The Cloud: Convenient Until a Stranger Nukes Your Files

jfruh writes "Thanks to a plethora of cloud storage accounts, Dan Tynan thought his days of carrying a thumb drive around with him and worrying about email stripping out his attachments were over. But that was before he discovered that his Box.com account and all the files in it had vanished without a trace. With tech support coming up empty, Tynan had to put on his journalist hat to track down the bizarre sequence of events that ended with his account handed over to another user, who didn't ask for it and didn't even know who Tynan was."

The Cloud will save us all!

[Sarten-X]

Cloud services take all of your IT problems, and give them to someone else, period. A cloud is not inherently going to fix your problems, or make them worse, but just delegate them to someone who may or may not be able to handle them better.

Re:The Cloud will save us all!

[TWX]

Another issue with handing problems to consultants or third-parties, even if those companies have an interest in taking care of your problems, the employees of those companies may not. In short, you call with a problem, and there are layers of management and bureaucracy up your chain of authority and down theirs before the hammer can be brought down on an employee of a different company that fails to do his or her job or to otherwise provide service.

When a person who takes care of your stuff works for your organization, generally there are fewer hoops to jump through to compel that employee to do his or her job, as there's both an ability to personally address that employee, and there's a greater ability to discipline an employee that fails to do one's job.

That having been the stick, there's also the carrot, the employee in one's own company that manages to play Scotty and save the day will receive more recognition from his or her fellow coworkers than the employee of a consulting firm, so the motivation to take care of the assets is also greater with the personal connection to coworkers.

Re:The Cloud will save us all!

[wbr1]

"Cloud services take all of your IT problems, give them another layer of abstraction and possible complexity, and give them to someone else who may decide not to give a crap about your (or anyone's) problems ever again." - FTFY

For what it's worth, there is some convenience in 'cloud' services. But, if I have the time and the budget it is better to roll your own. Then I can point at the IT people responsible and say fix it or else. If I hand data and servers to someone else to manage, someone who has weaseled every possible loophole into their contract and outsources support for their product to (possibly foreign) call centers that know nothing about the services and follow consistently useless scripts to try to resolve problems, I am asking for trouble.

Re:The Cloud will save us all!

[jellomizer]

Cloud services isn't a magic happy pill. But it does make things better over all.
Chances are your local IT guy needs to do a lot of stuff, not just focus on your email server, or file server. The cloud is a good place to handle specialized IT jobs, as you can can get a team of people who can manage your data 24/7 and cheaper too, because they have 10 guys managing 1000 customers.
Things are over all better... However it doesn't take you off the hook.
For one you need to make sure you get the right service for your needs, if you buy the cheapest you often get the poorest service back. If you get the most expensive they may offer too many features that you need and you are spending money on stuff you will never use. Make sure your contracts cover your needs, and still plan a backup plan, as the cloud company may not become palatable to you any more and make sure you are not stuck with them.
 

Re:The Cloud will save us all!

[Moryath]

Cloud services take all of your IT problems, and give them to someone else, period. A cloud is not inherently going to fix your problems, or make them worse, but just delegate them to someone who may or may not give a crap.

FTFY.

I don't trust Cloud services with anything, for good reasons:
- Lack of deletion confirmability.
- Lack of security (seriously, Dropbox will accept "1111" as a valid password)
- Lack of confidentiality - law enforcement says "we want to look at user32X's files", Dropbox/Google/etc will cheerfully hand them over without so much as a notification to you. Your account is hacked or your password guessed, poof your files are in the wild. One person misrepresents themselves and the file gets shared out, or some bit is flipped making your files "visible", you get no notification and your files are in the fucking wild.

Re:The Cloud will save us all!

[jader3rd]

- Lack of security (seriously, Dropbox will accept "1111" as a valid password)

Why does one company doing something wrong (in your eyes) count as discounting all possible companies trying to provide similar services?

Re:The Cloud will save us all!

[lgw]

Except that 95% uptime is better than some of the internal stuff I've dealt with at large companies, and 95% is just terrible for a cloud service provider. The probabilities are not simply chained - whatever the cloud provider does for you, you stop doing internally, or what's the point?

The only point of the cloud is that the economy of scale allows for a better service. If it doesn't, it's just a buzzword. The only way I can see local service having better uptime than a worthwhile cloud service is if the local service can have planned downtime with no negative impact at all (which is true far less than IT seems to think, but does exist, especially for personal stuff). Any worthwhile cloud service never has a planned outage, which already puts it far ahead of any internal corporate IT service I've used.

Re:The Cloud will save us all!

[HiThere]

The point was they have little inherent desire to implement decent security. This was highlighted by a specific example, but don't take the example as the argument.

Re:The Cloud will save us all!

[TangoMargarine]

After reading the article (WTF, right?), I was somewhat amused by the shock and dismay he displayed that some random person could have accessed all his files (including tax and medical records in a different account). . . . Dude, it's the Cloud.

Moron

FTFA:

* Financial records. I scan all my paychecks and store them (on SkyDrive, not Box.com - fortunately). Our tax form PDFs are all on some cloud storage service, either SkyDrive or Dropbox, as are all our receipts. These would have been in the hands of a total stranger - perfect fodder for identity theft. And if the IRS suddenly decided to audit us? We'd be at their mercy.

* Health records. We scan all our doctors bills and insurance insurance statements and store them in the cloud. So now we're talking about medical identity theft for us and our kids - a situation that's much harder to resolve than standard financial ID theft.

What an idiot.

Re:Moron

[SJHillman]

Any remotely sensitive files I keep in Dropbox, Box, or SkyDrive (I use all three) I encrypt as surely as if it were on a USB drive that I might accidentally drop somewhere. Even if it's just MS Office's built-in encryption or an encrypted zip archive, it's a hell of a lot better than nothing.

Re:Moron

[barlevg]

I love the concept of being able to access one's files anywhere. But there's no need to do it via "the cloud." All you need is a home machine that can be always on connected to a reliable internet. I realize that ISPs frown upon this sort of thing, but until Comcast tells me to stop, this is the best option to give me the functionality of the "cloud" with all the control I want over my own damn content.

Re:Moron

[OzPeter]

What an idiot.

His profile at the bottom of the page makes it doubly so:

Author Dan Tynan has been writing about Internet privacy for the last 3,247 years. He wrote a book on the topic
for O'Reilly Media (Computer Privacy Annoyances, now available for only $15.56 at Amazon -- order yours today) and edited a series of articles on Net privacy for PC World that were finalists for a National Magazine Award.

Quoting from the Amazon page for his book:

From the moment you're born, you enter the data stream-from birth certificates to medical records to what you bought on Amazon last week. As your dossier grows, so do the threats, from identity thieves to government snoops to companies who want to sell you something. Computer Privacy Annoyances shows you how to regain control of your life. You'll learn how to keep private information private, stop nosy bosses, get off that incredibly annoying mailing list, and more. Unless you know what data is available about you and how to protect it, you're a sitting duck. Computer Privacy Annoyances is your guide to a safer, saner, and more private life.

Either he doesn't follow his own advice, or his is actually *dumber* than a box of rocks.

Re:Moron

[Dogtanian]

[stuff ending with] What an idiot.

Well, yeah. Also he said

Me, I will continue to use the cloud, because really, what other choice do I have? Carry a thumb drive with me 24/7? Been there, done that.

And what *was* the problem with that exactly?

I have a Crucial Gizmo Jr. 8GB pen drive that I bought almost 5 years ago. It's about the size of a slightly short stick of chewing gum, and less than twice the thickness (around 2mm). It stays in my wallet all the time.

If I was paranoid about the data on it, I'm sure I could use some form of encryption. Minor inconvenience, sure, but when you're saying "what other choice do I have?" it's not that big a deal.

Re:Moron

What completely stuns me and removes any credibility this guy has is his claim to being some sort of "privacy advocate," yet stores his paycheque, tax and health records online.
Not just an idiot. He deserves Fucking Idiot.

I look forward to seeing his tax returns downloadable from Pirate Bay.

Re:Moron

[jythie]

There are all sorts of alternatives, but they tend to come with the problem of how much the user has to maintain. If you run a home server, you have to maintain a home server. If you rent a VM then you have to maintain the VM but not the hardware or network. If you rent cloud space, there is very little you as a user has to maintain.

Re:Moron

[barlevg]

My setup is an SSH server running off an old iMac G4 connected to some external hard drives. Aside from having to manually turn it back on after a power outage, I haven't had to do a damn thing to "maintain" it in years. The cost of the machine is a non-issue--just retire any obsolete computer (can even be a laptop--I know, I've done it). The most expensive part is the HDs, but a 1TB external HD is much cheaper than a year of 500GB storage on Dropbox.

Re:Moron

[Cramer]

Actually, you are in for a huge surprise should this ever actually happen. Google doesn't "back up" anything. Your machines "sync" the contents of the Google Drive, which means when it's deleted from Google, your machines will delete it too!

The Cloud not a fucking backup. It's simply putting your data on someone else's computers, where they can do anything they please to/with it. If you want your data secure, YOU have to secure it. If you want your data safe (read: backed up), YOU have to make copies and put them in safe places. (on media that will last as long as you value the data -- that almost always means *NOT* on a hard drive.)

Complacency

[cyberpocalypse]

Unsure why people are moved to throw their data into the hands of someone (company) that would never treat their data sacred. I don't care what argument you put forth, no one is going to care (security wise) about your data as vigilant as you would (and should). Math wise, the cloud makes no sense to me, even on the free model.

1) wait for you to download your data over the Interwebs (mobile you say... tick tock)
2) There is NO GUARANTEE someone in the company isn't looking at your data or selling it. You're simply trusting they won't

Storage is dirt cheap. 2TB drives are like what 100-200 US per pop give or take. They're compact enough to throw in a messenger bag along with a laptop. Data availability is much faster than downloading it over the wire. Throw on crypto (say Truecrypt) and you have a decent amount of security. Only concern, is your HD goes bad. In either event, another backup 2TB is 100-200. Cloud pay for play? @ 10.00 per month, its STILL the cost if not more than buying your own device.

Re:Complacency

[SJHillman]

I can sum up exactly why people do it in three words: fast, easy, convenient.

Once you start handling it yourself, all three of those are going to take a hit - and for non-technical people, it can be a pretty heavy hit.

Re:Complacency

[MightyYar]

In my neighborhood, we have these house fire things that would totally ruin your day. I pay $1600/year in home owners insurance - an extra $10/month to have all my data at some far-flung location keeps me feeling warm and fuzzy. My house could burn down and I'd have all my data back as fast as they can overnight a hard drive (or I could be cheap and download for a few weeks...).

Re:Complacency

[bdcrazy]

They're compact enough to throw in a messenger bag along with a laptop.

And when somebody takes your messenger bag, *poof* there goes your data AND your backup. Happened to my father, he was always backing stuff up. But he put his backup in his laptop bag. His truck was broken into one evening and the laptop bag was stolen. The data on the laptop was worth many multiples of the cost of the laptop. He would have been happier if they left the bag and took the truck! A fairly new truck that was worth less than the data lost.

Re:Complacency

[idontgno]

You're seeing the misleadingly-easy moral of the story. As in, "easy, but not sufficent."

What would be the moral if the story went "My dad's laptop bag was destroyed in a house fire" or "My dad's laptop bag got stolen in a mugging?" I suspect your trollbag answer would be "don't live in flammable houses" or "resist a mugging or die trying."

No, the real moral is "don't keep your primary and your backup in the same easily-{destroyed|stolen|misplaced} container".

Re:Complacency

[pnutjam]

It's not a backup unless there are 2 copies in different locations. He had a copy in his bag, not a backup.

Best practices are to have a backup and an archive copy.

Re:Complacency

[akozakie]

Exactly. In fact, I like to think about the popularity of the cloud as anything other than a low-security file sharing platform in terms of five words:

It's a matter of being Fast, Easy, Convenient, Accessible & Low-cost.

Making it F.E.C.A.L. matter.

Re:Complacency

[Asgard]

Exactly. The failure of a cloud-backup service is only an issue if it occurs concurrently with a failure of your primary storage system. The trick is to check that the backup system works periodically instead of finding out that your backups were going to the bitbucket 3 years ago.

*sigh* .. "The cloud" doesn't exist

[OzPeter]

I can't remember where I first heard this, but the quote is along the lines of:

Whenever you hear a reference to "the cloud", replace it with "someone else's computer" and see how much sense it makes

Once you start doing that it shows you how little control you have over such services and how dependent you are on other parties, especially if you consider them as a panacea to not having to keep your own backups (as the OP seems to have done)

Re:*sigh* .. "The cloud" doesn't exist

[neminem]

I prefer replacing them with "my butt". Which is what I'm doing, already, so this thread is a goldmine. It makes your post nonsense, though - I'm not sure why I would replace your butt with someone else's computer.

SubjectsInCommentsAreStupid

[lesincompetent]

He keeps his work files, financial records, health records in the cloud.
Dear sirs and madams, i refrain from even commenting on that for fear of being downmodded hard, and rightly so.

Re:SubjectsInCommentsAreStupid

[MightyYar]

All of my data is backed up via Crashplan and stored on their servers. Presumably (I'm just blindly trusting them at their word) it is encrypted by a key that they hold but which only my client has the password to. If I were the paranoid sort or had juicier data, I have the option of holding the key myself but that limits the convenience somewhat.

I'd like you to tell me why I should be worried. Remember that the IRS (with over 100,000 employees) has my tax records and my banks and brokerages have all of my other financial records. I submit that the chances of my Crashplan account getting hacked and my identity stolen or my finances stolen are far lower than one of those organizations having a massive data breech which includes my data. I also submit that my home is more likely to be burglarized and the same data carried away in a nice laptop-shaped package. I might be wrong, but I've never seen anything to suggest that there is a scourge of identity theft due to cloud storage. Educate me :)

Re:SubjectsInCommentsAreStupid

[MightyYar]

I have no idea how many people are trying to break into your home, but I would be willing to bet that the number that are trying to hack any of the large cloud services is much higher.

I bet you are wrong. Home burglary is downright common. Hacking of major websites still makes the news. In my 'hood, burglaries run in the 400 per 100,000 people range, and nationwide it is in the 800 per 100,000 people range. Meanwhile, "identity theft" (which includes even simply stealing a credit card number) runs in the 100 per 100,000 people range - though it can be as high as 150 per 100,000 people in some states. I definitely do not tuck all my computers away in a hidden closet whenever I leave the house, so me personally? I'm a lot more likely to be burgled than to have my identity stolen - which is kind of scary since someone just tried to use my credit card and so I had to cancel it... does that mean "I'm due"? :)

No matter what the odds of various thefts, they are far lower than the chance of catastrophic data loss, which is probably 100%. There are just as many house fires as there are identity thefts every year, and hard drives all fail eventually. Backups are critical if you have data you don't want to lose. Offsite storage is essential, even for an individual. Prior to affordable cloud backup, I would distribute DVDs with home videos and pictures on them to as many family members as would take them. I figured it would be a pain, but I'd be certain to have a usable copy of almost everything out there somewhere.

The two commandments of cloud usage

[Kardos]

Cloud storage can not be trusted both in terms of privacy and reliability. So follow these steps and you'll be fine:

1) Thou shalt not store unencrypted files in the cloud
2) Thou shalt have backups of files in the cloud

Does that reduce the convenience of the cloud? Yes. Because that is all that online cloud storage can offer - unreliable privacy invading storage.

Re:Why would anyone do that?

[SJHillman]

I make sure to include the local Dropbox, Box.net and Skydrive folders in my PC's nightly backups. If you're going to be backing up your computer anyway (as you should be), it's almost no extra effort to include those folders as well.

"The Cloud" is not a Backup

[AwaxSlashdot]

For the "someone nuked all my files", this is why you should backup your files (or use a Cloud service with integrated backup/history or better use both).

Remember, a proper Backup uses MULTIPLE Backups and not all from the same service provider.

PS: for the "someone saw all by financial records", you should use an encrypted Cloud service where YOU own the encryption key and where the service provider can NOT help you should you ever lose that key.

Stuff happens

[swillden]

This is rather unfortunate for him, of course, particularly if he didn't have a backup anywhere else (duh!), but I'm sure we'll get a lot of slashdotters saying "See, this is why I'll never use the cloud!", and that's silly. Now, there are other valid reasons to avoid cloud storage (e.g. privacy and security, assuming you're not encrypting the data), but reliability really isn't one of them. Thumb drives die, get lost or get damaged, hard drives fail... there is no perfectly-reliable storage medium, but I'll posit that a good cloud storage provider has a much lower failure rate than anything you can manage yourself.

The solution, as always, is backups. Any one storage medium may fail, but the odds of several of them failing simultaneously is very low. Personally, my most important files live on a RAID-6 array with a hot spare on my home file server, and on my laptop's SSD, on my workstation's HD, and on Google Drive. There is a fair amount of low-priority stuff which lives only on Google Drive. It gets automatically synced to multiple machines, but that wouldn't help if someone else got access to my account and deleted my files (of course, I use two-factor auth). It's still better than what I'd do without a cloud service, which is that I'd have those files only on my laptop.

Hmm... It occurs to me that it'd be trivial to write a small script that uses rdiff-backup to copy the contents of my Drive folder to another folder, then run that in a cron job. Then I'd have automatic, persistent synchronization to multiple devices. I think I'll do that right now :-)

Bottom line: This is a sad story, but not a reason to avoid cloud storage. It is a reason to recommend backups. Especially completely automated, effortless backups.

Re:Learned to mistrust the cloud with Steam

[The+MAZZTer]

Yeah Steam is pretty good at running even if you nuke its registry entries (or reinstall Windows) and nuke everything except Steam.exe. It'll redownload all of its missing components and regenerate its registry stuff (though you need to relogin and auth with Steam Guard).

I did have a bit of a hiccup with Steam yesterday when most of their servers seemed to go down for a bit but it was only for like 15 minutes, then they were back up. Though my TF2 hats took a bit longer to come back.

Re:svn

[DarkRat]

excuse me, are you from the past?

A Tragedy of errors indeed

[TTL0]

1) You are sharing a work account with your wife who has her own work universe. So when she is working on an article about the "ultimate cloud deletion tool" you will get dragged into her experience without knowing it.
2) you seem to (in theory) have no problem separating your work files from your professional files.
3) you let strangers (yes they are people you are working with but) access accounts that have files that you need for more than the moment. box.com should be no more than a ftp server for transferring files and you should see that the files are deleted after the other party gets them.
4) you don't seem to have any home backup system even though your livelihood seems to be dependent on the availability of that data, not to mention your personal data. dropbox should be the backup of the backup.
In short you trusted your files to a third party and they failed that trust. the lesson is....

p.s. please post a preview of your next article " my cloud provider sold my data to advertisers without my knowledge"

Truecrypt+Dropbox

[sl4shd0rk]

You should have Truecrypted. Doesn't keep people from hijacking your account but your files are of no use to them.

Pro Tip: Use a different password other than your login password for the encryption.

Re:Truecrypt+Dropbox

[kbg]

When no one has any idea who are the authors to Truecrypt and there has been no audit and no one can be sure if the binaries have not been tampered with, Truecrypt is useless and you have to assume that NSA have infiltrated the Truecrypt developers.

If I was the NSA then I would have put together a team already to create the most user friendly encryption tool available (with NSA backdoor of course) to make sure that the common people will use that tool if they want encryption.

Re:He gave away his login....

[tynanwrites]

I'm the author of the post. You are completely and utterly wrong, and clearly ignorant about how Box.com works. I invited others to share some, but not all, of my box folders. I can actually control the level of access they have to each. I didn't give them my own login and passwords, they created their own. They didn't have access to my entire Box account, only the folders I chose. I could allow them to simply view files, or to edit and upload. So nobody had my password and login but me and Box. I did not violate anyone's TOS. And if I had not identified myself as a member of the press who was writing a story about this, it is highly unlikely I would have gotten any answers from Box at all. dt

Two adages

[ichthus]

Two adages apply here.

1. Security is inversely proportional to convenience.
2. If you want something done right, you've got to do it yourself.

So, lesson learned: Be your own cloud.

Re:

[kurkosdr]

Cloud services are the spiritual succesor to the BOFH. All the power, none of the responsibility.

Noobs.

[Lumpy]

I have a malicious and friend delete proof dropbox. I simply have my linux server copy and sync the files. if they all disappear, they all reappear as the server puts them all back. The only way to delete them is to rename then with a special prefix, then the server will actually delete them.

IF you trust the cloud for security or reliability, then you are a fool. Always set up your own systems to automatically back up and manage on top of the cloud service.

Making your own "cloud" is super easy these days

[drachen]

I own a Synology NAS. It's great and includes plenty of useful features, including a dropbox/box-like application where one can sync files easily to any of their devices. No storage limit (other than the NAS and the storage of whatever devices I'm syncing to) and there's far more other things you can do besides the dropbox-like feature. Why should I pay a monthly fee to let someone else have all my important files, when I can easily host my own? It works great and I never have to worry about some provider getting hacked or changing their TOS.

Of course, one should back up their NAS (and there's plenty of easy ways to do so on the Synology), but the point is if people are concerned about their data, they should take responsibility for it.

Cue the Nelson "Ha-Ha" picture here...

Cue the Nelson "Ha-Ha" picture here...

As a CISSP with 25+ years in the IT industry, I can wholeheartedly advise that anyone who stores their mission-critical data in anyone's "cloud" without local backup copies that are positively under your control, and a "Plan B" ready to access that backup data... then that person is a complete retard (and you should pronounce that as "REE-tard" for the proper level of dramatic emphasis).

Oh, and BTW... if you think your confidential data is secure from anyone else's eye while "encrypted in the cloud", you're doubly retarded.

Re:No backup infrastructure?

[Dahan]

What is the most disturbing part of this story is it seems that box.com doesn't have any major infrastructure for backup of users data. I would have thought that it would be as simple as pressing a button "undelete" for the box.com support people to restore last available data before deletion.

Well, maybe they do. As the Fine Article says, he did get his data back. It just took them a while to figure out the chain of events that caused it to disappear in the first place.

Re:most transparent administration ever

[ArcadeMan]

Here's some real transparency for you.

*dumber* than a box of rocks

[wiredog]

Hey now! You're being very unfair to encased geological samples!

Cloud Confusion

[gpronger]

What has always struck me about "The Cloud"; is that it is mostly wonderful marketing; "The Cloud". Now if you called it remote servers folk would have been a bit tentative, and maybe a bit more mindful of the potential problems. Convenient sure, but sh** happens, and for me, I tend to like to have only myself to blame when something goes wrong with my sh**. Do I use some remote server services (I get a bit creaped-out by sticking stuff in "The Cloud"); sure. But only there, seems to me I'm playing Russian Roulette with my info.

Re:He gave away his login....

[Shrubbman]

I think you're puttin a little too much stock in one's /. UID length

Re:He gave away his login....

[Registered+Coward+v2]

What I find interesting is that you appear not to have backed up the files elsewhere. While I appreciate the convenience cloud storage offers I also make sure all my files are backed up on some other media so if the cloud goes poof at least I don't lose anything. In your example, you were fortunate it was am administrative error and not box.com simply going out of business overnight. Had that happened, you might never get your files back or even worse someone would have a HD full of you data bought at a bankruptcy auction; which as a second point makes me wonder why you would store such sensitive information as pay checks / tax forms / etc. anywhere nut media you have physical control of to ensure it's security.

On a side note, it is interesting the difference in response you get when you say "I am writing an article..." vs "I need help..."

Re:Learned to mistrust the cloud with Steam

[nitehawk214]

Bitching about it on Slashdot has resulted in more suggestions on how to fix it than filing a ticket with their support team. (though this is not surprising to me)

It also garners flames from fanbois, but I am fine with that.

Citation needed

[raymorris]

That sounds like a law you just made up.
Let's try it out:

Brad, if you have any employees, please fire one of them.

Am I going to jail for saying that?

Re:He gave away his login....

[s.petry]

I agree with your premise that the person you responded to does not know how the service works. It is possible to share files with other customers without giving away personal data. I toyed with SecuriSync and it does similar sharing but requires that the recipient has an account in order to touch "shared" data.

With that out in the open, let me explain why on /. you will receive much venom. You don't have to listen, of course, but as a writer I think you understand the value in knowing your audience.

/. is not like other sites. There are numerous experts in numerous technical fields on this site. It's a stomping ground for an experts to provide opinions in their area of expertise without a "Company Slogan" involved. It also has subjects more political in nature where those same strong opinions abound. While there are a few kids, sock puppets, shills, etc... the majority of the audience here is intelligent. They notice spelling and grammar errors, they recognize common fallacies, and look for details beyond just the articles submitted. Submitters are inspected and critiqued right down to the ads on the page the article appears in. Slashdot is a unique environment, the audience is very detail oriented.

Your "about the author" makes claims that you probably intended as humor, but comes off as being egocentric or arrogant. On a site full of Computer Scientists who have been telling people of the dangers of "The Cloud" since the time it was called "Grid", the article and self description appear to be hypocritical and contradictory. If "Dan Tynan has been writing about Internet privacy for the last 3,247" was a true statement how could they not know about the dangers of "The Cloud"? Has Dan ignored the "experts" during his three thousand years of writing and only knows the corporate spin?

An omission of data is very important to the Slashdot crowd, at least as important as what you submit. Again, I mention that the crows is very detail oriented. You may be encrypting data, but that was not mentioned in the article. If you didn't mention it, it never happened.

I think the article itself backs the claim that experts have been giving for years. "Don't trust Cloud!". That said, the article poses no question as to whether or not that statement is correct. The article does not back the expert opinion in any way. The article appears to be a well articulated rant against box.com. Warranted or not, it's bound to receive lots of venomous comments from people on Slashdot.

Re:He gave away his login....

[Nyder]

I'm the author of the post. You are completely and utterly wrong, and clearly ignorant about how Box.com works.

I invited others to share some, but not all, of my box folders. I can actually control the level of access they have to each. I didn't give them my own login and passwords, they created their own. They didn't have access to my entire Box account, only the folders I chose. I could allow them to simply view files, or to edit and upload.

So nobody had my password and login but me and Box. I did not violate anyone's TOS. And if I had not identified myself as a member of the press who was writing a story about this, it is highly unlikely I would have gotten any answers from Box at all.

dt

Dude, you are funny. You do know that storing stuff on the cloud isn't backing it up, right? That you can lose it at any time? Ya, Mr. I've written a book who's advice I don't follow.

Sure, the cloud is a convient way to access your stuff, but you can lose it at any time. Remember what happened to MegaUpload? Ya, all those legal files, poof!!!!!

So next time, don't be stupid, don't store your only copies of stuff in the cloud, keep a local backup, plus 2 "cloud" backups.

Thanks for the laugh.

just use 4 services

[cheekyboy]

Dropbox
GDrive
Amazon
SkyDrive

Pitty they are all in USA, any that are NON usa based?