Top 5 Clever Uses for the Cloud
Stolen from my comment over at LH …
- Launch a Distributed Denial Of Service attack, DDoS
- Setup your own botnet
- Spread spyware
- Release huge password databases
- Release hacks for PS3s
Most of the time, Cloud Computing = Careless Computing.
Just because something is free and easy, doesn’t mean you should actually use it.
OTOH, there are times where using the Cloud makes perfect sense. When you want the widest distribution of data/info possible. In that case, remote, carefree computing is perfect.
When in doubt, don’t put it into the cloud because you can never get it back regardless of what the ToS say. IT security professionals are split on whether anything can be secured in the cloud. Certainly there are ways to accomplish it, but those methods are probably out of reach for individuals. I would have zero expectation of any real security on shared hosts or shared storage, but many people consider me paranoid. If it were your corporate data in the cloud, wouldn’t you want someone who is paranoid validating the security architecture?
Login to Post Comments Suck
You visit a web site and like the article enough to want to post a comment … of some kind. Then the website has a block that prevents you from posting. Comment-blocking. They do this by:
- login required or
- 3rd party service for comments
- non-working captcha
- requiring javascript for commenting of any kind (usually for anti-privacy domains like google.com)
Boo. The internet should be anonymous, if you want it that way. Sometimes you just want to say something without the repercussions to other areas of your life.
If I were not afraid of the repercussions, I’d setup a database of logins to websites that you could use to post with. If I had friends in foreign countries with servers, we could setup a loose federation.
Wouldn’t it be nice if we didn’t have to choose against privacy?
BTW, you can post on-topic comments here without a login.
Cloud Computing is Careless Computing
I was listening to a Linux Outlaws podcast where I heard a quote from Mr. Richard Stallman that caught me as true. I looked up the real quote.
“I suppose many people will continue moving towards careless computing, because there’s a sucker born every minute. The US government may try to encourage people to place their data where the US government can seize it without showing them a search warrant, rather than in their own property. However, as long as enough of us continue keeping our data under our own control, we can still do so. And we had better do so, or the option may disappear.” Here’s the source link.
Careless Computing. Your data is stored someplace else and no longer under your control. A good, clear, and accurate term.
There are good uses of Cloud Computing, but not without lots of very careful thought.
Beware: Open Source Projects and Oracle 4
Update 7/2015 Oracle isn’t screwing just F/LOSS projects, if appears. Is Oracle really forcing enterprise customers to use their cloud?
Seems that MSFT might be doing the same for Office 365 to get higher client counts. At least 1 major company who never intends to use Office 365 got a better license deal just by signing up. They never intend to use the service and are migrating to Postgres and LibreOffice as quickly as possible.
Original Text:
Oracle is effectively killing some of the most important, fantastic, open source and FLOSS tools that we’ve come to depend upon. This is really sad for the FOSS world. It will not be long before these currently open tools disappear because Oracle can’t directly make any money from supporting them. Let me explain.
Oracle is the New Evil Empire
Oracle has never been very friendly to FOSS or FLOSS, but since buying Sun Microsystems, they have effectively killed some of the most important projects.
The Almost Dead List – Some Already DEAD
- OpenSolaris
- ZFS
- MySQL
- InnoDB
- Java
- OpenJDK
- NetBeans
- VirtualBox
- Oracle VM
- GlassFish
- OpenOffice
Here’s a list of FOSS from Oracle that will probably be only useful for historical purposes soon. Most of the leaders for these projects that Oracle got with the Sun purchase have left Oracle after trying to fit into the new corporate culture. Full disclosure: I’ve owned Oracle AND Sun Microsystems stock over the years. Since the Sun purchase, I sold ORCL and haven’t owned any shares on over a year.
If you are currently using any of those tools, you need to make strategic plans for alternates. Oracle *will be killing them off. Some will be saved by creating new FLOSS projected based on the last open license version.
Alternatives for Some
- ZFS – BTRFS
- MySQL – Postgres
- Java – Ruby or C++ (or any number of lesser known languages like D for F#)
- VirtualBox – KVM or VMware Player
- OpenOffice – LibreOffice
Or you can just plan to purchase the right to use the tools at Enterprise Software Costs. Not cheap.
I’m not actively using most of the software listed above except VirtualBox, OpenOffice and MySQL. For those, I have alternatives, but like almost everyone else, change isn’t easy until it is forced on us.
I’m not anti-corporations, but Oracle has not been a good steward and I have no reason to believe they will change. Just look at the handling of the OpenSolaris shutdown. I was a member of a local OpenSolaris UG. The leader was a well known and respected former Sun Systems Engineer, currently working for Oracle. I miss the UG. Oracle has proven they cannot be completely trusted. They are willing to change the rules.
Without the GPL, BSD and similar FOSS licenses, we’d be completely screwed. Now is a good time to donate to the EFF or FSF. A $20 donation will go a long way.
Your Computer is Impacting Foreign Elections
The BBC is reporting that internet connectivity with Burma (Myanmar) has been effectively shut down in advance of the first elections held there in 20 years.
Only 200 PCs Needed
If the BBC report is true, it would only take 200 relatively low speed internet connected PCs to take the country of Burma off line. Let me explain. In the BBC story about Burma, it is stated the entire country is connected to the internet over a 45Mbps link, that’s a DS3 to the network and telecom people. It isn’t much bandwidth for an entire country.
To take any network or servers off line, all that any attacker needs to do is effectively cause your network to be too busy for user connections to get through. Just like a busy signal on your telephone. Doing that’s isn’t very hard.
Only 15 PCs connected with common home bandwidth could take down the country of Burma. That isn’t many PCs is it. Even the slowest broadband connections have 256 Kbps, which means only 200 PCs are needed with that upstream connectivity to take Burma effectively off line. If a botnet controller wanted to attack an IP and they have 100,000 PCs, that translates to 25 Gbps. Most companies, even with large pipes like a Fortune 100 company has, would be taken off line. 200 PCs is a small number and could be quickly blocked, which is why botnet owners have 100,000 – 5M PCs.
Different View of Space Shuttle Costs
In a BBC article about the Space Shuttle Atlantis landing the author mentioned a few statistics.
A Few Statistics
*First flight: 3 October 1985
*Total number of flights: 32
*Distance traveled: 195 million km
*Total number of days in orbit: 294
*Total number of orbits: 4,648
Cost Estimates
So if we assume that each shuttle launch and mission costs NASA about $450M on average, that leads to a few other operational cost numbers.
- $14,400M for 32 flights
- $48.98M for each day in orbit
- $3.1M for each orbit
These are just the costs for Atlantis while on mission. These numbers make my next vacation plans seem tiny. ;)
Disclosure: I was employed by the space shuttle program for 5 yrs and by both the shuttle and space station programs for 3 years. I worked at NASA-JSC in Houston, Tx for both of those jobs.
Burt Rutan (Engineer) on Climate Data
The story is a little old, but it was new to me and I figured many people here would also be interested.
The presentation is by Mr. Rutan, famous aviator and aerospace engineer. Here’s an overview. The full PPT presentation isn’t without flaws, but using longer term temperature and CO2 data, it shows how the presentation that Vice President Gore and other we’re all gonna die people has been selected for effect.
Important Worldwide Treaty That Needs Your Feedback
If you work in media or IT, you’ve probably already heard about ACTA, Anti-Counterfeiting Trade Agreement.
If not, here’s a summary to get you up to speed on it. Hopefully, you’ll contact your Senator, Congress-person and President and let them know you don’t like attempts to bypass your existing methods to pass laws.
A Little Off Topic Today
I read lots of news every day. This morning, this story was found and after reading the headline, my first thought was …
Manage Your Google Data
You can manage your google data here https://www.google.com/dashboard/. This is good. I don’t really use all the google apps, but seeing all the searches I’ve made over the last few years and the trend data, was eye opening. I elected to wipe my data, then pause all future capture of that data.
What other data did the dashboard show? I have removed anything personally identifying below.
Account Name: xxxxxxx Nickname: xxxx Email addresses: xxxxxxx@gmail.com, yyyyyy@yyyyyyyy.yyy Requesting data for Account... Manage account Edit personal information Privacy and security help Calendar Country United States Time zone (GMT-05:00) Eastern Time Requesting data for Calendar... Manage calendars Manage mobile devices Calendar privacy policy Contacts Contacts 58 entries Requesting data for Contacts... Manage contacts Docs Owned by me 1 document Most recent: Weight 2008 on Jun 6, 2006 Opened by me 1 document Most recent: Weight 2008 on Jun 6, 2006 Starred 1 document Most recent: Weight 2008 on Jun 6, 2006 Requesting data for Docs... Manage documents Sharing documents Finance 11 securities in 1 portfolio: My Portfolio 11 securities Portfolio value: $0.00 at Nov 6, 2009 Requesting data for Finance... Manage portfolios Gmail Inbox 11 conversations Most recent: TTTTTTTTTTTTTTTTTTTTTTTT at 7:42 AM All mail 40 conversations Most recent: TTTTTTTTTTTTTTTTTTTTTTTT at 7:42 AM Sent mail 7 conversations Most recent: gmail test on Oct 11, 2009 Spam 2 conversations Most recent: Ref: ssssssssssssssss on Oct 30, 2009 Trash 25 conversations Most recent: New private message has arrived on Oct 18, 2009 Requesting data for Gmail... Manage chat history Manage HTTPS settings Manage all Gmail settings Gmail privacy policy Privacy and security help IGoogle Gadgets installed 10 gadgets Most recent: on Jan 24, 2008 Tabs 1 tab Most recently added: Requesting data for IGoogle... Manage iGoogle settings iGoogle privacy policy Profile About me 2 entries Name: xxxxx xxxxxx Profile URL: http://www.google.com/profiles/pppppppppppppppppppppp Requesting data for Profile... Edit profile Manage sharing of contact info About access and privacy of profiles Talk Contacts 1 contact Sample Contact: zzzzzz@gmail.com Requesting data for Talk... About talk Talk privacy policy Voice History 140 calls Placed calls 4 calls Trash 36 items Forwarding phones 2 phones Requesting data for Voice... Manage Greetings Manage Google Voice settings About privacy and security in Google Voice How voicemails are transcribed Web History Web History: Disabled Requesting data for Web History... Remove items or clear Web History Web History help Web History privacy policy Web History privacy FAQ Other products Google Maps
There was a list of 3rd party sites with access to this data too. I didn’t recall authorizing any of them. Data removed and future 3rd party access prevented.
Major kudos to google for allowing us to manage our data and privacy settings.
I did leave some of the private data out there for use. It isn’t important to me. Your internet use may tell others things that are better not shared. Suppose you search on a medical term because a friend tells you a story about his mother. That search term is saved and tied to your account. What happens if 5 yrs later you end up being medically diagnosed with that illness? Your insurance company may start legal discovery efforts, or just pay google for the data. Now they refuse to cover your treatment since it was a pre-existing condition. Even if you don’t care about this, you know someone who does. What if you search for foods that are bad for you or visit weight loss web sites for 5 years? Expect your insurance company and the govt to have access to this data. If it is stored, it will get out.
It should be noted that if you aren’t logged into your google account, the data captured doesn’t appear to be correlated with your account. That doesn’t mean it isn’t captured by your IP address or a google cookie, stored, and correlated. Further, you can’t manage the data with the dashboard. Google writes about this other data
Today, google is a little less evil. Until they let me remove my data from other peoples’ accounts (contacts, phone calls, email addresses), I’ll still avoid using google with an expectation of privacy.
11/8: The Washington Post Security Fix guy has an article on this now too.
