flat assembler
Message board for the users of flat assembler.

flat assembler > Heap > Cloud computing. Who is in control?

Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8, 9  Next
Author
Thread Post new topic Reply to topic
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16699
Location: In your JS exploiting you and your system
Yeah, if it is free then no one can really complain. And that is all the more reason not to start relying on it too much. If it is free then Google (or MS, Yahoo, mom-and-pop-email, whoever) may decide at any time to cease to offer it.
Post 02 Sep 2009, 19:07
View user's profile Send private message Visit poster's website Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2468
Location: Bucharest, Romania
Well, the US power grid doesn't store information, unless you're storing it on a volatile ramdisk which goes poof once power goes down (and you don't have UPS or batteries or anything) Laughing
Post 02 Sep 2009, 19:11
View user's profile Send private message Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1160
It powers stuff that stores information.. and even stuff that directly sustains human lives.. >_>

Sure it's possible to set up a generator.. in the same way that it's possible to run your own mail server if Gmail goes down. Not a good solution though.



If there are lots of alternatives, or if the service never goes down, no problem. But when there is only one provider of something, and that provider is unreliable, there is a problem!
Post 02 Sep 2009, 20:20
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1160
Post 03 Sep 2009, 12:00
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
Madis731



Joined: 25 Sep 2003
Posts: 2145
Location: Estonia
Hmm indeed. I don't know if I understand it correctly, but seems like when you want to find a keyword "mail" in "I have your e-mail stored on my HDD", then it is easy to do it on encrypted string as well. Its just the "mail" must be encrypted the same way.

A simple example (encryption is just CHAR+1):

strstr ("nbjm", "J!ibwf!zpvs!f.nbjm!tupsfe!po!nz!IEE")
Of course it gets a little more interesting so its a "Hmm" indeed Very Happy
Post 03 Sep 2009, 12:27
View user's profile Send private message Visit poster's website Yahoo Messenger MSN Messenger Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2468
Location: Bucharest, Romania
Azu wrote:
It powers stuff that stores information..
yeah but like I said, unless you store it on volatile memory, you can read it when you get power back on.

If Google goes down, all I have to do is get a new mail address. If my power company goes down, I can move somewhere else, and my data will still be readable.

But if you had important stuff on Google, tough luck.

Yes I can also make mistakes and/or damage my data, but it's my responsibility and I feel MUCH better that way than someone else's responsibility (e.g: Google) to do with MY data.

_________________
Previously known as The_Grey_Beast
Post 03 Sep 2009, 16:27
View user's profile Send private message Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1160
Borsuc wrote:
Azu wrote:
It powers stuff that stores information..
yeah but like I said, unless you store it on volatile memory, you can read it when you get power back on.

If Google goes down, all I have to do is get a new mail address. If my power company goes down, I can move somewhere else, and my data will still be readable.

But if you had important stuff on Google, tough luck.

Yes I can also make mistakes and/or damage my data, but it's my responsibility and I feel MUCH better that way than someone else's responsibility (e.g: Google) to do with MY data.
Why have all your eggs in one basket though?
Post 03 Sep 2009, 16:31
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2468
Location: Bucharest, Romania
Because breaking the basket isn't the only problem. Taking a peek into it is also.
Post 03 Sep 2009, 16:35
View user's profile Send private message Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1160
If that's a problem you should encrypt your data. In situations where Google could be subpoenaed for your data, stuff in your own house is going to be just as vulnerable.
Post 03 Sep 2009, 16:41
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2468
Location: Bucharest, Romania
Except that no one bothers to target a guy that goes with the nickname Borsuc on FASM board, unless they know me personally or have something with me personally.

_________________
Previously known as The_Grey_Beast
Post 03 Sep 2009, 16:43
View user's profile Send private message Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1160
Better safe than sorry.
Post 03 Sep 2009, 16:46
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16699
Location: In your JS exploiting you and your system
I just found this nice article:
... When a computer is within your network, you can protect it with other security systems such as firewalls and IDSs. You can build a resilient system that works even if those vendors you have to trust may not be as trustworthy as you like. With any outsourcing model, whether it be cloud computing or something else, you can't. You have to trust your outsourcer completely. You not only have to trust the outsourcer's security, but its reliability, its availability, and its business continuity.

You don't want your critical data to be on some cloud computer that abruptly disappears because its owner goes bankrupt . You don't want the company you're using to be sold to your direct competitor. You don't want the company to cut corners, without warning, because times are tight. ...
Post 04 Sep 2009, 11:32
View user's profile Send private message Visit poster's website Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1160
I just found this nice sentence:
Azu wrote:
If that's a problem you should encrypt your data.
Post 04 Sep 2009, 11:34
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8330
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
i was thinking about a computer model, where, we don't need to store anything at all, everything is stored inside that super computer, we are all 24x7 high speed connected to it, and we just need a terminal.

of course, not too long in future, we all would be high speed connected with all devices & data & all kinds of interface.

hmm, i was thinking about legalizing computer warfare.
Post 04 Sep 2009, 11:56
View user's profile Send private message Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1160
How can you have computer warfare when it's impossible for them to break whatever rules they have in place?

It's not like real life where if there is a law that says "don't do X" you can do it anyways. Computers are only physically capable of doing whatever they are programmed to do. So unless it is programmed to accept certain commands from outside sources, there is no way any other computer can touch it. They are as perfect as we make them. All you have to do to make a computer 100% immune to all attacks from other computers is program it to disregard communications from other computers. They can't break the rules put in place in them.
Post 04 Sep 2009, 12:10
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16699
Location: In your JS exploiting you and your system
Azu wrote:
Computers are only physically capable of doing whatever they are programmed to do.
Yes, as long as they are 100% reliable.
Azu wrote:
So unless it is programmed to accept certain commands from outside sources, there is no way any other computer can touch it. They are as perfect as we make them
Unless you include virus writers as part of "we"
Azu wrote:
All you have to do to make a computer 100% immune to all attacks from other computers is program it to disregard communications from other computers. They can't break the rules put in place in them.
Gee, is that all we have to do, it is all so simple! If we really could do that then we wouldn't need AVs. In Utopia maybe, meanwhile back in the real world ...
Post 04 Sep 2009, 12:17
View user's profile Send private message Visit poster's website Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1160
revolution wrote:
Azu wrote:
Computers are only physically capable of doing whatever they are programmed to do.
Yes, as long as they are 100% reliable.
Obviously if the hardware is made wrong it will run wrong. But "computer warfare" refers to software/internet, I think. Smashing computers with a sledgehammer to break them would be called "vandalism" or somesuch.

revolution wrote:

Azu wrote:
So unless it is programmed to accept certain commands from outside sources, there is no way any other computer can touch it. They are as perfect as we make them
Unless you include virus writers as part of "we"
No. Just tell the computer what viral code is and not to run it. If you let it know what viruses are, and not to run them, it can't run them.

revolution wrote:
Azu wrote:
All you have to do to make a computer 100% immune to all attacks from other computers is program it to disregard communications from other computers. They can't break the rules put in place in them.
Gee, is that all we have to do, it is all so simple! If we really could do that then we wouldn't need AVs. In Utopia maybe, meanwhile back in the real world ...
In the real world, that is the easiest way to make a computer completely invulnerable to attack from other computers.

If you want certain interaction with other computers, allow it as the exception, rather then allowing all interaction by default and making exceptions for "bad" things.


As long as you don't leave any legal loopholes it will be perfectly secure no matter what. E.G. don't let other computers modify its instructions (buffer overflows are a common loophole that allow this). It can't break the laws in place for it, but those laws could be changed if allow it.
Post 04 Sep 2009, 12:24
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16699
Location: In your JS exploiting you and your system
Let's hope none of you were affected by the Sidekick failure:
Sidekick users have been without some of their services for days, and have just been told by the company, T-Mobile, that for some users their data may be lost forever due to a server error at Microsoft subsidiary, Danger.

T-Mobile has published an apology to affected users for what is turning out to be one of the most spectacular failures in cloud computing. The massive data loss also suggests entrusting personal data to the cloud may not be as safe as users have been led to believe. ...
Just don't trust it folks. It is a broken model. Only you care about your data, companies only care about $'s.
Post 12 Oct 2009, 11:36
View user's profile Send private message Visit poster's website Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1160
revolution wrote:
Let's hope none of you were affected by the Sidekick failure:
Sidekick users have been without some of their services for days, and have just been told by the company, T-Mobile, that for some users their data may be lost forever due to a server error at Microsoft subsidiary, Danger.

T-Mobile has published an apology to affected users for what is turning out to be one of the most spectacular failures in cloud computing. The massive data loss also suggests entrusting personal data to the cloud may not be as safe as users have been led to believe. ...
Just don't trust it folks. It is a broken model. Only you care about your data, companies only care about $'s.
Microsoft should ensure their code works right before releasing it. This is a failure of their QA team, not of cloud computing.

_________________
Post 12 Oct 2009, 18:02
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2468
Location: Bucharest, Romania
Azu wrote:
In the real world, that is the easiest way to make a computer completely invulnerable to attack from other computers.
That can't be done with the cloud Razz

Wonder what you'll come up with next time instead of blaming Microsoft or whoever runs the cloud. Heads up: people like that manage your data, it's people like M$ (or others who "make mistakes") that you entrust your data to.

There's no "perfect cloud" because we would have "perfect desktops" much sooner.

There are too many levels of exploitation, even a old-skool infiltration is possible if the cloud is very big. On the other hand, while my security at home is much weaker probably, terrorists or crackers won't target it.

_________________
Previously known as The_Grey_Beast
Post 12 Oct 2009, 18:21
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8, 9  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2019, Tomasz Grysztar.

Powered by rwasa.