Every cloud has an unknown lining
Off the Beat: Bruce Byfield's Blog
Where cloud computing is concerned, I confess to being a Luddite. I'm not utterly opposed to it, but the conditions under which I would ever store data in the cloud remove most of the reasons that most people would do so.
The usual argument for the cloud is convenience. Storing data in the cloud means that it is always available (assuming your connection is up), and you no longer have to transport files by flash drive or DVD between one computer and the next.
In addition, Matt Harley recently suggested that ChromeOS, which is built around the cloud, has other advantages over local Linux installations. He points out that, because ChromeBooks depend on the Internet, they have no problem with connectivity. But his main contention is that ChromeBooks are idiot-proof. Because they take care of updates for users, the risk of users running into problems when they upgrade are mostly eliminated.
Exchanging Security for Convenience
Harley adds some new points to the discussion, but I am still not convinced. As Harley mentions himself, connectivity is less common a problem on Linux that it used to be. Yet, even if that were not so, the advantage is not exclusive to ChromeOS and is available on any computer that ships with an operating system already installed.
As for being idiot-proof, I have seen too many supposedly routine upgrades go awry to assume that the problems will go away simply because someone else is taking care of them.
Anyway, one of the appeals of Linux has always been that you could learn to maintain your system yourself. You might make fatal errors, but that is part of the learning process, as frustrating as it can be. Eliminating that possibility reduces Linux to just another operating system, differing only on the technical level from OS X or Windows. It leaves users as permanent consumers, without any hope of ever controlling their own computers.
And that, really, is the problem with cloud services and storage: they are only convenient because they remove the responsibility from users. Instead, they ask that users trust the providers -- and, the trouble is, very little is offered to justify that trust.
Short of anecdotal evidence on the Internet, there is next to nothing on which to judge cloud providers. Users do not know who will handle their data, or who will have access to it. If a provider publishes a policy, users have no way of knowing how well it is enforced. Presumably, keeping high standards is in a provider's interest, so that it can continue to attract customers and to satisfy existing ones, but the problem is not that providers are corrupt -- it's that users have no way to know.
Besides, even if providers have repeatedly demonstrated a high level of integrity, accidents can still happen. Yet, if they do, users may not hear of them, nor be in any position to assess their frequency or seriousness.
Yes, problems or accidents can happen on your own server. The difference, though, is that you are more likely to learn about them. At the very least, you can know what steps are taken to prevent them happening again.
In short, the problem in the cloud is the age-old one of convenience winning out over security. From a security perspective, the typical cloud is a disaster in waiting. That may be acceptable if you are a casual computer user -- unless you are storing some embarrassing photos, and, even then you might prefer to preserve your privacy. But if you are acting on behalf of a corporation, or your files have any potential value, you should approach the cloud cautiously. Even if a provider guarantees its own security measures, when you sign up, you are still being asked to trust -- and trust is a poor foundation for any security or privacy.
Holding the Cloud at Arm's Length
I don't go so far as Richard Stallman, who condemns clouds as a proprietary trap to be avoided at all costs. However, if you are going to use commercial clouds, encrypt your data with a key that only you or your company members possess. Better yet, set up a private cloud, and secure it to your satisfaction.
The only trouble with such measures is that the effort they require drains much of the convenience from the cloud. Remembering to encrypt before uploading is a nuisance, and so is setting up and maintaining security for yourself. Yet to act otherwise means taking a calculated risk. Admittedly, the odds are probably in your favor with most cloud providers, but security measures should be based on the worst that can happen, not on the best.
Many people have turned to Linux and free software as a relief from being controlled by proprietary software vendors. Yet, all too often, the irony of working in the cloud for Linux users is that too often they abandon the independence they gained and given their independence to another proprietary company -- and all for no better reason than convenience.
comments powered by DisqusSubscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
The Gnome Foundation Struggling to Stay Afloat
The foundation behind the Gnome desktop environment is having to go through some serious belt-tightening due to continued financial problems.
-
Thousands of Linux Servers Infected with Stealth Malware Since 2021
Perfctl is capable of remaining undetected, which makes it dangerous and hard to mitigate.
-
Halcyon Creates Anti-Ransomware Protection for Linux
As more Linux systems are targeted by ransomware, Halcyon is stepping up its protection.
-
Valve and Arch Linux Announce Collaboration
Valve and Arch have come together for two projects that will have a serious impact on the Linux distribution.
-
Hacker Successfully Runs Linux on a CPU from the Early ‘70s
From the office of "Look what I can do," Dmitry Grinberg was able to get Linux running on a processor that was created in 1971.
-
OSI and LPI Form Strategic Alliance
With a goal of strengthening Linux and open source communities, this new alliance aims to nurture the growth of more highly skilled professionals.
-
Fedora 41 Beta Available with Some Interesting Additions
If you're a Fedora fan, you'll be excited to hear the beta version of the latest release is now available for testing and includes plenty of updates.
-
AlmaLinux Unveils New Hardware Certification Process
The AlmaLinux Hardware Certification Program run by the Certification Special Interest Group (SIG) aims to ensure seamless compatibility between AlmaLinux and a wide range of hardware configurations.
-
Wind River Introduces eLxr Pro Linux Solution
eLxr Pro offers an end-to-end Linux solution backed by expert commercial support.
-
Juno Tab 3 Launches with Ubuntu 24.04
Anyone looking for a full-blown Linux tablet need look no further. Juno has released the Tab 3.