

PRISM kills the cloud - washedup
http://blogs.computerworld.com/cloud-storage/22305/why-prism-kills-cloud

======
hga
" _In order for these services to become the main foundation of the Post-PC
future, users are utterly justified in demanding binding commitments to
security from service providers._ "

Which, due to the total secrecy of the government's process (e.g. National
Security Letters), they cannot provide.

We could, of course, watch ever word we put on the cloud, including the
supposed private stuff, but I'd rather not do that for a large class of things
(submissions to forums like this are an obvious exception, I am after all
submitting it for the whole world to see as it wishes).

The cloud can still be useful for encrypted backup, that's what I do with
rsync.net to avoid loss by disaster, and it saved e.g. my email when the
Joplin, Mo tornado hit 2 years ago. But put my spreadsheets on the cloud? The
one tracking the blood test results of a relative's anemia (fortunately, it
looks like it was a "hit and run" virus). No, I think not.

~~~
derekp7
Just out of curiosity, what is it about your relative's blood test that you
don't want the NSA to know about? Especially since the results are already on
a network at the hospital (or testing lab), and the NSA can get it directly
from there anyway via an NSL.

I've often wondered about why medical records are such a sensitive topic to
most people. The only things I can think of is either the insurance company
will find out and raise your rates (they find out anyway, as they pay your
bills), or the condition one suffers is due to something they did that was
embarrassing (or similar).

~~~
msbarnett
> Just out of curiosity, what is it about your relative's blood test that you
> don't want the NSA to know about?

This is the wrong question. The _right_ question is, "what is it about your
relative's blood test that you don't want the NSA, or anybody else in the
government, or any contractor or lobbyist the government is persuaded to share
this data with, now or at any point in the future, essentially in perpetuity,
to know about?"

And the answer is, of course, "I don't know".

I don't know if Obamacare will die an ugly death and insurance companies will
successfully lobby for absolutely anything establishing genetic prior
conditions.

I don't know if, in 50 years, the government will decide to, say, demonize
Jews and go hunting for Ashkenazi DNA indicators in their databases and go
after the families they can find with them.

I don't know if a genetic predisposition to homosexuality, haemophaelia, a
positive test for AIDs or herpes or ginger hair will one day be used against
me or my descendants by some future mob.

And that's why privacy is important.

~~~
iacvlvs
I agree with the point you are making. In the spirit of agreement, I would
suggest that the right question is "what is it about your relative's blood
test that you specifically want to bring to the attention of the NSA,
government, contractors, and lobbyists."

Privacy should be the default state and expectation, and disclosure should be
by exception when necessary, for exactly the reasons outlined in your post.
The argument that privacy only matters if you have something to hide conceals
a number of assumptions, and misses the fact that one doesn't know what one
might one day wish one had hidden.

------
venomsnake
It does not kills the cloud. It just makes some of the flaws that were obvious
to the tech people since day one known to the wider audience.

~~~
kryten
The wider audience being the people who make the purchasing decisions...

I work in the financial sector in Europe and this HAS pretty much killed the
cloud simply due to the uncertainty. People are in meetings _right now_
working out how to move all their stuff off AWS etc rapidly before the people
who pay the bills land it on the doorstep.

In fact it's killed datacenters that are US subsidiaries such as Rackspace as
well. I had a conversation with a guy at Rackspace this morning and they
actually recommended going to a local company over themselves.

The shit has literally hit the fan this time.

~~~
jk4930
>People are in meetings right now working out how to move all their stuff

I'm wondering why they didn't consider this scenario in the first place. That
lets me question their expertise very much. Aren't they professionally
paranoid enough? Then why do they run critical infrastructure?

~~~
kryten
They were informed. After all it's our job to inform them of the facts and let
them make a decision, usually based on a tradeoff of risk perception (note not
real risk rating) and cost.

Now risk is perceived to be higher, cost is a little more flexible.

Businesses don't necessarily operate in the best interests of their clients.
The shareholders come first, then the clients and anything which takes from
the bottom line is going to end up a risk tradeoff.

I post anonymously as I'm risk averse and don't necessarily agree with how
businesses operate in this respect.

------
michaelwww
Eric Schmidt's quote

“If you have something that you don’t want anyone to know maybe you shouldn’t
be doing it in the first place”

becomes

“If you have something that you don’t want anyone to know maybe you shouldn’t
put in on the cloud in the first place”

~~~
thret
If you don't want it known, don't use the phone.

~~~
michaelwww
Any two-bit street hustler knows that, which is why billions of dollars on
wholesale phone monitoring is such a waste.

~~~
hfx
You'd be surprised at the level of intimate details discussed by street
hustlers on prepaid mobile phones. I'm not sure if prepaid throwaway ipv6
addresses would be viable, but it may not hurt to start thinking in this
direction.

~~~
michaelwww
When I get an bright idea that will make me a lot of money and bring me fame,
I'm sure I'll figure out a way to keep it secret when I communicate it to a
few trusted advisors.

------
Lerc
I always figured the better solution would be to have a cloud-in-your-pocket.
You can carry your own data with you and sync backups to a site you personally
control.

Phones certainly have the capability to do the job of a personal server (of
course you may not want it to be an actual phone considering the latest
snooping news). A mechanism to use any nearby desktop or laptop as a client
would enable most of what you need without any requirement for an untrusted
remote storage provider.

~~~
vog
Another (or complementing) implementation of that idea is the FreedomBox:

[https://en.wikipedia.org/wiki/FreedomBox](https://en.wikipedia.org/wiki/FreedomBox)

~~~
Lerc
Certainly complimenting. By definition communication requires more than one
person accessing information.

I know what I'd like to see in this area, but I don't have a good idea how to
implement it. FreedomBox might be heading towards that implementation.

The idea I'm kicking around in my head for comms is something where I'd want a
distributed data store (possibly just a file system) with access controls to
enable requests such as "UserA acting on behalf of UserB would like to read
data at /path/to/data". Where UserA might be twitter and UserB might be
StephenFry. UserB can control what UserA can see and manipulate. UserA can do
things that UserB cannot (such as acting on behalf of UserC)

------
incongruity
My (pessimistic) prediction is that _nothing_ will change because of this, at
least not in the US.

In the consumer space, there's little that this awareness will do to
illustrate the risk to those who didn't see it before. It's only when _abuse_
of a program like PRISM comes to light in a _big_ way will the average
consumer demand change or change their habits.

In the corporate space, most already are very wary of putting trade secrets or
confidential data into cloud services and those who aren't won't be any more
so, I would argue, until they see real impact from improper use/disclosure.

Outside of the US? I would hope there'd be more outrage and want for non-US
options, but, in truth, most other governments want to be doing the same
thing, I'd bet, so just where is the safe harbor is a question many will be
asking, I'd bet.

------
arunabha
_It is unlikely too many people want their privacy curtailed in exchange for
convenience_

You'd be surprised just how many people do exactly that, and I don't mean the
average citizen either. I wonder how many of us in HN have turned on Google
Now ?

------
KevinMS
This is a convoluted buzzword mess.

He's talking about the consumer buzzword 'cloud', as in iCloud, eCloud, store
your pics in the "cloud", not the IT buzzword "cloud computing", with things
like virtualization, EC2, AWS, S3. Thanks for that, marketing assholes.

But I want to know. Whats the difference now, in light of all the spying,
between storing your stuff encrypted on S3, or using EC2, and colocating
hardware somewhere? Are we worried about back doors into the virtual machines
and S3 buckets, or are they just going to watch the traffic in and out, just
like they can do anyway if you colocated, or even put all the crap in your
basement?

~~~
dredmorbius
No, he's not.

I'm in the business / IT end of things, as well as the consumer side.

Businesses. And non-profits (many with services/clients in ... less than
democratic regions, not even counting the United States). And governments. All
care about integrity, access, and, more than anything else: security.

With colocated hardware, you've got control over the physical devices, there's
no intermediating virtualization layer (unless you've installed it yourself),
and you can control aspects such as data and disk encryption (though in truth:
this is fraught even on hardware you _do_ own, and is also possible in many
hosted environments). You also control the physical wiring and cabling within
your cabinet, cage, and/or datacenter.

Most importantly: you controls _where_ your data are. When I use a colo, my
data live on specific pieces of hardware in specific locations I've
specifically designated. And if it's seized, you'll likely know about it (you
may not be happy, but you'll know). When you host in the cloud, access becomes
... distributed.

Both have their security issues, but the envelope is _much_ larger in the
cloud.

~~~
KevinMS
Yes he is. He's an apple blogger. He doesn't know virtualization from his own
ass.

I once interviewed with a company that was letting users store data 'in the
cloud'. They were promoting the the job as something to do with 'cloud
computing'. I asked if they used AWS. He replied they had a few colocated
servers.

I'm asking, from a spy point of view, if there's a difference between a
virtualized server and a physical one, if in fact all they are doing is
watching network traffic.

------
smrtinsert
On the other hand, external hd business is now booming.

------
ethanazir
We should resurrect this 2009 Stallman prophecy.
[https://news.ycombinator.com/item?id=318440](https://news.ycombinator.com/item?id=318440)

------
clicks
I often jokingly tell a specific friend that I'll murder him (he says the same
to me)... it wouldn't be clear if you read the e-mail correspondences that
we're joking. It _would_ be clear if you saw us in real life joking,
laughing... but you don't have that context, you don't know the history of my
relationship with him, we're both practitioners of an absurdist brand of
humour (think adultswim's Tim&Eric humour). Compound all of this with the fact
that I'm brown (Asian descendant) and that a running brand of jokes is about
terrorism ('yeah so we have AQ training camps in our basement') -- and, I'm
sure we're setting off a good amount of triggers.

Here is what is unnerving to me: considering the high-capacity storage
capabilities of these three-letter agencies, it's highly likely that a lot of
our data has already _been_ copied... it's little use disabling our fb/goog
accounts, it's little use deleting everything en masse now.

Anyway, my takeaway from all of this is that 1) I have to stop making these
jokes, even in private conversations, and 2) communicate more clearly in my
e-mails, so that if it's being read by someone with no context, it does not
invoke any suspicions to wrongdoing of any sort. I am extremely annoyed that I
have to start doing this, but I will.

~~~
tokenizer
The first step has been taken:
[http://thinkprogress.org/justice/2013/06/07/2120141/why-
the-...](http://thinkprogress.org/justice/2013/06/07/2120141/why-the-nsas-
secret-online-surveillance-should-scare-you/)

Quote: "A citizenry that’s constantly on guard for secret, unaccountable
surveillance is one that’s constantly being remade along the lines the state
would prefer. Foucault illustrated this point by reference to a hypothetical
prison called the Panopticon. Designed by utilitarian philosopher Jeremy
Bentham, the Panopticon is a prison where all cells can be seen from a central
tower shielded such that the guards can see out but the prisoners can’t see
in. The prisoners in the Panopticon could thus never know whether they were
being surveilled, meaning that they have to, if they want to avoid running the
risk of severe punishment, assume that they were being watched at all times.
Thus, the Panopticon functioned as an effective tool of social control even
when it wasn’t being staffed by a single guard."

~~~
jebblue
>> The prisoners in the Panopticon could thus never know whether they were
being surveilled, meaning that they have to, if they want to avoid running the
risk of severe punishment, assume that they were being watched at all times.

That's what it feels like to me working in open cube areas.

------
nano111
if another hit to the US economy is what it takes to make things change ...

------
donniezazen
I am thinking about closing my Crashplan and several of cloud accounts. Am I
overreacting? What about Lastpass? Lastpass now seems too risky.

~~~
Freaky
The crypto on your online backup and password syncing services should be both
strong and entirely client-side. All they should be able to provide to an
attacker is useless cyphertext. If not, you probably shouldn't have been using
said services in the first place.

------
max0563
This is why you use open source software.

------
ttrreeww
US based password/identity management is now dead.

~~~
ixnu
Hold on, they never give direct access to the passwords.

~~~
ttrreeww
We would not know, they can not even acknowledge the gag order legally. This
is the beginning of the end for US based technology companies.

~~~
ixnu
Forgot <sarcasm> tag.

I agree that this double speak from US cloud tech companies and the government
is putting US cloud vendors into peril. But seriously, the US cloud might be
like the dollar. It's not perfect, but it is a known refuge.

There is at least some amount of oversight, however weak, if you have US
customers - I would assume that all foreign rivals are actual targets.

Who said it's better to be an American ashamed of our foreign policy than to
be a victim of it?

~~~
ttrreeww
I would be salivating at this if I run China. A chance to replicate the entire
knowledge economy, the same way that was done to US manufacturing.

~~~
hga
Hello? Everything here goes N times over for the PRC.

Anyone here feel their government is more trustworthy than the US's???

~~~
marcosdumay
I can't stop the local government from looking at my data if it wants to. I
can stop the US government from looking at it. Wich is more trustworth isn't a
relevant question.

~~~
dragonwriter
> I can't stop the local government from looking at my data if it wants to. I
> can stop the US government from looking at it.

I doubt that.

US government intelligence gathering _within_ the US is being reported on
right now and controversial _because_ their are strong expectations and at
least some legal restrictions that suggest that such surveillance is
_exceptional_.

But if you think keeping your data overseas means that the _foreign
intelligence_ gathering apparatus of the US government _isn 't_ going to get
at it, then you may have failed to think things through clearly.

------
rmason
A classic over reaction by a member of the press. However it may lead to
certain SLA revisions. If the NSA comes calling I will notify you before
giving them access. Or people choosing to host outside the USA.

~~~
joshAg
if you have an sla like that, the service provider has to choose between
violating the SLA by not telling the customer, or violating the warrant/court
order which compels them to not inform you.

