Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase 12»»

Cloud Hacking Expand / Collapse
Author
Message
Posted Wednesday, February 02, 2011 9:39 PM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: Administrators
Last Login: Today @ 4:29 PM
Points: 32,819, Visits: 14,965
Comments posted to this topic are about the item Cloud Hacking






Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help
Post #1057800
Posted Thursday, February 03, 2011 6:29 AM


Old Hand

Old HandOld HandOld HandOld HandOld HandOld HandOld HandOld Hand

Group: General Forum Members
Last Login: Monday, May 07, 2012 9:23 AM
Points: 304, Visits: 716
What you are pointing out today, is the axiom that has gotten lost in technology over these last decades, and that is "Just because we can do something, should we do something..."

Just because we can engineer the cloud and make it sound like a great advantage, should we do it? As we are learning, its not such a great idea, and as usual, no one thinks it through - instead, Microsoft and others push the marketing, take your money, and then (and only then) learn why it's not such a great idea.

Imagine how many people today are "hooked" on cell phones and couldn't live without them. In one year (2008-2009) 6,000 Americans lost their lives in traffic deaths involving cell phone use. (Source: NTSB) How many people could YOU see today talking on cell phones while driving? Probably hundreds if you stayed on the road long enough. And consider that it took us eight years to lose 6,000 American lives in a war - and yet in ONE year, this technology killed the same number at home here in the US and you don't see anyone thinking about that and putting away the cell phone while driving.

What has gotten lost is simple: Common Sense. We have bartered that away for "intelligence". Absolutely brilliant people who can invent anything and sell it - without ever thinking about the practical ramifications.

Frankly, I don't blame the criminals and hackers. Granted that their common sense is a bit askew - still, we give them the 'playground' to do their dirty work because WE never think things through and instead, push them out the door to make the almighty buck.

In the end, we get exactly what we deserve for our failure to ask the simple question: "Why?" Sure, we are brilliant and can invent and engineer almost anything, but without asking "Why should we..." we are simply dooming ourselves to exactly what we inevitably get.


There's no such thing as dumb questions, only poorly thought-out answers...
Post #1058035
Posted Thursday, February 03, 2011 7:37 AM
Valued Member

Valued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued Member

Group: General Forum Members
Last Login: Thursday, July 28, 2011 8:03 AM
Points: 70, Visits: 316
Very timely, from my point of view, because I was just discussing with my brother the relationship between technology and unsavory activity.

The first thing we have to remember is that people have been exploiting technology for good and ill since the dawn of man. It doesn't matter whether the stone hammer was first conceived as a tool or a weapon, it was undoubtedly used as both.

The second thing we have to remember is that avoiding a technology because of the potential for misuse also means not being able to exploit that technology for good and useful things. Yes, several thousand deaths per year can be traced to the misuse of cell phones. I wonder, though, how may saved lives can be traced to cell phones, surely not zero! What this tells me is that we have to learn how to manage the use of technologies for greater net benefit.

To the cloud: I'm sure that we can all think of examples where cloud computing and/or storage would be beneficial. Likewise, anybody with a sense of history of even just computers can think of ways to use those same things for nefarious activities.

In my mind, the existence of risk is not a sufficient reason to avoid a technology or activity. We need to have a tolerance for non-zero risk if only because there is no such thing as zero risk. Having identified what risk we can tolerate, we then need to quantify the risk. If that risk is higher than what we can tolerate, then we need to take steps to reduce the risk. In the vast majority of cases, exposure reduction (limited or no involvement) is just one of several ways to reduce the risk. Exposure reduction is also rarely the best way to reduce the risk because it also reduces the potential for gain.

EDIT: I would like to add that we often think of risk only in terms of adopting a technology or engaging in some activity. We also need to consider the risk of not adopting that technology or engaging in that activity. For example, it's obvious that every form of exercise increases the risk of injury compared to not exercising. Except that being fit reduces the risk of injurious falls and the risk of heart attack, etc.
Post #1058078
Posted Thursday, February 03, 2011 7:54 AM


SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Yesterday @ 8:35 AM
Points: 127, Visits: 1,262
Now, let's see Microsoft add THIS one to their cloud ad campaign....

--Andrew
Post #1058094
Posted Thursday, February 03, 2011 8:50 AM
Old Hand

Old HandOld HandOld HandOld HandOld HandOld HandOld HandOld Hand

Group: General Forum Members
Last Login: Thursday, April 17, 2014 12:04 PM
Points: 311, Visits: 1,080
I think companies will use cloud computing to off load the security liability. If the data is lost/stolen they can then put the blame on the cloud computing supplier and save themselves from lawsuits.

The same goes for outsourcing IT.

Just my 2 cents worth.

Rudy



Post #1058146
Posted Thursday, February 03, 2011 9:22 AM


Ten Centuries

Ten CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen Centuries

Group: General Forum Members
Last Login: Thursday, March 06, 2014 1:05 PM
Points: 1,334, Visits: 3,068
blandry (2/3/2011)
What you are pointing out today, is the axiom that has gotten lost in technology over these last decades, and that is "Just because we can do something, should we do something..."



I have also heard this put another way as well is "Just because we can change something, should we change something..."


My response to that is that in most cases, "Yes, we should, because the path of technology is moving so fast nowadays, it will demand it sooner than you might think anyway..So always be thinking in that direction..." I recently had a senior level IT manager say in a departmental meeting "I don't like changes..." Well, of course I didn't say this but I smiled and thought "Dude, if you don't like change, then you are in the wrong industry... Maybe you need to seriously think about going and selling flowers for a living.."


"Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ..."
Post #1058180
Posted Thursday, February 03, 2011 2:24 PM
Old Hand

Old HandOld HandOld HandOld HandOld HandOld HandOld HandOld Hand

Group: General Forum Members
Last Login: Today @ 2:59 PM
Points: 357, Visits: 1,931
Rudy Panigas (2/3/2011)
I think companies will use cloud computing to off load the security liability. If the data is lost/stolen they can then put the blame on the cloud computing supplier and save themselves from lawsuits.

The same goes for outsourcing IT.

Just my 2 cents worth.

Rudy


If the company that loses my data blames the cloud provider, I'm still suing my vendor for being negligent in their choice of provider.

I personally can't see a real use for the cloud for most corporate data that needs any real security. The cloud will be great for outsourcing the data storage and access for things like MSDS databases and other data that isn't proprietary and needs to be accessible to the public.
Post #1058390
Posted Thursday, February 03, 2011 3:51 PM
SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Friday, October 05, 2012 3:30 AM
Points: 138, Visits: 351
@Ron Porter: reading the article my thoughts ran exactly as your post (thank you for saving me the time to write it up myself ;))

@blandry: Please look a bit further than the length of your nose (a Dutch saying, but you probably get the gist of it), as Ron said EVERY idea ever conceived has been used for both good and evil (I believe you can even find ideas conceived for personal gain at the cost of others, then later put to good use by others. I just don't happen to have an example ready out of the top of my head). It doesn't even restrict to humans, opportunism is a universal mechanism of life.
Post #1058439
Posted Friday, February 04, 2011 7:14 AM


Ten Centuries

Ten CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen Centuries

Group: General Forum Members
Last Login: Thursday, March 06, 2014 1:05 PM
Points: 1,334, Visits: 3,068
Ross McMicken (2/3/2011)
Rudy Panigas (2/3/2011)
I think companies will use cloud computing to off load the security liability. If the data is lost/stolen they can then put the blame on the cloud computing supplier and save themselves from lawsuits.

The same goes for outsourcing IT.

Just my 2 cents worth.

Rudy


If the company that loses my data blames the cloud provider, I'm still suing my vendor for being negligent in their choice of provider.

I personally can't see a real use for the cloud for most corporate data that needs any real security. The cloud will be great for outsourcing the data storage and access for things like MSDS databases and other data that isn't proprietary and needs to be accessible to the public.



That is a good point Ross, and I never really thought about the lawsuit side of this. It could very well open the flood gates because we have become such a litiginous society anyway.


"Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ..."
Post #1058726
Posted Tuesday, February 15, 2011 4:19 PM


SSC-Insane

SSC-InsaneSSC-InsaneSSC-InsaneSSC-InsaneSSC-InsaneSSC-InsaneSSC-InsaneSSC-InsaneSSC-InsaneSSC-InsaneSSC-Insane

Group: General Forum Members
Last Login: Today @ 5:28 PM
Points: 20,483, Visits: 14,136
Security is the biggest concern I would have with the cloud and putting my databases there.



Jason AKA CirqueDeSQLeil
I have given a name to my pain...
MCM SQL Server


SQL RNNR

Posting Performance Based Questions - Gail Shaw
Posting Data Etiquette - Jeff Moden
Hidden RBAR - Jeff Moden
VLFs and the Tran Log - Kimberly Tripp
Post #1064624
« Prev Topic | Next Topic »

Add to briefcase 12»»

Permissions Expand / Collapse