Friday, August 10, 2012

Cloudy With a Chance of False Security

It's been barely more than a decade since the internet slipped into our homes in earnest, and even though we're still getting used to it the technology has been moving like a loaded shopping cart going down a hill--there's no telling what direction it's going to go in and it's not going to stop unless it hits something big, in which case there's going to be a major mess.

If you haven't yet heard about Mat Honan's experience of having been epically hacked over on Wired, I suggeest you check it out immediately. It seriously underscores the nature of the online world we're living in today, a world that's snuck up on a lot of us. In short, in the course of an attack by hackers who wanted to seize control of his Twitter account for the lulz, Honan ended up having his digital life deleted. It's the online equivalent of having everything you own wiped out in a house fire, and it's not something I'd wish on anyone.

Nevertheless, when I encountered this news it underscored to me the problems of the ongoing rush to the cloud, to having our own personal information stored on a hard drive in some unknown server farm that might be in a cave on Spitsbergen for all the difference that it makes. Honan shouldn't have been able to have been hacked--his attackers were able to get access to his digital life by exploiting security flaws in Apple and Amazon accounts, but I don't just mean that holes like that should have been patched before anyone had an opportunity to punch a fist through one.

No, I'm more of the opinion that there shouldn't be a case where this sort of damage can be done entirely remotely and online.

Clouds ahead, and we keep flying on.

The idea of the cloud isn't a new one. Following on the heels of tech forecasters, Scott Adams of Dilbert recognized its shadow coming back in 1998, when in The Dilbert Future he predicted the coming challenge of the Network Computer, "a PC with no hard drive (or a tiny one)... [that] downloads software from the Internet and executes it on an as-needed basis." Even then, I thought it was a cheapjack notion; why else would anyone want to surrender control over their own software, their own productivity, their own information? Taking advantage of the cloud for certain specific, occasional tasks is one thing, like renting a car to take a vacation for the weekend when you don't own one yourself. While the state of the internet has improved since 1998--after all, the cloud wasn't feasible technically when everyone was still using dialup, and could get kicked off whenever someone upstairs needed to use the phone--I don't think it's addressed the underlying problems. To me, making use of the cloud for basic, day-to-day stuff feels like living out of a storage locker.

Because it isn't really secure--Honan's story demonstrates that, and just because it's one of the first that doesn't mean it will be the last. Apple has supposedly taken action to patch the security hole that Honan's attackers targeted, but there will always be vulnerabilities waiting to be exploited. The cloud can be easy and user-friendly, but that sort of thing comes at the expense of security. When it comes to my digital life, my important files and photos and so on, I keep them backed up on an external hard drive that is only ever connected to a computer when the backup process is underway. Aside from that, it's an isolated system that can't be reached by any online attack.

I've never trusted the cloud. Purely electronic things on my hard drive are ephemeral enough--the cloud takes this just one step beyond, so that the ephemeral things I use aren't even in something I can control. In the end, the key to security is control.

No comments:

Post a Comment