The Cloud Is a Lie

Page 3 – Poof Goes Your World and Your Security, and Digital Serfs

Poof’d goes your world

This software-as-a-service-backend category is really a big deal. Software developers use such platforms to manage their app and user data. If all the above is not bad enough, what happens when a cloud service development platform shuts down? Those support thousands of apps/devices/services/sites and uncounted users.

Worshipping the Cloud
Worshipping the Cloud

Well, potentially, it could brick thousands of apps/services/devices. Think it can’t happen? You think that software-as-a-service-backend platforms developers use to manage their own apps/devices/services/sites will be around forever? Services like Amazon web services? Think again. it’s already happened with Cisco’s Intercloud and Facebook’s Parse. The demise of those platforms sent a lot of app developers scrambling for a new back end; and not all of those reliant apps/services were updated, and many are now dead.

Look at all those services, all that user data in all the above cloud categories. It’s all gone. In many cases gone with no notification or chance for you to get your data back or delete it. But don’t worry, although you couldn’t get to that data, in many cases that data was resold. The new owners—still not you—will get to control and exploit that data any way they like. Who knows, maybe some of their hacker friends will have a good laugh exploiting all your most intimate data details.

Poof’d goes your security

With regard to security, take a look at the idiocy of people using Dashlane, LastPass and other online password managers.

If the Chinese, Russian mob, or some other uber hacker group want your information, they’ll get it. There is almost nothing you can do against a committed hacker’s attack other than having no online presence. And, if they really want your information, they can always find you, club you over the head, and get what they want.

No one cares about you or your individual information, and the odds of you personally being targeted are very low.  Dashlane, LastPass and others, however, are treasure trove motherloads for hackers.

Hackers are continuously trying to hack these big cloud services. And I guarantee they’ll eventually succeed—again. As such, your data and passwords are much more likely to be sucked up in a service breach than to have a hacker specifically target you and your local 1Password manager.

Worse, those services aren’t likely to immediately tell you of a breach. So you won’t even know you’ve been compromised.  Dropbox, Lastpass, Microsoft, Yahoo, and Google, have all taken a long time before telling you about their breaches.

Hackers are minor league in compromising user data when compared to the companies themselves.  As they shut down services, go bankrupt, and/or get bought out, companies broker your data—and you—like so much chattel. When transitioning data from a failed venture, maintaining security of user data is not exactly the top-most concern.

Most of their user agreements basically amount to letting you know WE OWN YOU. But even if they don’t fully say that, once the service is shuttered and/or sold, the next owner will own you even more. With most cloud services, the ultimate product is you.

Digital serfs and the cloud is a lie

Yet, Silicon Valley and most idiot tech pundits want you to be a 2nd class citizen. They shovel cloud garbage down your throat because they know you’re too stupid to care or understand. They’re teaching your kids to be the silicon peasant class by educating them on Google docs. Because it’s OK to give up all your data, and your kids data, to save a few hundred bucks on software in exchange for owning you and your kids for life.

You’re too busy to fight for your kids and school district. It’s fine that all your kids’ thoughts and Google Docs assignments are in the cloud, and that they get hooked on using free crap software, brainwashed into not questioning it. Not only will Google and Facebook own them (knowing more about your kids than you), but once those cloud services are hacked, so will the hackers.

But what do you care, you saved $300 buying some piece of crap Chromebook instead of a laptop where they own their own data, selling out your own kids because you’re both cheap and stupid. They know you’re stupid, they’re counting on it, and frankly, they don’t have to worry about it. You’re that predictable.

Do as we say, not as we do

And yet, in the richest schools, you won’t see Google docs. You’ll see real computers and parents who don’t sell their kids out to the cloud.  And if you go to the elites in Silicon Valley, you’ll find “personal clouds” where people run their own servers (e.g., Synology) maintaining their own data.

The best lawyers and law firms will not put client data in the cloud. They know getting a subpoena to make a third party turn over client data is easier than getting a law firm to turn it over.  Those people are not dopes. Not like you.

So what will you do?  Not a damned thing. You don’t have the brain capacity to figure anything out yourself. They own you with every like, and you’re just fine with it. And they get you to do what you’re told because they know how. So go and sign up for another cloud service, you know you want to. They buy you for just the cost of a few clickbait clicks. You’re a digital serf. Bought and sold, cheap. You’ll believe what you’re told. And you believe in the cloud.

28 thoughts on “The Cloud Is a Lie

  • https://hardware.slashdot.org/story/21/03/15/2023254/cricut-decides-to-charge-rent-for-people-to-fully-use-the-cutting-machines-they-already-own

    Cricut Decides To Charge Rent For People To Fully Use the Cutting Machines They Already Own
    “Probably the best known brand of cutter comes from Cricut, and that company has dropped a bombshell in the form of an update to the web-based design software that leaves their now very annoyed users with a monthly upload limit of 20 new designs unless they sign up for a Cricut Access Plan that costs $9.99 on monthly payments. “

  • John:

    I think you’re right. We’re agreeing past each other.

    I had not appreciated the important distinction in your argument of ‘reasonable expectation’, and concur with that; thus my examples with a binary expectation of ‘dead’ or ‘alive’ was not apt.

    Thanks for the clarification.

  • Wab95, you make a lot of good points but we still disagree.

    Deleting on your drive is not a promise that it’s unrecoverable. Now if secure delete left your files recoverable (because apple just didn’t bother to actually secure delete the files) that would be different. Here, a company set out policy that people rely on. I’m pretty sure this is an oversight, but that’s exactly my point. The cloud is full of these “oversights” because frankly, the people that manage them are in best case ‘human’ most likely just don’t care about your data like you do, or sadly, in many case creeps that mine your data for less than honorable purposes. Perhaps we are agreeing past one another, but I see things differently between “here, have at this, no representations made, vs, we are representing a certain behavior (yet note even living up to that.”

    And you are stretching things (I approve 🙂 to make a point, but the examples I gave of failed cloud services weren’t ‘stretched’ beyond reasonable exceptions. Yes, a secure wipe would require over 30 passes on a hard drive; it requires only a single overwrite on an SSD however. So while true, secure wipe (I’m guessing on OS X is either one or 3 overwrites and not 30) but in that case you’re stretching things to the point people have to get out an electron microsope to recreate your data. So by most reasonable standards, the company can be fairly viewed as doing a decent job to live up to most reasonable people’s expectations.

    Not so with the cloud services, turning off the service and killing all your data is not what most reasonable people would expect. That’s part of the point of the article, is to bring awareness of just how far off the services behave and treat your data from what many reasonable people would expect. And your other field examples are also going, IMO, beyond reasonable expections. One expects seat belts to help you in a crash, no one expects to survive a Thelma & Louise drop off a cliff with their seat belts. Countered with the examples I gave on the cloud, I’d argue almost everyone of them go against what the reasonable person would expect. No one expects their Coin 2.0 card to be useless less than a year after getting it because the cloud server dies. No one expects that all the music they bought suddenly is going to be inaccessible. No body expects all the data they put into a document management system becomes inaccessible and not exportable. So relying on the edge cases elsewhere, and comparing that reasonable expectations on the cloud side, IMO is a bit apples and oranges. Of course, YMMV.

  • John:

    At the risk of starting a flame war, which I am not attempting, and which I think you’re above in any case, let me use the Apple Notes deleted data recovery piece, which you cite, as an illustration of why the cloud is not a lie in my view; merely a very human, and therefore imperfect, creation. I pose this as food for thought in the wider context the process by which technology, and life writ large, improves. I do this because I think you’ve raised an important topic with broader relevance beyond that of the cloud.

    To argue that, because a file deleted on a cloud service can still be recovered long after it has been deleted proves that the internet is a lie is to argue that, because a file deleted from your computer hard drive – even when you use the secure delete option – can still be recovered by law enforcement or spooks using forensic tools, personal computing is also a lie. Tech companies are lying to you when they lull you into the belief that you’ve deleted your files. Or that, when a tech company provides a security patch to your OS, if security the OS can still be breached by bad guys, be they criminals, state actors or otherwise, then OS security – indeed operating systems – certainly their purported security, are a lie. It follows then that if one is searching the web in stealth mode or using a VPN, and a determined actor or agency can still uncover your searches or capture your searches in real time, then web privacy or perhaps the entire web is a lie.

    Indeed, this line of reasoning can be (and has been) applied to whole other industries, and in my view, is no more true in those instances than in this one. If one uses seat belts and air bags in a car, and is subsequently involved in an accident that results in injury or death, it doesn’t prove that these safety devices are a lie. The fact that one can use preventive health services, and studiously follow recommended good health practices, and still succumb to an acute or even chronic illness does not prove that preventive health services are a lie. If one has state of the art surgical excision, chemotherapy and radiation for a cancer, and then 5 years later that cancer returns and results in death, it does not prove that cancer treatment is a lie.

    In all of these cases, the only thing proved is that these services and disciplines are limited, and can be defeated by what we have not anticipated or to which our current state technology cannot effectively respond. This is the realtime natural selection, or Darwinian forces if you will, at play; an arms race played out in both the natural world and the digital world, between predator and prey. If the prey gets faster, the predator adapts by having greater endurance (canines) or switching tactics altogether and going for ambush (felines). Every adaptation is met with a countermeasure in an endless evolution driven by competition for fitness and a competitive edge. In the end, however supremely adapted or fit, those adaptive defences whether natural or manmade can still be defeated by overwhelming force or the unexpected or previously never encountered.

    A cynic can argue that, therefore, all life and existence is a lie or a sick joke (they have throughout recorded history). Alternatively, one can take the Darwinian angle and, correctly in my view, observe that this is the process by which we either become more fit and evolved, or perish. We’ve already seen this in the digital world with hardware, OSes and apps. Can they still be defeated? Sure they can, and are. Everyday. Is it a surprise that this should apply to the still newer industry of cloud computing and services? Hardly. Indeed, one should expect an infant industry to struggle, as do organic infants, with fighting off assaults to which their adaptive immunity is immunologically naive and immature.

    Underlying each of these examples is the hard truth that it is only by the process of engagement, and a willingness to use and ultimately expose the limits of the imperfect that we are led to the next stage of a superior solution. Non-engagement, which a cynical view could encourage, is an evolutionary dead end. NB: I’m not suggesting that this your recommendation. Rather, this is a caution against that conclusion.

    I also think it’s important to disaggregate questions around data security and those of ownership. These are two separate sets of vulnerabilities, which although they can have some overlap, are nonetheless distinct issues that will require distinct adaptive responses. Because we are a species that values our survival (individuals may vary in their will to survive), and we are still in the early days of our digital evolution, I have no doubt adaptive responses and countermeasures will resolve many of the specific issues we face today (like deleted files), and present us with yet new challenges.

    Ad infinitum.

  • AWH, ah! I see. That’s a good question. The problem is the variety of services make uniformity difficult to create and FDIC. Money is relatively easy, you just want it back if it goes poof’d. But I supposed that at least partially applies to your data. So, here are a few things that would be good for the cloud: having your data encrypted and non-actionable by anyone but you, companies being required to allow you to always get your data out and for you to delete it before they shut down, companies having to provide some sort of data export for any data you create (in both their native file format, and at least one interoperable format–at the very least, tab delineated data), device and software makers must provide you a local version of their server software so you can self host so your hardware devices can continue to work…

    Some of the above just does not sound realistic. Personally, I think the solution to the ‘cloud’ is to maintain your own data. Get your own ‘personal’ cloud like a synology box where you continue to own your data and manage it. You’ll see that many of the most tech literate people do exactly this.

    WAB95, we disagree. Just because something is here to stay, doesn’t make it truth…politics are also here to stay, but often there is little truth involved. As for obselecnce, you make a good point, but many cloud companies and services are operated on whim and caprice; i would argue many mac users have laptops that are older than the half life of most of the cloud services in the above list. As for a demographic change that might change our laws (e.g., reverse clickwrap laws that give away your data, require encryption and some of the things I noted above), well it could happen, but in the mean time, you have to survive 20+ years (and frankly, I won’t hope for a good change to be a come’in, but I’m an old cynical bastard). 😀

    The cloud is a lie. IMO, you ignore that at your peril. That said, I do think personal cloud/server solutions are the answer here. Just like Apple made personal backup brainless with TimeMachine, I think they could do the same for personal cloud services. Synology is a step in that direction, although it’s a bit too techy for grandma, it shows promise. A company like Apple could take the Synology UI and experience to a new level that would let people provide themselves at least some of these basic cloud services with little knowledge.

    I can imagine many/most iCloud services being run as apps on a synology service, and all the user has to do is turn on the ‘on’ switch like they do with TimeMachine, and your data goes to your own personal cloud server, instead of up to apple’s servers.

    Thank you both for your very thoughtful comments, you’ve really helped advance the topic and made me think a good bit more on the issues… Much appreciated!

  • John:

    You’ve made an excellent argument about two things, that: 1) one should not become complacent about any single data storage or backup option, particularly one that is proprietary and subject to competitive market forces, but that we should regularly, proactively manage those options, and; 2) given the current state of technology and law, companies (cloud services or otherwise) can abuse your privacy, compromise your security and do you untold harm. Agreed.

    Neither of these excellent and well-aimed arguments, however, prove or even suggest that the cloud is a lie. Indeed, the cloud is a clear, present and future reality. It will only be replaced by something more capable in granting us convenient access to data, otherwise it’s here to stay. The cloud is truth.

    Certainly, the assumption that a particular service is permanent, or that cloud-based services overall cannot be compromised by mismanagement or malfeasance, is dangerous and unfounded.

    Regarding hardware obsolescence, the cloud is not the only brick factory. The relentless advancement of technology is assaulting our stable of devices from every side, and compelling us to (gasp) read, stay current on emerging options and upgrade to newer solutions. As one who is required to maintain paper records on clinical trials that are subject to FDA approval for up to 15 years, I can tell you that not even paper is safe from degradation and loss, and is very costly to preserve. I’ve even had CDs get eaten by tropical bugs; go figure. Any stored file that is not being actively managed is toast; it’s just a matter of time. That’s no exoneration of the cloud service mismanagement (customers should always be given a heads up and the opportunity to retrieve their data); merely a reminder that cloud-based options operate in an environment of ‘laissez faire’ capitalism. What could possibly go wrong?

    Your point about consumers being acclimatised to a lack of data ownership and to digital serfdom, I think you’re absolutely correct that this is the value proposition on offer particularly from business models that make us the product. We don’t have to accept the offer. Unfortunately, not enough push back is happening from consumers, a critical mass of which are people too young to have assets that they yet value protecting. Transitions theory and observation suggests that this will change in time as this population ages and assumes greater responsibility and risk, just as boomers who once wanted nothing to do with ‘the system’ are today’s most vocal advocates for entitlements. Until a critical mass demand a change in this relationship, there is little incentive for it to change.

    The remaining piece of this is law. Legislators, without that public pressure, are unlikely to volunteer altering that balance of ownership, particularly in the absence, in the USA, of campaign finance reform. And while I would put little stock the latter happening anytime soon, history suggests that an inevitable demographic transition, commingled with the perception of unacceptable risk, will pressure that change, though probably not in time for this present generation of users. We’re on our own; providing us with not only risk, but the opportunity to shape that future. Personally, I relish that opportunity.

    In the meantime, the cloud, just like the truth, is out there.

  • That was kind of my point – what would be the equivalent of FDIC insurance for the cloud? Mandatory local backups of data? A Bill of Data Rights? Because we can rely on legislators to side with the little people, right?

    It’s no wonder people are reverting to analogue.

  • Well for one, your money is FDIC insured, and similarly so are your equities. Whereas many if not most cloud services operate not only with no such safety net, many seem to dangle your data by a thread over a pit of molten lava filled with fireproof lions and tigers and bears…

  • Thank you for such a well-researched piece – timely and necessary. But think for a moment – how is this any different from other ‘cloud’ services you’ve been using all your life? You work, you exchange your time and labour for some imaginary entity called ‘money’, which (unless you’re Captain Fantastic) you then keep it in a bank, or invest wherever. All the time it is nothing more than a string of bits held on some server somewhere or an entry in a ledger. And up until 2007/8 you never gave it a second thought. Why? Because trust in the financial industry is deemed essential to society and the industry is thus regulated, with governments guaranteeing ordinary people (up to a point) in the interests of keeping society running and preventing anarchy. And you would find it a whole lot more difficult to get things done without it.
    And the financial industry, in return for looking after our ‘money’, whatever that is, takes its cut by performing the essential function of lending that money out – not much different from cloud providers making hay off our data.

    So I guess my point is, isn’t it about time cloud services were regulated in some way so that our data remains our own and its integrity is guaranteed by law? No doubt vested interests will fight such a proposal tooth and nail. But surely as the cloud becomes more embedded in society’s day to day needs, governments have to wake up and provide a counterbalance to the one-sided interests of the cloud service providers. Or do we leave the net alone to be self-regulating? Seems to be working out just fine so far…

    I could go on, but I feel the need to check on my BitCoin wallet…

  • Wall Street has a different opinion of the cloud. It’s like any company that has cloud services has unlimited revenue potential. All Wall Street ever talks about is AWS. AWS this and AWS that. Amazon has hitched on to bottled lightning. It seems the only major tech company that isn’t going after cloud services is Apple. I’m really surprised Apple hasn’t tried to go after some cloud services if there’s so much unlimited revenue in that business.

    Listening to Wall Street, I honestly thought there was so much low-hanging fruit that was easily picked by any company with cloud services. It’s pretty obvious by now that AWS can’t possibly fail so in that particular case, I suppose the cloud isn’t a lie.

  • What about Cisco, Facebook, Symantec, Dell, Samsung, Microsoft. Were those not large enough companies that still pulled the plug on many of their cloud offerings (see the above list). Apple, beyond Ping, hasn’t had the most stellar history either: eWorld, iTools, .Mac, MobileMe (yes some of those morphed over, but lots of the services didn’t make it to iCloud).

    And, there is a difference between saying “The Cloud Is a Lie” and “never use the cloud.” The point is to give a bit of a red pill to the population about the cloud. But as always, YMMV!

  • There is some truth in this.
    But you’ve gone too far the other way.
    Yes music and software as service through the cloud is a bad deal. But using the cloud as ONE PART of your data strategy is a good thing. I use the cloud for backing up and sharing data, but also keep local copies of things.
    Also not all cloud services are prone to disappearing in the dark of night. I have no qualms about using iCloud because Apple is not likely to vanish. Apple also has the toughest security for their services of anyone. They are a totally different animal from Nervex or Cubby.

    Cloud services are like any other service, there are good operators and bad ones. Also they are good for some things and not for others despite what their sales departments say. I don’t think you can just reject them all for any use with a blanket “the cloud is a lie” statement. That’s a bit too luddite.

  • I can’t argue with any if this and have felt this way ever since cloud services were first announced. I don’t rely on them for anything but trivial, non-sensitive backups. I would further argue that an awful lot of, if not most of what tech companies are offering/planning/working on these days is similar hoodwinkery. They can pry my backup drives out of my cold, dead, fingers, and my personal files and data will never reside soley on their servers, if at all. Thanks for having the cojones to write this, John – exposing the emperor’s nakedness is not a popular stance at present.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.