Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Cloud: Convenient Until a Stranger Nukes Your Files

Posted by ryuzaki0 on from the just-use-openafs dept.

jfruh writes "Thanks to a plethora of cloud storage accounts, Dan Tynan thought his days of carrying a thumb drive around with him and worrying about email stripping out his attachments were over. But that was before he discovered that his Box.com account and all the files in it had vanished without a trace. With tech support coming up empty, Tynan had to put on his journalist hat to track down the bizarre sequence of events that ended with his account handed over to another user, who didn't ask for it and didn't even know who Tynan was."

13 of 262 comments (clear)

  1. The Cloud will save us all! by Sarten-X · · Score: 5, Insightful

    Cloud services take all of your IT problems, and give them to someone else, period. A cloud is not inherently going to fix your problems, or make them worse, but just delegate them to someone who may or may not be able to handle them better.

    --
    You do not have a moral or legal right to do absolutely anything you want.
    1. Re:The Cloud will save us all! by TWX · · Score: 4, Informative

      Another issue with handing problems to consultants or third-parties, even if those companies have an interest in taking care of your problems, the employees of those companies may not. In short, you call with a problem, and there are layers of management and bureaucracy up your chain of authority and down theirs before the hammer can be brought down on an employee of a different company that fails to do his or her job or to otherwise provide service.

      When a person who takes care of your stuff works for your organization, generally there are fewer hoops to jump through to compel that employee to do his or her job, as there's both an ability to personally address that employee, and there's a greater ability to discipline an employee that fails to do one's job.

      That having been the stick, there's also the carrot, the employee in one's own company that manages to play Scotty and save the day will receive more recognition from his or her fellow coworkers than the employee of a consulting firm, so the motivation to take care of the assets is also greater with the personal connection to coworkers.

      --
      Do not look into laser with remaining eye.
  2. Moron by Anonymous Coward · · Score: 5, Insightful

    FTFA:

    * Financial records. I scan all my paychecks and store them (on SkyDrive, not Box.com - fortunately). Our tax form PDFs are all on some cloud storage service, either SkyDrive or Dropbox, as are all our receipts. These would have been in the hands of a total stranger - perfect fodder for identity theft. And if the IRS suddenly decided to audit us? We'd be at their mercy.

    * Health records. We scan all our doctors bills and insurance insurance statements and store them in the cloud. So now we're talking about medical identity theft for us and our kids - a situation that's much harder to resolve than standard financial ID theft.

    What an idiot.

    1. Re:Moron by OzPeter · · Score: 5, Interesting

      What an idiot.

      His profile at the bottom of the page makes it doubly so:

      Author Dan Tynan has been writing about Internet privacy for the last 3,247 years. He wrote a book on the topic
      for O'Reilly Media (Computer Privacy Annoyances, now available for only $15.56 at Amazon -- order yours today) and edited a series of articles on Net privacy for PC World that were finalists for a National Magazine Award.

      Quoting from the Amazon page for his book:

      From the moment you're born, you enter the data stream-from birth certificates to medical records to what you bought on Amazon last week. As your dossier grows, so do the threats, from identity thieves to government snoops to companies who want to sell you something. Computer Privacy Annoyances shows you how to regain control of your life. You'll learn how to keep private information private, stop nosy bosses, get off that incredibly annoying mailing list, and more. Unless you know what data is available about you and how to protect it, you're a sitting duck. Computer Privacy Annoyances is your guide to a safer, saner, and more private life.

      Either he doesn't follow his own advice, or his is actually *dumber* than a box of rocks.

      --
      I am Slashdot. Are you Slashdot as well?
  3. Complacency by cyberpocalypse · · Score: 5, Interesting

    Unsure why people are moved to throw their data into the hands of someone (company) that would never treat their data sacred. I don't care what argument you put forth, no one is going to care (security wise) about your data as vigilant as you would (and should). Math wise, the cloud makes no sense to me, even on the free model.

    1) wait for you to download your data over the Interwebs (mobile you say... tick tock)
    2) There is NO GUARANTEE someone in the company isn't looking at your data or selling it. You're simply trusting they won't

    Storage is dirt cheap. 2TB drives are like what 100-200 US per pop give or take. They're compact enough to throw in a messenger bag along with a laptop. Data availability is much faster than downloading it over the wire. Throw on crypto (say Truecrypt) and you have a decent amount of security. Only concern, is your HD goes bad. In either event, another backup 2TB is 100-200. Cloud pay for play? @ 10.00 per month, its STILL the cost if not more than buying your own device.

    1. Re:Complacency by SJHillman · · Score: 4, Insightful

      I can sum up exactly why people do it in three words: fast, easy, convenient.

      Once you start handling it yourself, all three of those are going to take a hit - and for non-technical people, it can be a pretty heavy hit.

    2. Re:Complacency by akozakie · · Score: 5, Funny

      Exactly. In fact, I like to think about the popularity of the cloud as anything other than a low-security file sharing platform in terms of five words:

      It's a matter of being Fast, Easy, Convenient, Accessible & Low-cost.

      Making it F.E.C.A.L. matter.

  4. *sigh* .. "The cloud" doesn't exist by OzPeter · · Score: 5, Insightful

    I can't remember where I first heard this, but the quote is along the lines of:

    Whenever you hear a reference to "the cloud", replace it with "someone else's computer" and see how much sense it makes

    Once you start doing that it shows you how little control you have over such services and how dependent you are on other parties, especially if you consider them as a panacea to not having to keep your own backups (as the OP seems to have done)

    --
    I am Slashdot. Are you Slashdot as well?
  5. The two commandments of cloud usage by Kardos · · Score: 5, Insightful

    Cloud storage can not be trusted both in terms of privacy and reliability. So follow these steps and you'll be fine:

    1) Thou shalt not store unencrypted files in the cloud
    2) Thou shalt have backups of files in the cloud

    Does that reduce the convenience of the cloud? Yes. Because that is all that online cloud storage can offer - unreliable privacy invading storage.

  6. "The Cloud" is not a Backup by AwaxSlashdot · · Score: 4, Insightful

    For the "someone nuked all my files", this is why you should backup your files (or use a Cloud service with integrated backup/history or better use both).

    Remember, a proper Backup uses MULTIPLE Backups and not all from the same service provider.

    PS: for the "someone saw all by financial records", you should use an encrypted Cloud service where YOU own the encryption key and where the service provider can NOT help you should you ever lose that key.

    --
    Sig (appended to the end of comments you post, 120 chars)
  7. Stuff happens by swillden · · Score: 4, Interesting

    This is rather unfortunate for him, of course, particularly if he didn't have a backup anywhere else (duh!), but I'm sure we'll get a lot of slashdotters saying "See, this is why I'll never use the cloud!", and that's silly. Now, there are other valid reasons to avoid cloud storage (e.g. privacy and security, assuming you're not encrypting the data), but reliability really isn't one of them. Thumb drives die, get lost or get damaged, hard drives fail... there is no perfectly-reliable storage medium, but I'll posit that a good cloud storage provider has a much lower failure rate than anything you can manage yourself.

    The solution, as always, is backups. Any one storage medium may fail, but the odds of several of them failing simultaneously is very low. Personally, my most important files live on a RAID-6 array with a hot spare on my home file server, and on my laptop's SSD, on my workstation's HD, and on Google Drive. There is a fair amount of low-priority stuff which lives only on Google Drive. It gets automatically synced to multiple machines, but that wouldn't help if someone else got access to my account and deleted my files (of course, I use two-factor auth). It's still better than what I'd do without a cloud service, which is that I'd have those files only on my laptop.

    Hmm... It occurs to me that it'd be trivial to write a small script that uses rdiff-backup to copy the contents of my Drive folder to another folder, then run that in a cron job. Then I'd have automatic, persistent synchronization to multiple devices. I think I'll do that right now :-)

    Bottom line: This is a sad story, but not a reason to avoid cloud storage. It is a reason to recommend backups. Especially completely automated, effortless backups.

    --
    Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  8. Re:He gave away his login.... by tynanwrites · · Score: 5, Informative

    I'm the author of the post. You are completely and utterly wrong, and clearly ignorant about how Box.com works. I invited others to share some, but not all, of my box folders. I can actually control the level of access they have to each. I didn't give them my own login and passwords, they created their own. They didn't have access to my entire Box account, only the folders I chose. I could allow them to simply view files, or to edit and upload. So nobody had my password and login but me and Box. I did not violate anyone's TOS. And if I had not identified myself as a member of the press who was writing a story about this, it is highly unlikely I would have gotten any answers from Box at all. dt

  9. Re:He gave away his login.... by Registered+Coward+v2 · · Score: 5, Insightful

    What I find interesting is that you appear not to have backed up the files elsewhere. While I appreciate the convenience cloud storage offers I also make sure all my files are backed up on some other media so if the cloud goes poof at least I don't lose anything. In your example, you were fortunate it was am administrative error and not box.com simply going out of business overnight. Had that happened, you might never get your files back or even worse someone would have a HD full of you data bought at a bankruptcy auction; which as a second point makes me wonder why you would store such sensitive information as pay checks / tax forms / etc. anywhere nut media you have physical control of to ensure it's security.

    On a side note, it is interesting the difference in response you get when you say "I am writing an article..." vs "I need help..."

    --
    I'm a consultant - I convert gibberish into cash-flow.