π

You Can't Control Your Data in the Cloud

Show Sidebar

There is this well cited argument that cloud companies like Google, Apple, Amazon, Facebook, and you-name-it are able to protect your data much better than you are able to. They have military grade security restrictions, better backup methods, and are able to do this much cheaper.

While this argument is absolutely true, people seem to forget that giving away your data to any third party is the root of the problem in the first place. Not relevant to whom you are giving your data.

Let me explain.

Please note that the links provided are only a tiny, tiny selection of numberous facts on how the cloud is hurting your privacy in an enourmous amount. Additionally, please note that I am using a simplified term of "cloud" which refers to storing data or meta-data of us in the public cloud. I am specifically not referring to cloud-computing in terms of processing nodes that may be even state-less. With the exception of cloud processing services that turn bought devices into bricks after discontinuing their service. You see: it's complicated.

No matter, how secure your cloud vendor is storing your data, you are going to lose control. Same holds for the European cloud. And even on your own computer. Even your sex session is recorded in the cloud, although they claim it was a mistake. Mistakes happen.

You're losing exclusive access on the logs to your data. This is subtle but nonetheless important when it comes to sensible data.

You can't be sure how your cloud vendor is analyzing your data "for your best experience" or to avoid strong language. And of course they sell the results of this - more or less anonymized - analysis to third party companies. Same holds for user reviews.

Cloud companies consider you as their product, not their customer. They sell your data. Sometimes, they are not even interested in fixing security issues of your cloud.

alexa help me i'm hurt pic.twitter.com/r6iHh5j5VN

— Steve Hogarty (@misterbrilliant) November 4, 2016

You can't be sure of any malicious employee who is mis-using or leaking data: example, example, example, example, even Apple, and Android, and many more.

If you delete data in your cloud, nothing gets deleted. In reality, the cloud vendor disables your access permission to deleted data. Therefore, "deleted" data re-appears from time to time. Whole companies go offline when your cloud vendor wants.

You can't be sure that you get locked out of your own data: example, example, example, example, and many more. Sometimes you even get locked out of your house. Sometimes, your ISP is only threatening to turn off your heating when you are using the Internet in a way they don't like.

You can't be sure that the business model of your cloud vendor is changing so that they act differently in the future. Sometimes your cloud vendor gets bought by a bigger fish. Or he is deciding to share your private data with others without your consent. Or he is introducing "quality" of service to storage performance which drags you down in production stage. Governments are beginning to sell sensitive data for profit as well.

Even your cloud-connected vacuum cleaner is selling informations on your home to the highest bidder. Or it is providing a perfectly fine spying tool for the bad guys. Or it does open your door for bad guys.

#Google has optimized their unofficial motto «Don't be #evil» by silently removing a word.
Guess which one?#surveillance #privacy https://t.co/KnI7aNFn4V

— Karl Voit (@n0v0id) October 21, 2016

Your privacy is of no concern for cloud companies. They don't care about the security of your data at all. Cloud vendors are even willingly hurting your privacy. Or even help people killing people. Many times, your data gets public because of a simple error. Or because of a not so simple error. Another one. Even kids toys become spyware.

You don't even know what of your data is really going to be uploaded to the cloud: example, example, huge example, 31 million user large example. And if you put documents in the cloud, you can never be sure if others can access it. Even your passwords are leaking. Imagine you are disabling network access for all your software except operating system updates and anti-malware updates: the cloud is still a method for bad guys to steal your data.

You don't have any idea on how manipulated cloud data is used to do psychological experiments with you: example.

You don't have any influence on whether or not cloud services are discontinued in the future. Even big companies like Microsoft close widely used services. Game over. Lights go black. Your TV set as well. No platform as a service (Paas) any more. Home automatisation at its best. No Logitech remote any more.

Cloud-connected devices destroy the internet and become expensive junk. Don't be surprised: any cloud-dependend device is going to stop working sooner or later. Even expensive ones. And, of course, you are also losing your privacy. You music box stops working if you don't give away your personal data.

Thinking Public Cloud is “cheap” is a fallacy. I address some of the reasons why here: https://t.co/3gr5iuIG5X #cloud #CIO https://t.co/B6gdyeDhD0

— Tim Crawford (@tcrawford) July 19, 2017

You cannot possible have any idea how many bugs or false configurations are exposing your data to any third party: example, and sadly too many other of incidents.

There are secret laws for secret agencies which force cloud vendors to secretly give away your information.

There is no anonymity. You can be identified by the way you are doing videos, your hardware, your software configuration, your mouse movements, your geographical position, and so forth.

International cloud vendors ignore local legislation that tries to protect your personal data.

You can't be sure that even cloud vendors are losing data: fun link, example and many more.

What To Do About It?

There is no "undo" here. Once your data is out, your role in this game is over. Outsourcing security has it's price whose currency is not Euros or Dollars but loss of privacy, control, and to its final degree: security.

Reclaim you digital life. Follow my postings on this blog and on Twitter - I am trying my best to stay independent and to own my own data.

You've got something to hide - even when you are not aware of it. And that's nothing that anybody is allowed to hold against you.

Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say. Edward Snowden

So in case someone tells you that he is pretty witty to let a cloud vendor host his data "because it's more secure", you can reply to this argument that the NSA has also a one of the biggest military grade cloud full of data scraped from your personal (cloud) data. Not against terrorism. Not at all: The leaked NSA selectors are not reflecting any focus on terror-related data.

"Hosting" your very private data there is nothing you're going to enjoy. As any cloud vendor, they now more about you than you might think of: your porn profile, you health history including all of your past, present and future diseases, what you're thinking about politics, products, people, or anything else, you whole set of social contacts, your wife and your secret girlfriend as well, and so on, and so on. Still don't care whether or not data like this gets exposed, archived, or leaked without your control?


Related articles that link to this one:

Comment via email or via Disqus comments below: