Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

Here's a statement of the obvious: The opinions expressed here are those of the participants, not those of the Mutual Fund Observer. We cannot vouch for the accuracy or appropriateness of any of it, though we do encourage civility and good humor.

    Support MFO

  • Donate through PayPal

Do you put your stuff on the Cloud?

It's not very safe - IMHO!!

Inside the West’s failed fight against China’s ‘Cloud Hopper’ hackers

https://www.reuters.com/investigates/special-report/china-cyber-cloudhopper/

Comments

  • @Gary: You just did !
    Regards,
    Ted

  • You just need to know which cloud to use, or be able to roll your own cloud. No worries!
  • I do, sure
  • edited June 2019
    Never happen. You're at the complete mercy of every internet hacker out there. I keep everything on backed-up local hard drives, with frequent off-site backup via portable hard drives.

    I come from a background where we insured that our Public Safety communications network had absolutely no interconnection to the internet, so perhaps I'm a little more cautious (paranoid?) than most. We used equipment and protocols similar or identical to those used on the commercial internet, but everything was run on an isolated microwave and fiber network with NO connection to the normal internet. SF owned, operated, and maintained the entire Public Safety network, and for access to the normal internet we maintained a completely separate system.

    The main perspective was not the potential for data loss so much as the potential for service interruption. Considering normal equipment failures It's hard enough to maintain 100% uptime without worrying about intrusion by bad actors. We were responsible for radio and data communication for all SF Public Safety (police, fire, ambulance) as well as major city departments- Water, Public Works- in fact everything except our public transit Municipal Railway, which, with about 1000 buses and streetcars, needs their own specialized crews.

    Add: Using both caution and only Apple computers we have had only one hacking issue in over 25 years, when my wife accessed a winery site which was compromised, resulting in her computer being completely frozen, with a demand to communicate with some hacker out there somewhere. That computer was restarted using the internal backup hard drive, which was then used to delete and restore all files on the compromised drive. No problem.

  • What the safest website out there? Boa?!
  • did not make clear that I do not use the cloud only, have all sorts of local backups as well
  • @MFO Members: I've known all along he's cautious No ! paranoid Yes !
    Regards,
    Ted

  • Sync.Com or SpiderOak for the uber-paranoid. I think Sync.Com is easier to use (Canada-based).

    Or buy a VM space in Amazon you can control ..... or ping your local ISP and host your own 'cloud' server.
  • @Ted: Well sir, the difference is that I was paid, and well-paid at that, to be paranoid.
  • As the Rolling Stones sang, get off of my cloud, so I did.
    Derf
  • edited June 2019
    I suspect whoever thought up the term cloud to characterize the renting out of mainframe computer storage capacity, hosted by an outside party, is a marketing genius. Likely, he / she / or they are very rich by now.

    Just a few observations:

    The cloud, as generally envisioned, does not exist (except as a figment of our imagination). In reality, we’re talking about powerful computers located in far away places and operated by businesses dedicated to storing data for others for a price. The immediate advantage for you, me, businesses and governments is that this frees up storage space on our own computers and allows for a near limitless amount of data to be stored and retrieved as needed. (Think of your data hungry photo albums and music files maintained and managed by the likes of by Apple, Microsoft or Amazon.)

    Three interesting reads:

    1. What is “the cloud” and Where is it? (Excerpt) “Cloud” is a buzzword that vaguely suggests the promise and convenience of being able to access files from anywhere. But the reality is that the cloud is hardly floating like mist above our heads — it’s a physical infrastructure, its many computers housed in massive warehouses all over the world” https://gizmodo.com/what-is-the-cloud-and-where-is-it-1682276210

    2. What Is Amazon Web Services and Why Is It so Successful? (Excerpt) “AWS is a cash cow for Amazon. The services are shaking up the computing world in the same way that Amazon is changing America’s retail space. By pricing its cloud products extremely cheaply, Amazon can provide affordable and scalable services to everyone from the newest start-up to a Fortune 500 company.” https://www.investopedia.com/articles/investing/011316/what-amazon-web-services-and-why-it-so-successful.asp

    3. Are you really that worried about security? Than why do you suppose U.S. spy agencies are using Amazon’s cloud? Amazon launches new cloud storage service for U.S. spy agencies - The Washington Post https://www.washingtonpost.com/news/business/wp/2017/11/20/amazon-launches-new-cloud-storage-service-for-u-s-spy-agencies/

  • Who knows who has my or your data. Breaches OPM, State of Delaware, Home Depot, and a host of smaller ones, both government and private. At one time I was receiving four free scanning services all related to stolen data bases at the same time. So four companies wanted my personal info to store on their cloud, everything they could get their hands on whether in the stolen data or not. There is this thing about clouds that the cloud owners seem to want to only stop short of your soul (or not) and I wonder - Why?. I don't think I need to opt-into or out-of a cloud. Soon there will be no choices except which cloud.

    @Old_Joe Now tell me this. Say OPM shares my data with the dark web then hires Old_Joe to scan the dark web for any consequences. How does Old_Joe do this without obtaining my personal data and doing searches for it in the darkest recesses of the darkest of dark webs putting some sort of encrypted (or not) representation of my data out there over and over and over again. But if you don't give someone this big contract, then no one looks after your lost data. Isn't it clever how new business are born and expand to protect you from all this danger and more danger? If I wanted you to buy some more clothes from me, what better way than to steal or damage your existing clothes.

    The following is a Microsoft thing I hope you have had experience with. I just finished doing some of that host file localhost loop with a set of websites that redirected to fake downloads. I discovered Microsoft has provided no other way to block websites in Edge than to edit the host file. (or at least I couldn't find another way). Now what motivation does Microsoft have to make it hard to keep the fox away from the chicken coop (my husband being the chicken that might get eaten).


    And yes, I know, you use Apple computers. Many reasons that we use Windows computers after lifetimes of working for governments. But the question still stands no matter what the level of current attacks on current platforms.
  • Nope. Spent too many years in computer programming and networking, first as a research scientist for a national lab, then as a consultant in the nuclear power industry, then for financial institutions. I do backups to my own devices only, and keep copies offsite. That's the way I ran the operations in the businesses too.

    The cloud is fine for stuff you're not worried about being looked at.

    Bill

    PS: Good encryption could make the cloud OK. But do the encryption locally before uploading; if the host does it after or while uploading, it is too late if you really value security.
  • PPS. I also use Macintoshes for the things that matter to me. We also have four Windows PCs for gaming, etc.
  • billr said:


    PS: Good encryption could make the cloud OK. But do the encryption locally before uploading; if the host does it after or while uploading, it is too late if you really value security.

    That's how I do it. The services I mentioned use this technique as well, which is far more trustworthy. And even then, for some sensitive things, I have smaller encrypted containers INSIDE my encrypted cloud container as well.

    Windows remains one of the top technical reasons for job security in my (cybersecurity) industry......
Sign In or Register to comment.