Stallman's new enemy: the cloud

D. Hugh Redelmeier hugh-pmF8o41NoarQT0dZR+AlfA at public.gmane.org
Wed Oct 1 14:42:00 UTC 2008


OK, there's enough traffic that I'll bite.

| From: Evan Leibovitch <evan-ieNeDk6JonTYtjvyW6yDsg at public.gmane.org>


| I just don't get this one.

He's right on at least the purely theoretical level.

There are only a few things that you can do with a cloud and still be
sure that you haven't leaked information to the provider.

If you don't mind leaking information, you are on a different
wavelength from me.

If you think that you can prevent leaking information, please tell me
how.

| Richard Stallman, recently interviewed, said this about cloud computing:
| 
| "It's stupidity. It's worse than stupidity: it's a marketing hype
| campaign"

He explains why he thinks it is stupid for a customer to use these
services.  This doesn't mean that it is stupid for the provider to
offer them :-).  The quote does not exactly make clear what Stallman
was refering to as "it".

Cloud computing surely is marketing hype at the moment.  I didn't use 
the word "just" and neither did the quotation.

| [...]
| "One reason you should not use web applications to do your computing
| is that you lose control," he said. "It's just as bad as using a
| proprietary program. Do your own computing on your own computer with
| your copy of a freedom-respecting program. If you use a proprietary
| program or somebody else's web server, you're defenceless. You're
| putty in the hands of whoever developed that software."

In security, and in theory in general, one often simplifies situations
to binary: either you are secure or you are not.

With cloud computing, you do give up various forms of control.  When
you give up some control, that might be leveraged (in a worst case) to
giving up a lot of control.

| Now, I am working with a startup that's creating an online BI service
| so have an obvious bias. But this sounds even more ludicrous than
| usual, and is starting to sound like RMS is simply stuck in one
| computing paradigm and refuses to accept others.
| 
| There are ways of ensuring, through interoperability and encryption,
| that one can work with online services that support openness and won't
| abuse your data. Discounting the whole cloud concept is starting to
| make Stallman sound like he's defending not only software freedom but
| also a single -- almost nostalgic -- way to deliver said openness.
| 
| http://www.guardian.co.uk/technology/2008/sep/29/cloud.computing.richard.stallman

Please explain how, from a privacy standpoint, you can get around the
fact that the cloud has my data?

If the answer is "by encrypting it before it gets to the cloud", the the 
cloud can then only be a remote shared disk drive -- it cannot usefully 
process the data.  Not a very interesting or rich paradigm.  And even 
then, traffic analysis could yield significant information about you. 
(Traffic analysis can be way more effective than one would guess.)

Many cloud initiatives present distinct APIs (for lack of a better
term).  Once you buy into an API, you are likely stuck with that
provider.  A good partial counter-example is ordinary web servers:
there are a bunch of platforms, many of which are provided by several
entities.  So switching web service providers is do-able (but often
not as easy as you would hope).

Lock-in gives a lot of leverage to a provider.  Isn't that the source
of Microsoft's power?

Surely, Evan, you know all this.  And have known for decades.  So you
must be thinking along different lines.  Instead of asking a question,
and apparently expecting a certain answer, perhaps you could explain
what you are thinking.

--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list