Lifehacker, one of my favorite blogs of all time, had a great article earlier this week on the “hidden” dangers of cloud computing. I’ve been digesting it for a few days and thought I’d add perspective from a web host.
To me, the current frenzy over cloud computing reminds me a bit of the story of Icarus, whose haste in gaining flight pushed him to create wings of wax only to die after they melted mid flight.
Gina Trapani, a fantastic writer, was primarily talking about Cloud services as opposed to Cloud hosting, however there are parallels between the two concepts.
Gina’s article mentions privacy as a primary concern for cloud users. She quotes an Op-Ed by Jonathan Zittrain in the New York Times:
Thanks in part to the Patriot Act, the federal government has been able to demand some details of your online activities from service providers – and not to tell you about it. There have been thousands of such requests lodged since the law was passed, and the F.B.I.’s own audits have shown that there can be plenty of overreach – perhaps wholly inadvertent – in requests like these.
On the cloud service she’s right, however on the hosting side, things are a bit more complicated. Title II of the DMCA gives Online Service Providers (Including ISP’s and Web Hosts) a ‘safe harbor’ clause essentially protecting the host from having to monitor everything that is on a particular server.
Basically, a VPS server is treated like an apartment building. If the police are investigating a murder, the superintendent will neither give them the entire building to search, nor will he search for the murder weapon himself. With a warrant, the superintendent can allow the police to search a particular apartment, but he himself is not held liable for the murder that occurred on his property nor is he responsible for finding any relevant evidence.
The same idea applies to a hosting company and, say, a VPS. If the police have the proper court documents, we can give them ALL the information on a particular VPS, but we cannot and will not look inside the VPS and hunt a file for them, and we also cannot and will not give them every VPS on a server.
This is, of course, an enormous distinction to make, Gena writes:
To search your house or office (including documents stored on your computer’s hard drive), cops need to obtain a search warrant. To get to the information you’ve stored on a third-party’s web servers, they only need a subpoena, which is easier to obtain. This kind of search can also happen without your knowledge.
It is true that with an appropriate court order, authorities can gain access to a server without the user’s knownledge, they cannot however gain access without OUR knowledge. ServInt’s policy has always been that we will tell a customer everything that we can under the law.
On the cloud, there are still some serious concerns about the viability of the platform, in fact they are the same reasons why ServInt hasn’t yet implemented its own cloud solution.
Latency is still a huge problem, lack of command-line access continues to be an issue, and good luck to those who need to make changes to Apache…it might be easier to disarm an atomic bomb. All of these are compounded by the very real security and privacy concerns in current cloud implementations, especially cloud services. That doesn’t discount the technology, nor does it imply that cloud services are bad per se, they are just fledgling.
The goal of a technology company should be to create a product that provides a solution so great, that what it lacks seems wholly irrelevant. As cloud solutions continue to represent the future of the industry, providers and customers alike must heed Icarus and be careful not to fly too close to the sun.