because someone else is taking care of them.
Anyway, one of the appeals of Linux has always been that you could learn to maintain your system yourself. You might make fatal errors, but that is part of the learning process, as frustrating as it can be. Eliminating that possibility reduces Linux to just another operating system, differing only on the technical level from OS X or Windows. It leaves users as permanent consumers, without any hope of ever controlling their own computers.
And that, really, is the problem with cloud services and storage: they are only convenient because they remove the responsibility from users. Instead, they ask that users trust the providers -- and, the trouble is, very little is offered to justify that trust.
Short of anecdotal evidence on the Internet, there is next to nothing on which to judge cloud providers. Users do not know who will handle their data, or who will have access to it. If a provider publishes a policy, users have no way of knowing how well it is enforced. Presumably, keeping high standards is in a provider's interest, so that it can continue to attract customers and to satisfy existing ones, but the problem is not that providers are corrupt -- it's that users have no way to know.
Besides, even if providers have repeatedly demonstrated a high level of integrity, accidents can still happen. Yet, if they do, users may not hear of them, nor be in any position to assess their frequency or seriousness.
Yes, problems or accidents can happen on your own server. The difference, though, is that you are more likely to learn about them. At the very least, you can know what steps are taken to prevent them happening again.
In short, the problem in the cloud is the age-old one of convenience winning out over security. From a security perspective, the typical cloud is a disaster in waiting. That may be acceptable if you are a casual computer user -- unless you are storing some embarrassing photos, and, even then you might prefer to preserve your privacy. But if you are acting on behalf of a corporation, or your files have any potential value, you should approach the cloud cautiously. Even if a provider guarantees its own security measures, when you sign up, you are still being asked to trust -- and trust is a poor foundation for any security or privacy.
Holding the Cloud at Arm's Length
I don't go so far as Richard Stallman, who condemns clouds as a proprietary trap to be avoided at all costs. However, if you are going to use commercial clouds, encrypt your data with a key that only you or your company members possess. Better yet, set up a private cloud, and secure it to your satisfaction.
The only trouble with such measures is that the effort they require drains much of the convenience from the cloud. Remembering to encrypt before uploading is a nuisance, and so is setting up and maintaining security for yourself. Yet to act otherwise means taking a calculated risk. Admittedly, the odds are probably in your favor with most cloud providers, but security measures should be based on the worst that can happen, not on the best.
Many people have turned to Linux and free software as a relief from being controlled by proprietary software vendors. Yet, all too often, the irony of working in the cloud for Linux users is that too often they abandon the independence they gained and given their independence to another proprietary company -- and all for no better reason than convenience.
comments powered by DisqusSubscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs
-
Juno Computers Launches Another Linux Laptop
If you're looking for a powerhouse laptop that runs Ubuntu, the Juno Computers Neptune 17 v6 should be on your radar.