Stolen from my comment over at LH …
- Launch a Distributed Denial Of Service attack, DDoS
- Setup your own botnet
- Spread spyware
- Release huge password databases
- Release hacks for PS3s
Most of the time, Cloud Computing = Careless Computing.
Just because something is free and easy, doesn’t mean you should actually use it.
OTOH, there are times where using the Cloud makes perfect sense. When you want the widest distribution of data/info possible. In that case, remote, carefree computing is perfect.
When in doubt, don’t put it into the cloud because you can never get it back regardless of what the ToS say. IT security professionals are split on whether anything can be secured in the cloud. Certainly there are ways to accomplish it, but those methods are probably out of reach for individuals. I would have zero expectation of any real security on shared hosts or shared storage, but many people consider me paranoid. If it were your corporate data in the cloud, wouldn’t you want someone who is paranoid validating the security architecture?
You visit a web site and like the article enough to want to post a comment … of some kind. Then the website has a block that prevents you from posting. Comment-blocking. They do this by:
- login required or
- 3rd party service for comments
- non-working captcha
Boo. The internet should be anonymous, if you want it that way. Sometimes you just want to say something without the repercussions to other areas of your life.
If I were not afraid of the repercussions, I’d setup a database of logins to websites that you could use to post with. If I had friends in foreign countries with servers, we could setup a loose federation.
Wouldn’t it be nice if we didn’t have to choose against privacy?
BTW, you can post on-topic comments here without a login.
I was listening to a Linux Outlaws podcast where I heard a quote from Mr. Richard Stallman that caught me as true. I looked up the real quote.
“I suppose many people will continue moving towards careless computing, because there’s a sucker born every minute. The US government may try to encourage people to place their data where the US government can seize it without showing them a search warrant, rather than in their own property. However, as long as enough of us continue keeping our data under our own control, we can still do so. And we had better do so, or the option may disappear.” Here’s the source link.
Careless Computing. Your data is stored someplace else and no longer under your control. A good, clear, and accurate term.
There are good uses of Cloud Computing, but not without lots of very careful thought.
Oracle is effectively killing some of the most important, fantastic, open source and FLOSS tools that we’ve come to depend upon. This is really sad for the FOSS world. It will not be long before these currently open tools disappear because Oracle can’t directly make any money from supporting them. Let me explain.
Oracle is the New Evil Empire
Oracle has never been very friendly to FOSS or FLOSS, but since buying Sun Microsystems, they have effectively killed some of the most important projects.
The Almost Dead List – Some Already DEAD
- Oracle VM
Here’s a list of FOSS from Oracle that will probably be only useful for historical purposes soon. Most of the leaders for these projects that Oracle got with the Sun purchase have left Oracle after trying to fit into the new corporate culture. Full disclosure: I’ve owned Oracle AND Sun Microsystems stock over the years. Since the Sun purchase, I sold ORCL and haven’t owned any shares on over a year.
If you are currently using any of those tools, you need to make strategic plans for alternates. Oracle *will be killing them off. Some will be saved by creating new FLOSS projected based on the last open license version.
Alternatives for Some
- ZFS – BTRFS
- MySQL – Postgres
- Java – Ruby or C++ (or any number of lesser known languages like D for F#)
- VirtualBox – KVM or VMware Player
- OpenOffice – LibreOffice
Or you can just plan to purchase the right to use the tools at Enterprise Software Costs. Not cheap.
I’m not actively using most of the software listed above except VirtualBox, OpenOffice and MySQL. For those, I have alternatives, but like almost everyone else, change isn’t easy until it is forced on us.
I’m not anti-corporations, but Oracle has not been a good steward and I have no reason to believe they will change. Just look at the handling of the OpenSolaris shutdown. I was a member of a local OpenSolaris UG. The leader was a well known and respected former Sun Systems Engineer, currently working for Oracle. I miss the UG. Oracle has proven they cannot be completely trusted. They are willing to change the rules.
The BBC is reporting that internet connectivity with Burma (Myanmar) has been effectively shut down in advance of the first elections held there in 20 years.
Only 200 PCs Needed
If the BBC report is true, it would only take 200 relatively low speed internet connected PCs to take the country of Burma off line. Let me explain. In the BBC story about Burma, it is stated the entire country is connected to the internet over a 45Mbps link, that’s a DS3 to the network and telecom people. It isn’t much bandwidth for an entire country.
To take any network or servers off line, all that any attacker needs to do is effectively cause your network to be too busy for user connections to get through. Just like a busy signal on your telephone. Doing that’s isn’t very hard.
Only 15 PCs connected with common home bandwidth could take down the country of Burma. That isn’t many PCs is it. Even the slowest broadband connections have 256 Kbps, which means only 200 PCs are needed with that upstream connectivity to take Burma effectively off line. If a botnet controller wanted to attack an IP and they have 100,000 PCs, that translates to 25 Gbps. Most companies, even with large pipes like a Fortune 100 company has, would be taken off line. 200 PCs is a small number and could be quickly blocked, which is why botnet owners have 100,000 – 5M PCs.
In a BBC article about the Space Shuttle Atlantis landing the author mentioned a few statistics.
A Few Statistics
*First flight: 3 October 1985
*Total number of flights: 32
*Distance traveled: 195 million km
*Total number of days in orbit: 294
*Total number of orbits: 4,648
So if we assume that each shuttle launch and mission costs NASA about $450M on average, that leads to a few other operational cost numbers.
- $14,400M for 32 flights
- $48.98M for each day in orbit
- $3.1M for each orbit
These are just the costs for Atlantis while on mission. These numbers make my next vacation plans seem tiny. ;)
Disclosure: I was employed by the space shuttle program for 5 yrs and by both the shuttle and space station programs for 3 years. I worked at NASA-JSC in Houston, Tx for both of those jobs.
The story is a little old, but it was new to me and I figured many people here would also be interested.
The presentation is by Mr. Rutan, famous aviator and aerospace engineer. Here’s an overview. The full PPT presentation isn’t without flaws, but using longer term temperature and CO2 data, it shows how the presentation that Vice President Gore and other we’re all gonna die people has been selected for effect.
If you work in media or IT, you’ve probably already heard about ACTA, Anti-Counterfeiting Trade Agreement.
If not, here’s a summary to get you up to speed on it. Hopefully, you’ll contact your Senator, Congress-person and President and let them know you don’t like attempts to bypass your existing methods to pass laws.
You can manage your google data here https://www.google.com/dashboard/. This is good. I don’t really use all the google apps, but seeing all the searches I’ve made over the last few years and the trend data, was eye opening. I elected to wipe my data, then pause all future capture of that data.
What other data did the dashboard show? I have removed anything personally identifying below.
There was a list of 3rd party sites with access to this data too. I didn’t recall authorizing any of them. Data removed and future 3rd party access prevented.
Major kudos to google for allowing us to manage our data and privacy settings.
I did leave some of the private data out there for use. It isn’t important to me. Your internet use may tell others things that are better not shared. Suppose you search on a medical term because a friend tells you a story about his mother. That search term is saved and tied to your account. What happens if 5 yrs later you end up being medically diagnosed with that illness? Your insurance company may start legal discovery efforts, or just pay google for the data. Now they refuse to cover your treatment since it was a pre-existing condition. Even if you don’t care about this, you know someone who does. What if you search for foods that are bad for you or visit weight loss web sites for 5 years? Expect your insurance company and the govt to have access to this data. If it is stored, it will get out.
It should be noted that if you aren’t logged into your google account, the data captured doesn’t appear to be correlated with your account. That doesn’t mean it isn’t captured by your IP address or a google cookie, stored, and correlated. Further, you can’t manage the data with the dashboard. Google writes about this other data
Today, google is a little less evil. Until they let me remove my data from other peoples’ accounts (contacts, phone calls, email addresses), I’ll still avoid using google with an expectation of privacy.
11/8: The Washington Post Security Fix guy has an article on this now too.