(subtitle – My porn is my porn. Go get your own)
(sub-subtitle – Welcome….to YOUR machine)
The web and all of the things it offers up is pretty awesome. I can search for and find just about anything in seconds. Using the web as the “string” I can fire up my laptop – Tin Can #1 – anywhere I can get an Internet connection and connect to my home servers – Tin Can #2 – and grab anything I have stored there. With that same Internet connection, I can make phone calls through the web, watch (some) TV, listen to music, post videos, chat with friends, download files (legally!)…..the list goes on and is virtually endless.
Now, with Web 2.0 being the big buzz thing now, these “entities” want us to move it all to the web. Put your pictures, your documents, your email…..your very lives out on the web. Even Microsoft is doing this albeit, and thankfully, more slowly than others. The promise is to eliminate the need to have a bunch of storage at home and provide access to everything you have anytime, from anywhere. Let these “entities” of the world store it on their servers and provide me access to it remotely. Let them maintain it and promise 99.999% uptime. Let them back it up. Let them guarantee that I can get to my data anytime, from anywhere.
On the surface…..I really do like the idea of moving things into the cloud and allowing me access to data from anywhere in the world. Who wouldn’t want to stop worrying about backing up their own data? For that matter, if I can travel the world without lugging around a laptop because I can drop into an Internet cafe to send email, pay bills, call a friend, download a PowerPoint deck, why wouldn’t I? Laptops are a pain in the ass to carry around. And a bigger pain in the ass clearing security at the airport. If I can do what I need to do on the web, anytime, from anywhere, why wouldn’t I? Moving it all to the web sounds awesome…..on the surface.
There is an obvious flaw with this concept though.
There are a number of considerations here.
1) Can I trust the entity storing my data to lock it down so their own employees aren’t peeking at it? – My porn is my porn. I paid for it. Go buy your own. (consider ‘porn” to be an asterisk and substitute, music, movies, videos, software, pictures, whatever at your own leisure).
2) Can I get a 100% guarantee that my data/information won’t be compromised by their own employees? – This form of identity theft is growing. Employees have access to the data. Why not sell just one social security number to supplement income? (note – the linked article is 3 years old…….3 years! What are the stats now?)
3) Can I get a 100% guarantee that my data/information won’t be compromised by someone from outside their organization? – Three words – “T” “J” “Maxx”.
That covers the things I believe they should be responsible and held liable for. And when I say held liable, I mean if my identity is stolen or compromised, they need to pay dearly for it. I am talking about millions if not billions of dollars. Identity theft is brutal on the victims. It should be brutal on those that commit the crimes AND those that promise to keep it from happening.
There is a much greater item of importance here though.
I still have my own obligation to protect myself and my data. I have to know not to click on the wrong things, open the wrong mail, give my personal information to the wrong people. I have to know not to double-click on the attachment entitled “IamAvirus.exe” just because I don’t believe it an I need proof. Security education is key. Part of that education is knowing that if I can access my data anytime, anywhere…..so can the bad guys.
While the promise of Web 2.0 is “anytime, anywhere” access, there just isn’t enough emphasis on the security side. Part of the anytime/anyplace equation is that you can also do this from any machine. Web 2.0 proponents rarely mention the “any machine” side of this though it is strongly implied. Have you ever used an Internet cafe and logged onto your web email? Your banking site? Your corporate network? If so, there is an increasing chance that you gave your login name and password to the bad guys all on your own. If you don’t own or trust the system you are using, you just don’t know if there is a key-stroke logger installed. You just don’t know if it is truly protected from mal-ware. You just don’t know what is and is not installed to that machine.
That is why I think the web is bad. More specifically why I think pushing everything to the cloud is bad. At least without educating the public about the dangers of using a machine that is not under their control.
The “entities” out there promise anytime/anywhere access and may even claim to guarantee your data is safe. But if you access that data from a machine you don’t trust, you have given away the keys to your kingdom. And you can’t hold anyone liable for that. The “entities” are completely off the hook. That is the part they don’t want you to think about because it punches serious holes in their business models.
It is also why I still store most of my information on MY machines at MY house and only access MY data anytime/anywhere from MY machine and MY machine only. Outlook Web Access is a killer web app…..as long as you logon from your own machine. Hotmail and GMail are also killer apps……as long as you log on from your own machine. Online Banking…..I don’t know how anyone can live without it…….as long as you do it from your own machine. Once you do any of those things from any machine other than your own, you risk granting someone else access.
Maybe there will come a day when the “entities” figure out how to secure the data on the server with 100% certainty. Maybe there will come a day when the “entities” figure out how to secure the logon process from any machine with 100% certainty. Maybe there will come a day when swimming pool magically maintains itself (subject for another post). But until that day, I prefer to keep my data housed safely at home and access it only with a machine that I know I have patched and scanned (and I prefer you do it that way to…..for now). Controlling that environment creates a little more work for me. But I will gladly do that work now to prevent explaining to a policeman knocking on my door that I am not the Chris E. Avis they want to arrest for murder.