More Leaks, Less Faith in Cloud Services

Earlier this week Dropbox unwittingly offered a special deal: For four hours you could access  content in anyone’s Dropbox folder. All you had to do was enter a bogus password.

LeakIt’s unclear how many people took advantage of the offer. And while we don’t know where the leaked information about the new iPhone 5 came from, it’s entirely plausible that Steve Jobs or some other Apple employee had some interesting material in their Dropbox.

“This should never have happened,” Dropbox wrote on its blog, stating the obvious.

But it did happen. What it points to is a fundamental problem with the cloud that nobody seems to be addressing: Cloud computing is vulnerable to hackers and mistakes from cloud providers.

“Any trust in the cloud is too much trust in the cloud — it’s as simple as that,” said Dave Aitel, president and CEO of security firm Immunity Inc, as reported by CNN. “It’s pretty much the standard among security professionals that you should put on the cloud only what you would be willing to give away.”

Meanwhile, Apple is gearing up its new iCloud service, which is predicted to debut with 150 million subscribers. And Google is launching new Chromebooks that rely entirely on Gmail, Google Docs and other cloud services. Can we expect air-tight security from these? Most likely not.

“Clouds will have downtime—it’s a fundamental issue,” said Andi Mann, chief cloud strategy guru at CA Technologies, in eWEEK: “You need to be ready for downtime, whether it’s your own infrastructure or cloud infrastructure. You need to understand what the risk is. It’s all just about risk management.”

Solid risk management for the cloud? It sounds a lot like measured gambling under the circumstances. Even a company as large as Amazon has had its problems, with a recent outage that shut down websites like Foursquare, Quora, Reddit and Hootsuite.

The New Yorker wrote about America’s culture of “innovative consumption,” or rather our desire to adopt new advances and how it drives innovation in technology. However, it’s also a precursor to short-sighted adoption. We know the public is ready for the cloud, but are the cloud providers ready for the cloud? Time will tell.

No Responses to “More Leaks, Less Faith in Cloud Services”

  1. Bhavesh Jariwala

    I think the point of cloud here is completely mistaken ,

    1. The security feature is like a paid service that will come with cloud , again as everything else this will be a paid service .

    2. Downtime , it all depends on what you buy , if you buy a clustering service in cloud you are less likely to have downtime ,and again somedowntime are competely unavoidable as we still do not live in a perfect world … do we ?

    3. Security is a over hyped term when it comes to cloud services , with the numbers i have and with my personal experince i think it is till better 90 % then running it from your own hardware.

    • D Addison

      I disagree with your statement; you appear to be snakeoil salesman if you think the cloud is some secure infrastructure or better than running from one’s own hardware. We tend to trust these service providers with our jewels and then throw a fit when it all goes awry. I think cloud computing is a good insecure concept — it’s just a cost saving measure and does not offer solid and reasonable security measures. And for your information, security is not an over-hyped term — you must be living a vacuum.

      How can something that’s publicly available to everyone (cloud) be safer or more secure than something that is restricted to limited number of people.. ?

      Here’s a universal rule – “Risk increases in direct proportion to use” (the more you do soemthign the greater the chances of something going wrong — hence one of the reasons why if you drive frequently your likelihood of being in an accident are higher, especially is more people are using the roadway together with you) and there is more use in the cloud and very little attribution than there would be in a closed system — get it together before you make comments like that about security.. 18 years – info security experience

      I don’t think the writer was saying there won’t be downtime, i think it’s a matter of probability — there will be more downtime in the cloud than in a closed system that has some reasonable clustering and not exposed to a whole world.. that’s a FACT!