Cloud based future Part 1 – Trust no one

The Internet Cloud

What lies in the future of data management? Will all of our information eventually be handled by someone else? Email, essays, work related documents; will we lose control over our important data? Is this good or bad?

My answer is that ideally it is good, but of course nothing can reach an ideal state. With a good system based on security with regards to privacy, it would be very good, but this is still quite far away.

Most people have already lost control over their emails, and most of us have accepted this fact. I use mostly Google Mail for emailing, and I do feel a lot of concern over privacy and security issues regarding personal information which I sometimes carelessly put in my emails, but I always try to keep in mind that there is a possibility that everything I write can be viewed by anyone with access to Internet. Sure, Google provide TSL encrypted connections, but can I completely trust Google. Google is not my family nor even my friend, even if they try to make me think that. I believe that we should not completely trust anyone with our most personal information, and definitely not strangers.

I completely agree with the slogan from X-Files – “Trust no one”. These words, or rather policy should be a fundamental idea for all personal information on Internet. This is absolutely not the case of today’s Internet. In some places the policy is being followed to a certain extent, but in the majority of web sites and especially in more advanced web applications there’s not much regard to the “Trust no one”-policy.

Overall the web model is fundamentally flawed. For instance, JavaScript is in itself horribly broken and beyond repair according to John Graham-Cumming, programmer and co-founder of Electric Cloud, which he wrote in his blog post “JavaScript must die” earlier this year. Viruses can be downloaded and installed very easily to your computer through JavaScript by just visiting a web site, starting the harvest of your personal information and sending it away to various places all over the Internet where it can be sold to any paying customer. This should of course be unacceptable. Even SSL and TSL, which has been a haven of security and privacy, has recently been found to be flawed and open for exploitation, this will however probably be fixed soon, by the normally very thorough engineers behind this protocol.

When Internet is growing larger and getting more entwined with our daily life, we have to start getting more concerned about privacy and security issues. Internet is a place where everything can be accessed and reached by anyone, anywhere on Earth. Therefore, it is more crucial than ever to be concerned about these issues. Trust no one!

JavaScript must die – http://www.jgc.org/blog/2009/09/javascript-must-die.html
A Security Vulnerability in SSL – http://www.grc.com/sn/sn-223.htm, http://www.twit.tv/sn223